Sumo Logic MCP for AI. Run complex log searches and manage infrastructure via natural language.
Gemini Works with every AI agent you already use
…and any MCP-compatible client
How this MCP server connects to your AI agent
Sumo Logic connects your AI agent directly to your log and metrics infrastructure. It lets you run complex searches, monitor collector health, and manage data sources—all through natural conversation.
You stop jumping between dashboards; your agent does the work.
What AI agents can do with Sumo Logic Automation
Create hosted collector
Creates a new, cloud-managed collector instance for data ingestion.
Create search job
Starts an asynchronous job to run a deep log search query that needs time to process.
Create source
Adds a new data source (log stream) into an existing collector.
Starts a deep search job and tracks its status, allowing you to retrieve large volumes of historical logs.
Runs real-time time-series queries against system metrics to check performance and health indicators.
List, create, update, or delete the core collectors that ingest data into your platform.
List and manage specific data streams (Sources) within a collector to ensure proper log flow and visibility.
View, create, or delete user accounts to control who can access the platform's logs and metrics.
Ask an AI about this
Waiting for input…
What AI agents can do with Sumo Logic: 19 Tools for Observability
These tools allow your AI agent to perform every core function of log management, from running complex searches to managing the entire infrastructure pipeline.
Make your AI actually useful.
Add this MCP to Claude, Cursor, or Windsurf and your AI stops guessing. It gets real tools to look things up, take action, and handle the stuff you keep doing by hand.
Start using Sumo Logic on VinkiusCreate Hosted Collector
Creates a new, cloud-managed collector instance for data ingestion.
Create Search Job
Starts an asynchronous job to run a deep log search query that needs time to process.
Create Source
Adds a new data source (log stream) into an existing collector.
Create User
Creates a new user account within the Sumo Logic organization for access control.
Delete Collector
Removes an entire data collector instance from your environment.
Delete Search Job
Cancels a running search job to free up concurrent processing slots.
Delete Source
Removes a data source from a collector, stopping its log flow.
Delete User
Deactivates or removes a user account from the organization.
Execute Metrics Query
Runs a query to retrieve time-series data for monitoring system performance and...
Get Collector
Retrieves specific details about one collector using its ID.
Get Search Job Messages
Fetches the raw, individual log messages from a search job once it's finished.
Get Search Job Records
Retrieves aggregated records (metrics/summary) after a completed search job runs.
Get Search Job Status
Checks the current status of an asynchronous log search job to see if it's running or finished.
Get Source
Retrieves specific details about a single data source within a collector.
List Collectors
Lists all installed and hosted collectors currently running in your account.
List Sources
Provides a list of all available data sources within a specific collector.
List Users
Lists every user account currently registered in the organization.
Update Collector
Modifies settings for an existing data collector instance.
Update Source
Changes configuration details for a specific data source.
Security and governance baked right in.
Pick your AI client below to get set up. Just create a Vinkius account, subscribe, and you're instantly up and running. We handle the entire backend infrastructure, delivering out-of-the-box support for HTTPS Streamable, SSE, and OAuth2—zero messy routing required.
Claude AI
Open Claude Settings
Go to claude.ai, click your profile icon, then navigate to Customize → Connectors.
Add Custom Connector
Click the "+" button and select Add custom connector. Paste your Vinkius endpoint URL:
https://edge.vinkius.com/[YOUR_TOKEN_HERE]/mcp
Replace [YOUR_TOKEN_HERE] with your token
from cloud.vinkius.com. For OAuth-protected servers, expand
Advanced settings to add credentials.
Start a conversation
Open a new chat. The Sumo Logic integration is available immediately — no restart needed.
Choose How to Get Started
Build a custom MCP for your own tools, or connect a ready-made integration from our catalog.
Build Your Own
Turn any API into an MCP. Import a spec, define Agent Skills, or deploy with MCPFusion.
- Import from OpenAPI, Swagger, or YAML specs
- Create Agent Skills with progressive disclosure
- Deploy to edge with MCPFusion framework
- Built in DLP, auth, and compliance on every call
- Real time usage dashboard and cost metering
- Publish to catalog or keep private
Make Your AI Do More
Start with Sumo Logic, then connect any of our 5,100+ other servers whenever your AI needs more. One click, no limits.
- Use this MCP plus 5,100+ others, all in one place
- Add new capabilities to your AI anytime you want
- Every connection is secured and compliant automatically
- Track usage and costs across all your servers
- Works with Claude, ChatGPT, Cursor, and more
- New servers added to the catalog every week
Independent Platform Disclaimer: Vinkius is an independent platform and is not affiliated with, endorsed by, sponsored by, verified by, or otherwise authorized by Sumo Logic. All third-party trademarks, logos, and brand names are the property of their respective owners. Their use on this website is strictly for informational purposes to identify service compatibility and interoperability.
VINKIUS INFRASTRUCTURE
Cloud Hosted
Managed infra
V8 Isolated
Sandboxed per request
Zero-Trust Proxy
No stored credentials
DLP Enforced
Policy on every call
GDPR Compliant
EU data residency
Token Compression
~60% cost reduction
Built on the Model Context Protocol (MCP) for Claude, ChatGPT, Cursor, and more
The Model Context Protocol standardizes how applications expose capabilities to LLMs. Instead of operating in isolation, your AI gains direct access to external platforms, live data, and real-world actions through secure, standardized connections.
This connection provides 19 powerful capabilities that interface natively with Claude, ChatGPT, Cursor, and other compatible AI platforms. No middleware. No custom integration required.
Finding an error log shouldn't take five different browser tabs., Solved with Vinkius AI Gateway
Right now, finding a single production bug means logging into the metrics dashboard to check load, then clicking over to the centralized logs UI. You search for time ranges, filter by service ID, and if you need aggregated stats on failure rates? You have to run a separate query just for that. It's constant context switching.
With this MCP server, your agent handles the whole chain. You ask: 'Show me all services showing high latency AND log any related errors.' The AI calls `execute_metrics_query`, then immediately runs `create_search_job` against the results, giving you a single, actionable summary right in the chat.
Sumo Logic MCP Server: Run infrastructure changes with tools.
Previously, adding a new data stream or modifying user permissions was always a multi-step process. You had to navigate the web UI, find the correct resource type (Source, Collector, User), and manually execute the change. It's slow and prone to human error.
Now you just tell your agent what needs fixing. The server runs `create_source` or `update_collector`, handling the API calls in the background. You get confirmation of the change—no more manual clicks, just direct action.
What your AI can actually do with this
Your AI agent connects straight to your Sumo Logic data stack. You're done jumping between dashboards and running command-line scripts; you just talk to your agent, and it handles all the heavy lifting—the log analysis, the performance checks, and even managing the infrastructure itself. It’s like having a dedicated Site Reliability Engineer sitting right next to you.
Managing Data Collectors
You can keep tabs on every data pipeline running in your account. If you need to see what collectors are up and humming, use list_collectors. Need details on one specific collector? Run get_collector with its ID. You'll want to adjust a setup? Use update_collector. And if that whole data stream is garbage and needs to be cut out, you can delete the entire instance using delete_collector.
For building new pipes, you start by running create_hosted_collector, which spins up a cloud-managed collector ready for immediate data ingestion.
Controlling Data Sources (Sources)
The sources are what actually flow into your platform. You can see all the currently active data streams in one go using list_sources. If you need to check out the specific setup of a single source, use get_source. To get that data flowing from somewhere new, run create_source and add it to an existing collector.
Want to tweak how a source is configured? Use update_source to change its settings. And if a data stream is causing trouble or you just need to cut it loose, you can use delete_source, which stops the log flow immediately.
Running Searches and Queries
When you need information, this server gives your agent serious power. If you're looking for a deep dive—say, all 'connection timeout' errors from last week—you don't want to wait forever in the chat window. You start an asynchronous job with create_search_job. This tool kicks off a massive log search that runs in the background.
You can then check on its progress using get_search_job_status; it tells you if the job is still running or if it's finished up. Once it's done, you get two ways to pull the data: use get_search_job_messages to grab every single raw log entry, or run get_search_job_records for an aggregated summary of what happened.
If the search job is going sideways and you gotta stop it, just use delete_search_job. For checking system health—the kind of real-time performance data that's time-series stuff—you run a query using execute_metrics_query right in your conversation. It pulls current metrics without you leaving the chat window.
Managing Users and Access Control
Security’s key, so here’s how you manage who can access the logs and metrics. To see every account registered on the platform, run list_users. If you need to set up a new teammate, use create_user to make their account. Need to turn someone off or remove an old profile? You've got delete_user for that.
These tools let your agent manage permissions right down to the user level.
The Bottom Line
This whole setup turns your AI client into a full-stack log engineer. It lets you execute complex searches, monitor collectors, control data sources, and handle users—all without ever touching an API script or switching tabs.
019ea609-6ab8-716d-aeef-6c735b9fa7da 
Here's how it actually works
The bottom line is: your AI client acts as an intermediary that translates natural language requests into structured API tool calls for log analysis and infrastructure management.
Subscribe to this server and provide your Sumo Logic Access ID, Access Key, and API URL.
Your AI client uses these credentials to communicate with the log platform's APIs.
You ask a question (e.g., 'Show me all 500 errors from last night'), and the agent calls the necessary tools, returns data, or reports status.
Who is this actually for?
This is for the Ops Engineer who's tired of clicking through five different dashboards to find a single root cause. It's for the Security Analyst who needs immediate, deep-dive queries without writing complex SPL (Sumo Query Language). If your job involves monitoring infrastructure health or tracking down obscure errors in massive log streams, you need this.
Uses list_collectors and update_collector to monitor the data ingestion pipeline, ensuring all sources are healthy. Runs execute_metrics_query to check system load in real-time.
Runs deep searches using create_search_job for production errors or specific application failures. Uses get_source to verify which logs are feeding a critical service.
Performs targeted log queries (create_search_job) to investigate potential access breaches and manages user permissions using tools like list_users.
What Changes When You Connect
Eliminate context switching. Instead of jumping between the metrics dashboard, log search UI, and collector management page, your AI client handles it all in one chat session. Need to check a metric and find the logs that caused it? Just ask.
Deep dive into history without writing complex queries. You can use create_search_job to run massive searches spanning weeks of data, then rely on get_search_job_records to get clean, aggregated results instantly.
Maintain your pipeline from the chat window. Need to add a new log stream? Use list_sources first, and if it's missing, tell your agent to run create_source—all without logging into the web UI.
Real-time operational visibility. Check system performance metrics on the fly using execute_metrics_query. This lets you catch resource spikes immediately when troubleshooting an incident, instead of waiting for a separate monitoring tool update.
Full lifecycle control. Managing infrastructure used to mean multiple API calls or clicking through menus. Now you can list (list_collectors), modify (update_collector), and clean up (delete_collector) entire components via simple commands.
See it in action
Investigating a Production Outage
The service went down. You don't know where to look. Your agent runs list_collectors first, confirming all data pipelines are up. Next, it uses create_search_job to search for 'FATAL ERROR' logs from the last hour. Finally, you use get_source on a specific collector to narrow down which application stream failed.
Auditing User Access
Security needs to know who has access. Instead of navigating user roles and permissions, you ask the agent to run list_users. If an old contractor account remains active, you use delete_user right from your chat client.
Scaling Data Ingestion
A new service is deployed that needs logging. You tell the agent it's coming online. It uses list_sources to check existing collectors, then runs create_hosted_collector and create_source, ensuring the data flow starts correctly without manual setup.
Checking System Health Before Deployment
Before pushing a new build, you need to know if the system can handle the load. Your agent uses execute_metrics_query to check CPU usage and latency over the last 24 hours. If the metrics look stable, you greenlight the deployment.
The honest tradeoffs
Assuming search jobs run instantly
You ask for logs from a month ago and immediately try to use get_search_job_records. You get an error because the job is still processing.
Always remember that deep searches are asynchronous. After running create_search_job, you must poll the status using get_search_job_status until it returns 'COMPLETED' before calling get_search_job_records.
Manually updating every source config
You notice 20 sources need a retention policy change. Clicking through the web UI for each one is a nightmare.
Use list_sources to get all current sources, and then instruct your agent to run update_source on that list in bulk, saving hours of clicks.
Using general tools for specific needs
Trying to use a generic 'data query' tool when you actually need historical logs. This will fail or give incomplete data.
If the goal is log analysis, always start with create_search_job. If the goal is monitoring health over time, use execute_metrics_query.
When It Fits, When It Doesn't
Use this server if your job requires coordinating multiple data actions: running a search and then checking system metrics, or modifying an infrastructure component and then validating its status. It's essential when the workflow involves both CRUD operations (like create_user or delete_collector) AND complex querying (get_search_job_records).
Don't use this if you only need to view a single, static dashboard chart—a native monitoring tool is faster. Also, don't rely on it for process changes; the tools are available, but establishing clear playbooks (e.g., 'always run update_collector before running a job') still belongs to your team documentation. If you only need to view raw data and nothing else, there might be simpler alternatives that skip the infrastructure management tools.
Questions you might have
How do I check if my search job is finished using get_search_job_status? +
Run get_search_job_status and pass the ID from your initial search. The response will tell you if the status is 'RUNNING', 'FAILED', or 'COMPLETED'. You need to wait until it says 'COMPLETED' before retrieving results.
Can I list all my collectors using list_collectors? +
Yes, list_collectors returns a list of every installed and hosted collector by ID. This is the first step if you need to know which data pipelines are active in your account.
What's the difference between get_search_job_messages and get_search_job_records? +
They give different outputs: get_search_job_messages gives you the raw, individual log lines. get_search_job_records provides aggregated data or summary records from that search job.
Do I need to use create_source before running a query? +
No, but if your logs are missing, you first need to check list_sources and then use create_source if the data stream isn't set up. Queries only work on existing sources.
What credentials do I need when running a job with `create_search_job`? +
You must provide your Sumo Logic Access ID, Access Key, and API URL. These inputs authenticate your agent against the service. Ensure these keys are current and haven't been revoked by your admin team.
If I don't need a search job anymore, should I use `delete_search_job`? +
Yes, you absolutely should call delete_search_job. This action frees up the concurrent slot assigned to that job. Running this keeps your organization from hitting unnecessary rate limits.
How do I manage user access and roles using the `list_users` tool? +
The list_users tool lets you see every account currently configured in your organization. To add or change permissions, you'll use a separate command to create or update accounts.
What if I need to make a minor setting adjustment on an existing collector? Should I use `update_collector`? +
Yes, that’s exactly what update_collector does. You pass the specific Collector ID and the new parameters you want to change. This modifies settings without forcing you to delete and re-add the whole resource.
How do I start a new log search and get the results? +
First, use create_search_job to start the search. Then, poll get_search_job_status until it's complete. Finally, use get_search_job_messages or get_search_job_records to retrieve the data.
Can I see all my configured data collectors? +
Yes, use the list_collectors tool to retrieve a list of all Installed and Hosted Collectors in your account, including their IDs and status.
How do I monitor system performance metrics? +
You can use the execute_metrics_query tool to run specific metrics queries and get real-time data on your infrastructure's health.
We've already built the connector for Sumo Logic. Just plug in your AI agents and start using Vinkius.
No hosting. No infrastructure. No complex setup.
All 19 tools are live and waiting.
You're up and running in seconds.
Gemini Vinkius gives your AI agents access to the full catalog of app connectors, all fully managed, secure, and enterprise-ready. One subscription, every tool you need.
Built, hosted, and secured by Vinkius. You just connect and go.