mcp -elasticsearch-ai

This MCP server turns an Elasticsearch cluster into an AI-powered observability assistant. It provides specialized APM analysis tools for waterfall trace analysis, root cause analysis, and business event correlation, along with comprehensive search, metrics, and cluster information utilities. Core capabilities include analyzeTracePerformance to reconstruct and analyze APM waterfalls with automatic error and metric correlations, findErrorPatterns for temporal error pattern detection and RCA, and correlateBusinessEvents to rebuild end-to-end user journeys across logs, metrics, and business events. In addition to APM tools, you can perform wide-ranging searches across indices, inspect cluster health and stats, and manage indices and mappings. The collection of tools enables proactive troubleshooting, performance optimization, and business impact analysis by combining deep technical insights with cross-index correlation.

Prerequisites:

• Node.js and npm (or ensure npx is available)
• Network access to install packages from npm

Installation steps:

1. Ensure you have Node.js and npm installed:

   • macOS/Linux: curl -fsSL https://deb.nodesource.com/setup_current.x | bash - sudo apt-get install -y nodejs
   • Windows: install Node.js from https://nodejs.org/

2. Install and run the MCP server via npx (no global install needed):

   • npx -y byviz-mcp-server-elasticsearch-ai

3. Verify the server starts and outputs the expected MCP endpoints and tool list. If you prefer to install a local version, clone the repository and run:

   • npm install
   • npm start

4. Optional: run via Docker or Python/uvx if you have a container or alternative runtime environment available (see documentation for environment-specific commands).

Note: The above commands assume the MCP server package name is byviz-mcp-server-elasticsearch-ai on npm. If you publish or use a different package name, replace the package name accordingly.

Tips and considerations:

• The server exposes a curated set of APM and monitoring tools designed for Elasticsearch-based observability workflows. Use analyzeTracePerformance to understand trace waterfalls and bottlenecks, findErrorPatterns for RCA-style insights, and correlateBusinessEvents to map user journeys across logs, metrics, and events.
• When using search and indexing tools, leverage the common parameters (q, size, from, sort, _source) and temporal parameters (time_range, time_window) to tailor results to your timeframe.
• Ensure your Elasticsearch cluster has sufficient permissions and indices accessible for APM data, logs, and metrics to enable accurate cross-index correlation.
• If running in a restricted network, you may need to configure proxy settings or adjust npm/yarn registries accordingly.
• If you encounter performance or API compatibility issues, check that your Elasticsearch version aligns with the MCP server’s supported range and verify that required indices (APM, logs, metrics) exist and are properly populated.