Skip to content

FAQ

The MCP Server drives the rest of Log10x from a chat session. Install it into Claude Desktop, Claude Code, or Cursor; ask cost questions, generate per-app Helm values, and apply filter caps without leaving the conversation.

Overview

Do I need MCP to use Log10x

No. Every 10x app (Dev, Reporter, Reducer, Retriever) has standalone install/deploy docs you can follow manually. MCP just makes adoption faster by knowing your environment and generating tailored configs.

If you prefer a manual workflow, skip MCP entirely and follow each app's Deploy page.

Why start with MCP instead of Dev

Historically you'd start with Dev (download CLI, run on sample logs) to preview savings before deploying anything. That still works. But with MCP installed:

  1. You ask your AI assistant "preview what 10x would do to my logs", and MCP fetches + runs Dev automatically
  2. You don't install a separate CLI; the MCP subprocess handles that
  3. The output comes back as structured answers to questions, not raw terminal output

So Dev is still the underlying tool, MCP is the faster entry point.

What it does

How does MCP know about my cluster

When you ask MCP to discover your environment, it reads your kubeconfig (read-only, same credentials as kubectl get) to identify:

  • Forwarder DaemonSets (Fluent Bit, Fluentd, Datadog Agent, OTel Collector, etc.)
  • Node counts and pod topology
  • Existing logging destinations (Splunk HEC endpoints, Elasticsearch clusters, CloudWatch log groups)

It then proposes a deployment plan tailored to your stack. See Tools for the per-tool reference.

Does MCP apply changes to my infrastructure

No. MCP is an advisor, not an actor:

  • k8s discovery is read-only (kubectl get equivalents only)
  • Generated configs are files, not applied changes. MCP writes my-reporter.yaml; you review and helm install.
  • Filter/compact suggestions are diff-reviewable. MCP proposes mute file entries; you commit.
  • Dependency checks call the log analyzer's API in-process when creds are in the env (read-only — never POST/PUT/DELETE), and fall back to paste-ready bash when they aren't.

You stay the operator. MCP never writes to your cluster, your git repo, or your log analyzer.

What is @apps/mcp and when do I run it

@apps/mcp is an internal runtime the MCP server spawns as a subprocess for the privacy-mode templater tools — Triage and Extract templates. You almost never invoke it directly; the server handles the subprocess lifecycle.

Security

What data does the MCP Server see
  • API calls to Log10x Prometheus (pre-aggregated metrics, no log content)
  • kubeconfig read access (only what kubectl get would surface)
  • Your log analyzer credentials (for dependency checks; read-only, local-only)

No log content ever leaves your machine. No data is cached server-side.

Where does the MCP Server run

As a local subprocess of your AI assistant (Claude Desktop, Code, Cursor). It starts when the assistant connects to the MCP and stops when the assistant closes. No cloud hosting, no Lambda, no API Gateway.

Next: Install