🔍 Stop copy-pasting logs into AI. Let Claude read them directly.
An MCP server for AI-powered log analysis. Parse, search, and debug log files across 9+ formats — right from Claude Code.
| 14 MCP tools | 9+ log formats |
| 280 tests | 81%+ coverage |
Analyzing logs with 14 specialized tools
| Without log-analyzer-mcp | With log-analyzer-mcp |
|---|---|
| Copy-paste chunks of logs | Point Claude at the file |
| Lose context between pastes | Full file access |
| Manual format parsing | Auto-detection |
| Miss related errors | Smart correlation |
- Auto-Detection — Identifies format from 9+ common log types
- Smart Search — Pattern matching with context, regex, and time filtering
- Error Extraction — Groups similar errors, captures stack traces
- Natural Language — Ask questions like "what errors happened today?"
- Sensitive Data Scan — Detect PII, credentials, and secrets
- Multi-File Analysis — Correlate events across distributed systems
- Streaming — Handles 1GB+ files without memory issues
# Install (adds to Claude Code automatically)
uvx codesdevs-log-analyzer installThen in Claude Code:
Analyze /var/log/app.log and tell me what's causing the errors
uvx codesdevs-log-analyzer installpip / uv / Claude Code config
# pip
pip install codesdevs-log-analyzer
# uv
uv tool install codesdevs-log-analyzerAdd to ~/.claude/settings.json:
{
"mcpServers": {
"log-analyzer": {
"command": "uvx",
"args": ["codesdevs-log-analyzer"]
}
}
}| Format | Example |
|---|---|
| Syslog | Jan 15 10:30:00 hostname process[pid]: message |
| Apache/Nginx | 127.0.0.1 - - [15/Jan/2026:10:30:00] "GET /path" 200 |
| JSON Lines | {"timestamp": "...", "level": "ERROR", "message": "..."} |
| Docker | 2026-01-15T10:30:00.123Z stdout message |
| Python | 2026-01-15 10:30:00,123 - module - ERROR - message |
| Java/Log4j | 2026-01-15 10:30:00,123 ERROR [thread] class - message |
| Kubernetes | level=error msg="..." ts=2026-01-15T10:30:00Z |
| Generic | Any line with recognizable timestamp |
| Metric | Value |
|---|---|
| 100MB log file | < 10 seconds |
| Memory footprint | Streaming (no full load) |
| Max tested size | 1GB+ |
| Format detection | < 100ms |
| Tool | Description |
|---|---|
log_analyzer_parse |
Detect format and extract metadata |
log_analyzer_search |
Search with context lines |
log_analyzer_extract_errors |
Extract and group errors |
log_analyzer_summarize |
Generate debugging summary |
log_analyzer_correlate |
Find related events |
log_analyzer_watch |
Monitor for new entries |
log_analyzer_ask |
Natural language queries |
log_analyzer_scan_sensitive |
Detect PII/credentials |
| + 6 more | Full reference → |
Find errors:
Extract all errors from /var/log/app.log, group similar ones
Search with context:
Search for "timeout" in app.log with 5 lines of context
Correlate events:
What happened 60 seconds before each OutOfMemoryError?
Scan for secrets:
Check /var/log/app.log for accidentally logged credentials
git clone https://github.com/Fato07/log-analyzer-mcp
cd log-analyzer-mcp
uv sync
uv run pytest -v --covMIT License - see LICENSE for details.
Found this useful? Give it a ⭐ on GitHub!
Report bugs ·
Request features ·
Discussions ·
Full docs
