19 tools from the AWS Labs CloudWatch MCP Server MCP Server, categorised by risk level.
View the AWS Labs CloudWatch MCP Server policy →analyze_log_group Analyzes a CloudWatch log group for anomalies, message patterns, and error patterns within a specified time window.
This tool performs an analysis... analyze_metric Analyzes CloudWatch metric data to determine seasonality, trend, data density and statistical properties.
This tool provides RAW DATA ONLY about h... describe_log_groups Lists AWS CloudWatch log groups and saved queries associated with them, optionally filtering by a name prefix.
This tool retrieves information abo... get_active_alarms Gets all CloudWatch Alarms currently in ALARM state.
This tool retrieves all CloudWatch Alarms that are currently in the ALARM state,
including bo... get_alarm_history Gets the history for a CloudWatch alarm with time range suggestions for investigation.
This tool retrieves the history for a specified CloudWatch ... get_logs_insight_query_results Retrieves the results of a previously started CloudWatch Logs Insights query.
Usage: If a log query is started by execute_log_insights_query tool ... get_metric_data Retrieves CloudWatch metric data for a specific metric.
This tool retrieves metric data from CloudWatch for a specific metric identified by its
na... get_metric_metadata Gets metadata for a CloudWatch metric including description, unit and recommended
statistics that can be used for metric data retrieval.
This tool... get_promql_label_values Get values for a specific PromQL label from CloudWatch.
Use label_name="__name__" to list all available metric names.
Use label_name="@resource.se... get_promql_labels Get all label names available in CloudWatch PromQL.
Returns a list of all label names. Useful for discovering the label structure
of OTLP-ingested... get_promql_series Find time series matching label selectors in CloudWatch.
Returns the label sets of all series matching the provided matchers.
Useful for discoveri... get_recommended_metric_alarms Gets recommended alarms for a CloudWatch metric.
This tool retrieves alarm recommendations for a specific CloudWatch metric
identified by its name... recommend_indexes_account Triage tool: find which log groups would benefit from field indexing.
Scans the last 30 days of completed Logs Insights queries across the account... recommend_indexes_loggroup Recommend field indexes for a specific CloudWatch log group.
Analyzes the last 30 days of completed Logs Insights queries (CWLI, SQL, PPL),
identi... execute_cwl_insights_batch Run a CloudWatch Logs Insights query across multiple log groups, accounts, and regions.
Automatically chunks log groups (max 50 per StartQuery), t... execute_log_insights_query Executes a CloudWatch Logs Insights query and waits for the results to be available.
IMPORTANT: The operation must include exactly one of the foll... execute_promql_query Execute an instant PromQL query against CloudWatch.
Returns the current value of metrics at a single point in time (instant vector).
For time seri... execute_promql_range_query Execute a PromQL range query against CloudWatch.
Returns time series data over a time range (matrix). Use for trend analysis and graphs.
Use this... The AWS Labs CloudWatch MCP Server MCP server exposes 19 tools across 3 categories: Read, Destructive, Execute.
Use Intercept, the open-source MCP proxy. Write YAML rules for each tool — rate limits, argument validation, or deny rules — then run Intercept in front of the AWS Labs CloudWatch MCP Server server.
AWS Labs CloudWatch MCP Server tools are categorised as Read (14), Destructive (1), Execute (4). Each category has a recommended default policy.
Deterministic policy on every MCP tool call. Per-identity grants. Full audit log.