Dynatrace MCP Server
Official Dynatrace MCP server for querying DQL, listing problems, vulnerabilities, exceptions, executing Davis analyzers, sending events/emails/Slack messages, and managing workflows.
Score Breakdown
Server Info
- Package
- @dynatrace-oss/dynatrace-mcp-server
- Registry
- npm
- Repository
- dynatrace-oss/dynatrace-mcp
- Maintainer
- DynatraceVendor
- Category
- Developer Tools
- Tags
- apmmonitoringtraces
- Last Scanned
- 7 Apr 2026
Findings
7 issuesAuthentication & Identity
MEDIUMHTTP/SSE transport supports per-request credentials
Supports stdio and StreamableHTTP (--http flag). Flexible auth: OAuth client credentials (OAUTH_CLIENT_ID + OAUTH_CLIENT_SECRET), platform token (DT_PLATFORM_TOKEN), or OAuth authorization code flow (auto-inferred when neither is set). DT_ENVIRONMENT is mandatory. Validates URL format to ensure Dynatrace Platform URLs only.
Implement the MCP OAuth spec so users authenticate directly without platform mediation.
Tool Schema Quality
HIGHRequired fields missing on 3 write operations
Write tools without required field declarations: create_workflow_for_notification, make_workflow_public, reset_grail_budget.
Add required arrays to all write/delete tool schemas.
CRITICALDangerous execution surface: execute_dql
Tool allows raw code/query execution which could be exploited via prompt injection.
Use parameterized queries or validated command sets.
LLM Safety
MEDIUM1 tool descriptions are too vague
Short or generic descriptions make tool selection unreliable.
Expand descriptions with specific actions, data types, and side effects.
HIGHTool descriptions contain instructional language
Descriptions include directives that could influence LLM behavior beyond tool selection.
Remove instructional language. Descriptions should be purely factual.
Data Exposure
LOWNo field selection on responses
Responses return full records rather than projected fields.
Implement field selection to return only relevant fields.
Maintenance & Trust
MEDIUM12 dependency vulnerabilities (10 high)
npm audit found 10 high severity CVEs.
Update vulnerable dependencies.
Tools
20 total| Name | Description | Risk |
|---|---|---|
| get_environment_info | Get information about the connected Dynatrace Environment (Tenant) and verify the connection and authentication. | read |
| list_vulnerabilities | Retrieve all active (non-muted) vulnerabilities from Dynatrace. An additional filter can be provided using DQL filter. | read |
| list_problems | List all problems (based on "fetch dt.davis.problems") known on Dynatrace, sorted by their recency. | read |
| find_entity_by_name | Find the entityId and type of a monitored entity within the topology on Dynatrace, based on the name of the entity. | read |
| send_slack_message | Sends a Slack message to a dedicated Slack Channel via Slack Connector on Dynatrace | write |
| verify_dql | Syntactically verify a Dynatrace Query Language (DQL) statement on Dynatrace GRAIL before executing it. | read |
| execute_dql | Get data like Logs, Metrics, Spans, Events, or Entity Data from Dynatrace Grail by executing a Dynatrace Query Language (DQL) statement. | read |
| generate_dql_from_natural_language | Convert natural language queries to Dynatrace Query Language (DQL) using Davis CoPilot AI. | read |
| explain_dql_in_natural_language | Explain Dynatrace Query Language (DQL) statements in natural language using Davis CoPilot AI. | read |
| chat_with_davis_copilot | Use this tool to ask any Dynatrace related question, in case no other more specific tool is available. | read |
| create_workflow_for_notification | Create a notification for a team based on a problem type within Workflows in Dynatrace | write |
| make_workflow_public | Modify a workflow and make it publicly available to everyone on the Dynatrace Environment | write |
| get_kubernetes_events | Get all events from a specific Kubernetes (K8s) cluster | read |
| reset_grail_budget | Reset the Grail query budget after it was exhausted, allowing new queries to be executed. | write |
| send_email | Send an email using the Dynatrace Email API. Maximum 10 recipients total across TO, CC, and BCC. | write |
| send_event | Send a custom event to Dynatrace using the Events API v2. | write |
| list_exceptions | List all exceptions known on Dynatrace starting with the most recent. | read |
| list_davis_analyzers | List all available Davis Analyzers in Dynatrace (forecast, anomaly detection, correlation analyzers, and more) | read |
| execute_davis_analyzer | Execute a Davis Analyzer with custom input parameters. | read |
| create_dynatrace_notebook | Create a new notebook in the Dynatrace platform to share analysis and findings with colleagues. | write |
Deploy Dynatrace MCP Server securely
CompleteFlow adds per-user authentication, permission scoping, and audit logging to any MCP server out of the box.
Deploy on CompleteFlow