datadog-automation
Compare original and translation side by side
🇺🇸
Original
English🇨🇳
Translation
ChineseDatadog Automation via Rube MCP
通过Rube MCP实现Datadog自动化
Automate Datadog monitoring and observability operations through Composio's Datadog toolkit via Rube MCP.
通过Composio的Datadog工具包,借助Rube MCP自动化Datadog监控与可观测性操作。
Prerequisites
前提条件
- Rube MCP must be connected (RUBE_SEARCH_TOOLS available)
- Active Datadog connection via with toolkit
RUBE_MANAGE_CONNECTIONSdatadog - Always call first to get current tool schemas
RUBE_SEARCH_TOOLS
- 必须已连接Rube MCP(需提供RUBE_SEARCH_TOOLS)
- 通过激活Datadog连接,工具包为
RUBE_MANAGE_CONNECTIONSdatadog - 请始终先调用以获取最新的工具架构
RUBE_SEARCH_TOOLS
Setup
设置步骤
Get Rube MCP: Add as an MCP server in your client configuration. No API keys needed — just add the endpoint and it works.
https://rube.app/mcp- Verify Rube MCP is available by confirming responds
RUBE_SEARCH_TOOLS - Call with toolkit
RUBE_MANAGE_CONNECTIONSdatadog - If connection is not ACTIVE, follow the returned auth link to complete Datadog authentication
- Confirm connection status shows ACTIVE before running any workflows
获取Rube MCP:在客户端配置中添加作为MCP服务器。无需API密钥——只需添加端点即可使用。
https://rube.app/mcp- 确认可响应,以此验证Rube MCP是否可用
RUBE_SEARCH_TOOLS - 调用,指定工具包为
RUBE_MANAGE_CONNECTIONSdatadog - 如果连接未处于ACTIVE状态,请按照返回的认证链接完成Datadog身份验证
- 在运行任何工作流之前,请确认连接状态显示为ACTIVE
Core Workflows
核心工作流
1. Query and Explore Metrics
1. 查询与探索指标
When to use: User wants to query metric data or list available metrics
Tool sequence:
- - List available metric names [Optional]
DATADOG_LIST_METRICS - - Query metric time series data [Required]
DATADOG_QUERY_METRICS
Key parameters:
- : Datadog metric query string (e.g.,
query)avg:system.cpu.user{host:web01} - : Start timestamp (Unix epoch seconds)
from - : End timestamp (Unix epoch seconds)
to - : Search string for listing metrics
q
Pitfalls:
- Query syntax follows Datadog's metric query format:
aggregation:metric_name{tag_filters} - and
fromare Unix epoch timestamps in seconds, not millisecondsto - Valid aggregations: ,
avg,sum,min,maxcount - Tag filters use curly braces:
{host:web01,env:prod} - Time range should not exceed Datadog's retention limits for the metric type
适用场景:用户需要查询指标数据或列出可用指标
工具序列:
- - 列出可用指标名称(可选)
DATADOG_LIST_METRICS - - 查询指标时间序列数据(必填)
DATADOG_QUERY_METRICS
关键参数:
- : Datadog指标查询字符串(例如:
query)avg:system.cpu.user{host:web01} - : 开始时间戳(Unix纪元秒)
from - : 结束时间戳(Unix纪元秒)
to - : 用于列出指标的搜索字符串
q
注意事项:
- 查询语法遵循Datadog的指标查询格式:
aggregation:metric_name{tag_filters} - 和
from为Unix纪元秒级时间戳,而非毫秒to - 有效的聚合函数:、
avg、sum、min、maxcount - 标签过滤器使用大括号:
{host:web01,env:prod} - 时间范围不应超过Datadog对应指标类型的保留期限
2. Search and Analyze Logs
2. 搜索与分析日志
When to use: User wants to search log entries or list log indexes
Tool sequence:
- - List available log indexes [Optional]
DATADOG_LIST_LOG_INDEXES - - Search logs with query and filters [Required]
DATADOG_SEARCH_LOGS
Key parameters:
- : Log search query using Datadog log query syntax
query - : Start time (ISO 8601 or Unix timestamp)
from - : End time (ISO 8601 or Unix timestamp)
to - : Sort order ('asc' or 'desc')
sort - : Number of log entries to return
limit
Pitfalls:
- Log queries use Datadog's log search syntax:
service:web status:error - Search is limited to retained logs within the configured retention period
- Large result sets require pagination; check for cursor/page tokens
- Log indexes control routing and retention; filter by index if known
适用场景:用户需要搜索日志条目或列出日志索引
工具序列:
- - 列出可用日志索引(可选)
DATADOG_LIST_LOG_INDEXES - - 使用查询与过滤器搜索日志(必填)
DATADOG_SEARCH_LOGS
关键参数:
- : 使用Datadog日志查询语法的搜索语句
query - : 开始时间(ISO 8601或Unix时间戳)
from - : 结束时间(ISO 8601或Unix时间戳)
to - : 排序顺序('asc'或'desc')
sort - : 要返回的日志条目数量
limit
注意事项:
- 日志查询使用Datadog的日志搜索语法:
service:web status:error - 搜索范围仅限已配置保留期内的日志
- 大量结果需要分页;请检查游标/分页令牌
- 日志索引控制路由与保留策略;若已知索引可通过其过滤
3. Manage Monitors
3. 管理监控器
When to use: User wants to create, update, mute, or inspect monitors
Tool sequence:
- - List all monitors with filters [Required]
DATADOG_LIST_MONITORS - - Get specific monitor details [Optional]
DATADOG_GET_MONITOR - - Create a new monitor [Optional]
DATADOG_CREATE_MONITOR - - Update monitor configuration [Optional]
DATADOG_UPDATE_MONITOR - - Silence a monitor temporarily [Optional]
DATADOG_MUTE_MONITOR - - Re-enable a muted monitor [Optional]
DATADOG_UNMUTE_MONITOR
Key parameters:
- : Numeric monitor ID
monitor_id - : Monitor display name
name - : Monitor type ('metric alert', 'service check', 'log alert', 'query alert', etc.)
type - : Monitor query defining the alert condition
query - : Notification message with @mentions
message - : Array of tag strings
tags - : Alert threshold values (
thresholds,critical,warning)ok
Pitfalls:
- Monitor must match the query type; mismatches cause creation failures
type - supports @mentions for notifications (e.g.,
message,@slack-channel)@pagerduty - Thresholds vary by monitor type; metric monitors need at minimum
critical - Muting a monitor suppresses notifications but the monitor still evaluates
- Monitor IDs are numeric integers
适用场景:用户需要创建、更新、静音或查看监控器
工具序列:
- - 带过滤器列出所有监控器(必填)
DATADOG_LIST_MONITORS - - 获取特定监控器详情(可选)
DATADOG_GET_MONITOR - - 创建新监控器(可选)
DATADOG_CREATE_MONITOR - - 更新监控器配置(可选)
DATADOG_UPDATE_MONITOR - - 临时静音监控器(可选)
DATADOG_MUTE_MONITOR - - 重新启用已静音的监控器(可选)
DATADOG_UNMUTE_MONITOR
关键参数:
- : 数字型监控器ID
monitor_id - : 监控器显示名称
name - : 监控器类型('metric alert'、'service check'、'log alert'、'query alert'等)
type - : 定义告警条件的监控器查询语句
query - : 包含@提及的通知消息
message - : 标签字符串数组
tags - : 告警阈值(
thresholds、critical、warning)ok
注意事项:
- 监控器必须与查询类型匹配;不匹配会导致创建失败
type - 支持@提及以发送通知(例如:
message、@slack-channel)@pagerduty - 阈值因监控器类型而异;指标监控器至少需要设置阈值
critical - 静音监控器会抑制通知,但监控器仍会继续执行评估
- 监控器ID为数字整数
4. Manage Dashboards
4. 管理仪表板
When to use: User wants to list, view, update, or delete dashboards
Tool sequence:
- - List all dashboards [Required]
DATADOG_LIST_DASHBOARDS - - Get full dashboard definition [Optional]
DATADOG_GET_DASHBOARD - - Update dashboard layout or widgets [Optional]
DATADOG_UPDATE_DASHBOARD - - Remove a dashboard (irreversible) [Optional]
DATADOG_DELETE_DASHBOARD
Key parameters:
- : Dashboard identifier string
dashboard_id - : Dashboard title
title - : 'ordered' (grid) or 'free' (freeform positioning)
layout_type - : Array of widget definition objects
widgets - : Dashboard description
description
Pitfalls:
- Dashboard IDs are alphanumeric strings (e.g., 'abc-def-ghi'), not numeric
- cannot be changed after creation; must recreate the dashboard
layout_type - Widget definitions are complex nested objects; get existing dashboard first to understand structure
- DELETE is permanent; there is no undo
适用场景:用户需要列出、查看、更新或删除仪表板
工具序列:
- - 列出所有仪表板(必填)
DATADOG_LIST_DASHBOARDS - - 获取完整的仪表板定义(可选)
DATADOG_GET_DASHBOARD - - 更新仪表板布局或组件(可选)
DATADOG_UPDATE_DASHBOARD - - 删除仪表板(不可恢复)(可选)
DATADOG_DELETE_DASHBOARD
关键参数:
- : 仪表板标识符字符串
dashboard_id - : 仪表板标题
title - : 'ordered'(网格布局)或'free'(自由定位)
layout_type - : 组件定义对象数组
widgets - : 仪表板描述
description
注意事项:
- 仪表板ID为字母数字字符串(例如:'abc-def-ghi'),而非数字
- 创建后无法更改;如需更改需重新创建仪表板
layout_type - 组件定义为复杂的嵌套对象;请先获取现有仪表板以了解其结构
- DELETE操作是永久性的;无法撤销
5. Create Events and Manage Downtimes
5. 创建事件与管理停机时间
When to use: User wants to post events or schedule maintenance downtimes
Tool sequence:
- - List existing events [Optional]
DATADOG_LIST_EVENTS - - Post a new event [Required]
DATADOG_CREATE_EVENT - - Schedule a maintenance downtime [Optional]
DATADOG_CREATE_DOWNTIME
Key parameters for events:
- : Event title
title - : Event body text (supports markdown)
text - : Event severity ('error', 'warning', 'info', 'success')
alert_type - : Array of tag strings
tags
Key parameters for downtimes:
- : Tag scope for the downtime (e.g.,
scope)host:web01 - : Start time (Unix epoch)
start - : End time (Unix epoch; omit for indefinite)
end - : Downtime description
message - : Specific monitor to downtime (optional, omit for scope-based)
monitor_id
Pitfalls:
- Event supports Datadog's markdown format including @mentions
text - Downtimes scope uses tag syntax: ,
host:web01env:staging - Omitting creates an indefinite downtime; always set an end time for maintenance
end - Downtime narrows to a single monitor; scope applies to all matching monitors
monitor_id
适用场景:用户需要发布事件或安排维护停机时间
工具序列:
- - 列出已有事件(可选)
DATADOG_LIST_EVENTS - - 发布新事件(必填)
DATADOG_CREATE_EVENT - - 安排维护停机时间(可选)
DATADOG_CREATE_DOWNTIME
事件关键参数:
- : 事件标题
title - : 事件正文(支持Markdown)
text - : 事件严重级别('error'、'warning'、'info'、'success')
alert_type - : 标签字符串数组
tags
停机时间关键参数:
- : 停机时间的标签范围(例如:
scope)host:web01 - : 开始时间(Unix纪元)
start - : 结束时间(Unix纪元;留空则为无限期)
end - : 停机时间描述
message - : 要设置停机的特定监控器(可选,留空则基于范围)
monitor_id
注意事项:
- 事件支持Datadog的Markdown格式,包括@提及
text - 停机时间范围使用标签语法:、
host:web01env:staging - 若省略则创建无限期停机时间;维护任务请务必设置结束时间
end - 停机时间仅针对单个监控器;范围则适用于所有匹配的监控器
monitor_id
6. Manage Hosts and Traces
6. 管理主机与追踪
When to use: User wants to list infrastructure hosts or inspect distributed traces
Tool sequence:
- - List all reporting hosts [Required]
DATADOG_LIST_HOSTS - - Get a specific distributed trace [Optional]
DATADOG_GET_TRACE_BY_ID
Key parameters:
- : Host search filter string
filter - : Sort hosts by field (e.g., 'name', 'apps', 'cpu')
sort_field - : Sort direction ('asc' or 'desc')
sort_dir - : Distributed trace ID for trace lookup
trace_id
Pitfalls:
- Host list includes all hosts reporting to Datadog within the retention window
- Trace IDs are long numeric strings; ensure exact match
- Hosts that stop reporting are retained for a configured period before removal
适用场景:用户需要列出基础设施主机或查看分布式追踪
工具序列:
- - 列出所有上报的主机(必填)
DATADOG_LIST_HOSTS - - 获取特定分布式追踪(可选)
DATADOG_GET_TRACE_BY_ID
关键参数:
- : 主机搜索过滤器字符串
filter - : 主机排序字段(例如:'name'、'apps'、'cpu')
sort_field - : 排序方向('asc'或'desc')
sort_dir - : 用于查找追踪的分布式追踪ID
trace_id
注意事项:
- 主机列表包含在保留期内上报至Datadog的所有主机
- 追踪ID为长数字字符串;请确保完全匹配
- 停止上报的主机会在配置的保留期后被移除
Common Patterns
通用模式
Monitor Query Syntax
监控器查询语法
Metric alerts:
avg(last_5m):avg:system.cpu.user{env:prod} > 90Log alerts:
logs("service:web status:error").index("main").rollup("count").last("5m") > 10指标告警:
avg(last_5m):avg:system.cpu.user{env:prod} > 90日志告警:
logs("service:web status:error").index("main").rollup("count").last("5m") > 10Tag Filtering
标签过滤
- Tags use format:
key:value,host:web01,env:prodservice:api - Multiple tags: (AND logic)
{host:web01,env:prod} - Wildcard:
host:web*
- 标签使用格式:
key:value、host:web01、env:prodservice:api - 多标签:(逻辑与)
{host:web01,env:prod} - 通配符:
host:web*
Pagination
分页
- Use and
pageor offset-based pagination depending on endpointpage_size - Check response for total count to determine if more pages exist
- Continue until all results are retrieved
- 根据端点不同,使用和
page或基于偏移量的分页page_size - 检查响应中的总计数以确定是否存在更多页面
- 持续请求直到获取所有结果
Known Pitfalls
已知注意事项
Timestamps:
- Most endpoints use Unix epoch seconds (not milliseconds)
- Some endpoints accept ISO 8601; check tool schema
- Time ranges should be reasonable (not years of data)
Query Syntax:
- Metric queries:
aggregation:metric{tags} - Log queries: pairs
field:value - Monitor queries vary by type; check Datadog documentation
Rate Limits:
- Datadog API has per-endpoint rate limits
- Implement backoff on 429 responses
- Batch operations where possible
时间戳:
- 大多数端点使用Unix纪元秒(而非毫秒)
- 部分端点支持ISO 8601;请查看工具架构
- 时间范围应合理(不要请求数年的数据)
查询语法:
- 指标查询:
aggregation:metric{tags} - 日志查询:键值对
field:value - 监控器查询因类型而异;请查看Datadog文档
速率限制:
- Datadog API对不同端点有速率限制
- 收到429响应时请实现退避机制
- 尽可能批量操作
Quick Reference
快速参考
| Task | Tool Slug | Key Params |
|---|---|---|
| Query metrics | DATADOG_QUERY_METRICS | query, from, to |
| List metrics | DATADOG_LIST_METRICS | q |
| Search logs | DATADOG_SEARCH_LOGS | query, from, to, limit |
| List log indexes | DATADOG_LIST_LOG_INDEXES | (none) |
| List monitors | DATADOG_LIST_MONITORS | tags |
| Get monitor | DATADOG_GET_MONITOR | monitor_id |
| Create monitor | DATADOG_CREATE_MONITOR | name, type, query, message |
| Update monitor | DATADOG_UPDATE_MONITOR | monitor_id |
| Mute monitor | DATADOG_MUTE_MONITOR | monitor_id |
| Unmute monitor | DATADOG_UNMUTE_MONITOR | monitor_id |
| List dashboards | DATADOG_LIST_DASHBOARDS | (none) |
| Get dashboard | DATADOG_GET_DASHBOARD | dashboard_id |
| Update dashboard | DATADOG_UPDATE_DASHBOARD | dashboard_id, title, widgets |
| Delete dashboard | DATADOG_DELETE_DASHBOARD | dashboard_id |
| List events | DATADOG_LIST_EVENTS | start, end |
| Create event | DATADOG_CREATE_EVENT | title, text, alert_type |
| Create downtime | DATADOG_CREATE_DOWNTIME | scope, start, end |
| List hosts | DATADOG_LIST_HOSTS | filter, sort_field |
| Get trace | DATADOG_GET_TRACE_BY_ID | trace_id |
| 任务 | 工具标识 | 关键参数 |
|---|---|---|
| 查询指标 | DATADOG_QUERY_METRICS | query, from, to |
| 列出指标 | DATADOG_LIST_METRICS | q |
| 搜索日志 | DATADOG_SEARCH_LOGS | query, from, to, limit |
| 列出日志索引 | DATADOG_LIST_LOG_INDEXES | 无 |
| 列出监控器 | DATADOG_LIST_MONITORS | tags |
| 获取监控器 | DATADOG_GET_MONITOR | monitor_id |
| 创建监控器 | DATADOG_CREATE_MONITOR | name, type, query, message |
| 更新监控器 | DATADOG_UPDATE_MONITOR | monitor_id |
| 静音监控器 | DATADOG_MUTE_MONITOR | monitor_id |
| 取消静音监控器 | DATADOG_UNMUTE_MONITOR | monitor_id |
| 列出仪表板 | DATADOG_LIST_DASHBOARDS | 无 |
| 获取仪表板 | DATADOG_GET_DASHBOARD | dashboard_id |
| 更新仪表板 | DATADOG_UPDATE_DASHBOARD | dashboard_id, title, widgets |
| 删除仪表板 | DATADOG_DELETE_DASHBOARD | dashboard_id |
| 列出事件 | DATADOG_LIST_EVENTS | start, end |
| 创建事件 | DATADOG_CREATE_EVENT | title, text, alert_type |
| 创建停机时间 | DATADOG_CREATE_DOWNTIME | scope, start, end |
| 列出主机 | DATADOG_LIST_HOSTS | filter, sort_field |
| 获取追踪 | DATADOG_GET_TRACE_BY_ID | trace_id |