Sysdig

v1.0.0Monitoring & Observabilitystable

Sysdig MCP Server

aimcp
Share:
11
Stars
0
Downloads
0
Weekly
0/5

What is Sysdig?

Sysdig is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to sysdig mcp server

Sysdig MCP Server

This server falls under the Monitoring & Observability category on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • Sysdig MCP Server

Use Cases

System and container monitoring
Security investigation and analysis
sysdiglabs

Maintainer

LicenseApache-2.0
Languagego
Versionv1.0.0
UpdatedMay 19, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx sysdig

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use Sysdig

The Sysdig MCP server is a Go-based server that connects Claude Desktop and other MCP clients to the Sysdig platform, enabling natural-language querying of Kubernetes monitoring data, container security findings, and custom Sysdig Query Language (SysQL) queries. It exposes tools for listing clusters, nodes, workloads, and pods; identifying top resource consumers; surfacing HTTP and network errors; and running ad-hoc SysQL queries against your Sysdig Monitor or Secure instance.

Prerequisites

  • A Sysdig account with a valid API token (Monitor or Secure) that has metrics-data.read, risks.read, and sage.exec permissions
  • Your Sysdig instance URL (e.g., https://us2.app.sysdig.com)
  • One of: Go 1.20+, Docker, or a pre-built binary for your platform
  • An MCP-compatible client such as Claude Desktop
1

Obtain your Sysdig API token

Log into your Sysdig instance, navigate to Settings > User Profile > API Token, and copy the token. Ensure the token has the required scopes: metrics-data.read, risks.read, and sage.exec.

2

Choose an installation method

You can run the server via Go, Docker, or a downloaded binary. The Docker method is recommended for most users as it requires no local Go installation.

# Docker (recommended)
docker pull ghcr.io/sysdiglabs/sysdig-mcp-server:latest

# Go
go run github.com/sysdiglabs/sysdig-mcp-server/cmd/server@latest

# Binary (Linux x86_64)
curl -L https://github.com/sysdiglabs/sysdig-mcp-server/releases/latest/download/sysdig-mcp-server_linux-amd64.tar.gz | tar xz
3

Set required environment variables

The server requires two environment variables: your Sysdig instance host URL and your API token.

export SYSDIG_MCP_API_HOST=https://us2.app.sysdig.com
export SYSDIG_MCP_API_TOKEN=your_sysdig_api_token
4

Add to Claude Desktop configuration

Register the Sysdig MCP server in your Claude Desktop config, passing credentials as environment variables. This example uses the Docker image.

{
  "mcpServers": {
    "sysdig": {
      "command": "docker",
      "args": [
        "run", "--rm", "-i",
        "-e", "SYSDIG_MCP_API_HOST",
        "-e", "SYSDIG_MCP_API_TOKEN",
        "ghcr.io/sysdiglabs/sysdig-mcp-server:latest"
      ],
      "env": {
        "SYSDIG_MCP_API_HOST": "https://us2.app.sysdig.com",
        "SYSDIG_MCP_API_TOKEN": "your_sysdig_api_token"
      }
    }
  }
}
5

Restart Claude Desktop and test

Restart Claude Desktop and ask it to list your Kubernetes clusters to verify connectivity.

Sysdig Examples

Client configuration

Claude Desktop configuration using the Sysdig MCP Docker image with credentials injected via environment variables.

{
  "mcpServers": {
    "sysdig": {
      "command": "docker",
      "args": [
        "run", "--rm", "-i",
        "-e", "SYSDIG_MCP_API_HOST",
        "-e", "SYSDIG_MCP_API_TOKEN",
        "ghcr.io/sysdiglabs/sysdig-mcp-server:latest"
      ],
      "env": {
        "SYSDIG_MCP_API_HOST": "https://us2.app.sysdig.com",
        "SYSDIG_MCP_API_TOKEN": "your_sysdig_api_token"
      }
    }
  }
}

Prompts to try

Example prompts for Kubernetes monitoring and security investigation with the Sysdig MCP server.

- "List all Kubernetes clusters connected to my Sysdig account"
- "Show the top 10 pods with the most container restarts in the production cluster"
- "Which workloads are consuming the most CPU in cluster 'staging'?"
- "Show me the top 20 pods with the most HTTP errors in production"
- "Find pods in the production cluster that are underutilizing their CPU quota"
- "Generate and run a SysQL query to find containers with high memory usage"

Troubleshooting Sysdig

Authentication error: 401 Unauthorized

Verify SYSDIG_MCP_API_HOST matches your actual Sysdig region URL (e.g., us2.app.sysdig.com vs eu1.app.sysdig.com). Regenerate your API token in Sysdig Settings and ensure it has the metrics-data.read, risks.read, and sage.exec scopes.

Docker image fails to start in Claude Desktop

Test the container manually: 'docker run --rm -e SYSDIG_MCP_API_HOST=... -e SYSDIG_MCP_API_TOKEN=... ghcr.io/sysdiglabs/sysdig-mcp-server:latest'. Ensure Docker Desktop is running and the image has been pulled successfully.

Kubernetes tools return empty results

Confirm that your Sysdig account has active Kubernetes integrations. In the Sysdig UI, navigate to Integrations > Kubernetes and verify at least one cluster agent is reporting data.

Frequently Asked Questions about Sysdig

What is Sysdig?

Sysdig is a Model Context Protocol (MCP) server that sysdig mcp server It connects AI assistants to external tools and data sources through a standardized interface.

How do I install Sysdig?

Follow the installation instructions on the Sysdig GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with Sysdig?

Sysdig works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is Sysdig free to use?

Yes, Sysdig is open source and available under the Apache-2.0 license. You can use it freely in both personal and commercial projects.

Browse More Monitoring & Observability MCP Servers

Explore all monitoring & observability servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "sysdig": { "command": "npx", "args": ["-y", "sysdig"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use Sysdig?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides