Sample Prompts
These are some sample prompts to test the MCP
The MCP server can return raw OpenSearch documents, which are token-heavy. For high-volume queries, prefer aggregation endpoints over search endpoints to get summarised results efficiently.
Additionally, attach available resources to your LLM prompt so it understands data mappings and can build accurate filters.
See MCP Server for guidance on choosing the right endpoint.
Log Queries
Search
"Show me today's 10 most recent logs for a client's EC2 applications"
"Show me the error logs for a client's Kubernetes instance client.atrmywizard-aiops.com that occurred around 5pm today"
Aggregation
"Analyse the error rate trend over the past 24 hours for EC2 applications and summarise any spikes"
"Create an analysis of log severity distribution across all applications for the past 24 hours"
"Show me a time-based breakdown of ERROR and WARN logs per hour over the last 12 hours for Quasar"
"Compare the log volume between Kubernetes and EC2 applications over the past week"
"Show me a summary of all FATAL logs from the last 3 days, grouped by client and region"
Workload Queries
Search
"Show me the last 10 completed workflows from the past hour for Kubernetes applications"
Aggregation
"What are the most common workflows completed over the last day, grouped by application type?"
"Analyse workload completion rates over the past 48 hours and highlight any failures"
"What percentage of workflows failed in the last 7 days, broken down by infrastructure type?"
"What are the most common workflows completed over the last day, grouped by application type?"
Ticket Queries
Search
"Show me the latest 5 tickets for EC2 applications in the eu-west-1 region"
Aggregation
"How many critical tickets have been created in the last 7 days?"
"How many tickets were raised this week, grouped by severity?"
"Analyse the tickets mapped to workflows within the last week"
"Show me the trend of ticket creation over the past 14 days, broken down by severity level"
Other Use Cases
Dashboard Creation
"Anaylse workloads over the past month. Aggregate over clients, domains, workflow trigger and workflow state. Visualise this analysis in a dashboard with intuative and interactive tiles."
"Build an EC2 ticket analysis dashboard for the last 14 days. Aggregate tickets, with app_type 'ec2' and break down tickets by ticket type, state, priority, and domain_name. Conduct analysis on this data and present the results as an interactive dashboard."
"Build an AgentManager dashboard for the last 7 days. Aggregate logs by log level, client name, environment and region. Include a date histogram over time at 1-hour intervals. Also pull the top 10 most active function names by count. Present the results as an interactive dashboard with charts showing error trends, a client leaderboard, and regional distribution."
"Build a workload analysis dashboard for the last 30 days. Use aggregate_workloads with app_type 'kubernetes' to break down workloads by workload.state (DONE, FAILED, REJECTED, ACCEPTED), client, domain_name, and workflow name. Include a date_histogram at 1-day intervals, a nested aggregation of top 15 clients with their state breakdown, and a filter aggregation for FAILED workloads with a sub-aggregation by workflow name. Present the results as an interactive HTML dashboard with a success/failure rate trend, a client leaderboard with state mix bars, and a failed workflows table sorted by count."
Root Cause Analysis
"A client on domain client.atrmywizard-aiops.com reported issues around 2pm yesterday. Search for ERROR and FATAL logs on that domain in a 2-hour window around the incident. Also check if any workloads failed in the same period, and pull any tickets raised. Correlate the findings across logs, workloads, and tickets, and summarise the likely root cause."