How to add Dynatrace MCP Server to Windsurf
Official Dynatrace server: run DQL over logs, events, spans and metrics. Paste the config into ~/.codeium/windsurf/mcp_config.json and restart Windsurf.
Last updated June 15, 2026 · 200★ · stdio · oauth · official
Windsurf config for Dynatrace MCP Server
npx -y @dynatrace-oss/dynatrace-mcp-server@latest{
"mcpServers": {
"dynatrace-mcp-server": {
"command": "npx",
"args": [
"-y",
"@dynatrace-oss/dynatrace-mcp-server@latest"
],
"env": {
"DT_ENVIRONMENT": "https://<your-env-id>.apps.dynatrace.com"
}
}
}
}Setup steps
- 1Open Windsurf → Cascade → the hammer/MCP icon → Configure (or edit ~/.codeium/windsurf/mcp_config.json).
- 2Paste the Dynatrace MCP Server config below.
- 3Fill in placeholder secrets, then save.
- 4Click Refresh in the MCP panel.
- 5Dynatrace MCP Server's tools become available to Cascade.
Before you start
- Node.js v24 or newer
- A Dynatrace environment URL (e.g. https://abc12345.apps.dynatrace.com), set as DT_ENVIRONMENT
- A Platform Token created in Dynatrace (Settings > Identity & access management > Platform tokens) with the relevant scopes — e.g. app-engine:apps:run, storage:logs:read, storage:metrics:read, storage:spans:read, storage:entities:read, storage:events:read, and davis-copilot/email scopes for those features. OAuth client credentials (OAUTH_CLIENT_ID / OAUTH_CLIENT_SECRET) or browser-based authorization-code flow are also supported.
What Dynatrace MCP Server can do in Windsurf
execute_dqlRun a Dynatrace Query Language query over Grail (logs, events, spans, metrics, entities).
verify_dqlValidate a DQL statement before executing it.
generate_dql_from_natural_languageTurn a plain-English request into a DQL query via Davis CoPilot.
explain_dql_in_natural_languageExplain what an existing DQL query does.
list_problemsList open problems detected by Dynatrace.
list_vulnerabilitiesList security vulnerabilities found in the environment.
list_exceptionsSurface exceptions captured across services.
find_entity_by_nameLook up a monitored entity (host, service, process) by name.
Security
Prefer the browser OAuth flow over storing platform tokens or client secrets in plaintext env vars. DQL queries consume Grail budget, so set DT_GRAIL_QUERY_BUDGET_GB to cap unexpected query costs.
Dynatrace MCP Server + Windsurf FAQ
Where is the Windsurf config file?
Windsurf reads MCP servers from ~/.codeium/windsurf/mcp_config.json. Paste the Dynatrace MCP Server config there under the "mcpServers" key and restart the client.
Is Dynatrace MCP Server safe to use with Windsurf?
Prefer the browser OAuth flow over storing platform tokens or client secrets in plaintext env vars. DQL queries consume Grail budget, so set DT_GRAIL_QUERY_BUDGET_GB to cap unexpected query costs.
Does querying Dynatrace through this MCP server cost money?
It can. Accessing data in Grail (logs, events, spans, etc.) is billed by the volume scanned. The server provides a DT_GRAIL_QUERY_BUDGET_GB setting (default 1000 GB) to guard against runaway consumption.
What authentication does it support?
A Dynatrace Platform Token (recommended) via DT_PLATFORM_TOKEN, OAuth client credentials via OAUTH_CLIENT_ID/OAUTH_CLIENT_SECRET, or a browser-based authorization-code flow.
Which MCP clients work with it?
VS Code, Claude Desktop, Cursor, Amazon Q, Windsurf, ChatGPT, and GitHub Copilot are all documented as supported over stdio.