Skip to main content
Logs help you understand what happened during tool execution and track changes made to your server, without exposing sensitive application data. Use logs to investigate errors, monitor activity, and correlate events with your upstream API.

Types of logs

Operational logs

Operational logs record activity generated when MCP clients use your server. Depending on the request, a log entry may include:
  • Capability type, such as Tool, Resource, or Prompt
  • Capability name
  • Request time
  • Success or failure status
  • HTTP status code or MCP result
  • Response time
  • Request and response size
  • MCP client information, when available
  • Safe error details for troubleshooting
These logs help you monitor server health without exposing application data.

Audit logs

Audit logs track configuration changes made to your MCP server. Examples include: Audit logs provide a history of administrative actions performed on your server.

What 0mcp stores

0mcp stores only the operational metadata needed to monitor usage and troubleshoot problems. This includes information such as:
  • Timestamp
  • Capability name
  • Request outcome
  • Status code
  • Response time
  • Request and response size
  • Safe error details

What 0mcp does not store

To help protect your application data, 0mcp does not store:
  • Request bodies
  • Response bodies
  • HTTP request headers
  • Authorization headers
  • Bearer tokens
  • API keys
  • Other authentication credentials
Your upstream API remains the source of truth for application data and request history.
Logs provide the status and performance details needed for monitoring without copying credentials or API payloads into 0mcp.

Troubleshooting with logs

When investigating an issue:
  1. Filter logs by the time the problem occurred.
  2. Narrow the results by capability, status, or MCP client.
  3. Review the matching log entry and its execution details.
  4. Compare the timestamp with your upstream API logs for deeper debugging.
If you need to inspect the full HTTP request, request body, or authentication headers, use your own API logs with appropriate access controls and secret filtering.
Use Analytics when you need overall trends rather than details for a specific request.