Xitoring MCP Server
Beta
The Xitoring MCP server is currently in beta. Functionality, tools, and authentication may change as we iterate. We'd love your feedback — send bug reports, suggestions, or requests for new tools to support@xitoring.com.
The Xitoring MCP server lets AI assistants read and reason about your monitoring data — servers, uptime checks, incidents, metrics, status pages, and more — through the Model Context Protocol (MCP), an open standard for connecting large language models to external tools and data.
Pair it with Claude Desktop, Claude Code, Cursor, VS Code, ChatGPT, or any MCP-compatible client to investigate incidents, summarize uptime, draft post-mortems, and ask questions about your infrastructure in plain English.
Endpoint
https://app.xitoring.com/mcp
Transport: HTTP (streamable) Authentication: Bearer token (Xitoring API key)
Prerequisites
- A Xitoring account with at least one server, uptime check, or integration configured.
- A Xitoring API key — generate one at Dashboard → Account → API Access → Generate Key. See API Access & Automation for details.
- An MCP-compatible client (Claude Desktop, Claude Code, Cursor, VS Code with Copilot, ChatGPT desktop, etc.).
Treat API keys like passwords
Your API key grants full access to your Xitoring account. Store it in a secrets manager or environment variable — never commit it to source control. See API security best practices.
What the MCP Server Can Do
The Xitoring MCP server exposes 60+ tools spanning reads, reports, and a curated set of write actions:
- Servers & metrics — inspect individual servers, query live and historical metrics (CPU, load average, memory, disk usage, disk IO, network), rank infrastructure by resource consumption, and drill into top processes on any host.
- Uptime, SSL & heartbeat — list and inspect every check type, pull response time, overall uptime, and average latency across regions.
- Incidents & alerting — search ongoing and historical incidents, read incident notes, and review trigger and notification-role routing.
- Status pages & maintenance — view configured status pages and active or upcoming maintenance windows.
- Reports & account — generate uptime and SSL uptime reports, view subscription details, and list tickets.
- Audit logs — read account, Xitogent, and notification history for troubleshooting and compliance.
Write actions
The server also performs actions on your behalf when you ask it to: resolving incidents, adding incident notes, sending test notifications, pausing and unpausing checks or servers, creating HTTP/ping/SSL/heartbeat checks, scheduling maintenance windows, updating or testing existing checks, opening support tickets, and inviting new contacts.
Write tools execute real changes
An assistant resolving an incident or pausing a server makes the same change as clicking the button in the dashboard. Use a client that requires explicit approval for tool calls, and consider issuing a dedicated API key for MCP so the activity is easy to audit.
Setup
Claude Code CLI
The fastest way to connect from a terminal:
claude mcp add --transport http --scope user xitoring \
https://app.xitoring.com/mcp \
--header "Authorization: Bearer YOUR_API_KEY"
Replace YOUR_API_KEY with the key you generated in the Xitoring dashboard. Restart Claude Code and the xitoring server will appear in /mcp.
Claude Desktop
Edit your Claude Desktop config file:
- macOS:
~/Library/Application Support/Claude/claude_desktop_config.json - Windows:
%APPDATA%\Claude\claude_desktop_config.json
Add Xitoring to the mcpServers block:
{
"mcpServers": {
"xitoring": {
"type": "http",
"url": "https://app.xitoring.com/mcp",
"headers": {
"Authorization": "Bearer YOUR_API_KEY"
}
}
}
}
Save the file and restart Claude Desktop. The Xitoring tools will appear in the tool picker.
Cursor
Open Settings → MCP → Add new MCP server and paste:
{
"mcpServers": {
"xitoring": {
"url": "https://app.xitoring.com/mcp",
"headers": {
"Authorization": "Bearer YOUR_API_KEY"
}
}
}
}
VS Code (GitHub Copilot)
Add the server in your workspace .vscode/mcp.json or User Settings:
{
"servers": {
"xitoring": {
"type": "http",
"url": "https://app.xitoring.com/mcp",
"headers": {
"Authorization": "Bearer YOUR_API_KEY"
}
}
}
}
Stdio-only clients (mcp-remote bridge)
If your client only supports stdio MCP servers, use the mcp-remote bridge:
{
"mcpServers": {
"xitoring": {
"command": "npx",
"args": [
"mcp-remote",
"https://app.xitoring.com/mcp",
"--header",
"Authorization: Bearer YOUR_API_KEY"
]
}
}
}
Generic HTTP MCP client
Any client that supports HTTP MCP transports can connect by pointing at https://app.xitoring.com/mcp with the Authorization: Bearer YOUR_API_KEY header.
Verifying the Connection
After configuring your client:
- Restart the client so it picks up the new MCP server.
- Open the tool / MCP picker — you should see
xitoringlisted with its available tools. - Try a simple prompt: "List my Xitoring servers and their current status."
If the client reports an authentication error, verify the API key was copied with no extra whitespace and that it has not been revoked under Dashboard → Account → API Access.
Example Prompts
Status & triage
- "What incidents are ongoing right now, and which servers or checks are affected?"
- "Show me the current status of all my servers — flag anything that isn't reporting."
- "Are there any maintenance windows active or starting in the next 24 hours?"
Performance & capacity
- "Which 5 servers have the highest CPU usage right now?"
- "Show me the top processes by memory on
web-prod-01." - "Plot CPU load average and disk IO for
db-01over the last 7 days and call out any spikes." - "Rank my servers by disk usage and tell me which ones are above 80% full."
Uptime & SLA
- "What's the overall uptime for my checks over the last 30 days?"
- "Pull the uptime report for
api.example.comfor last month." - "What's the average response time and average latency for my main website check this week?"
- "Which SSL certificates are expiring in the next 30 days? Give me the SSL uptime report too."
Incident response
- "Summarize the last 3 resolved incidents on
db-01and read me their notes." - "Draft a post-mortem from the timeline of incident #1234 — pull the notes and notification logs."
- "Send a test notification to my on-call role to confirm routing is working."
- "Add a note to the active incident: 'rolling back deploy v2.41, monitoring recovery.'"
Maintenance & ops
- "Create a 2-hour maintenance schedule for
web-prod-01starting tomorrow at 02:00 UTC." - "Pause the uptime check for
staging.example.comwhile we redeploy, then unpause it when I tell you." - "Add a heartbeat check called
nightly-backupwith a 25-hour interval." - "Create an HTTP check for
https://api.example.com/healththat runs every minute from the EU regions."
Audit & account
- "Show me the account logs for the past week — who changed what?"
- "List my contacts and notification roles, and tell me which checks aren't covered by any trigger."
- "What plan am I on, and how much of my quota am I using?"
Use Cases
Incident investigation
Correlate a spike in ongoing incidents with affected servers, recent account activity, and maintenance windows. The assistant can pull incident notes and notification history to reconstruct a timeline, then draft a status update or post-mortem.
Performance triage
When a server is misbehaving, ask the assistant to combine top processes, load average, disk IO, and memory usage for that host, then compare it against the rest of your fleet to confirm whether it's an outlier or part of a larger trend.
SLA & uptime reporting
Generate monthly executive recaps from overall uptime, per-check uptime reports, average latency, and SSL uptime data without leaving the chat.
Capacity planning
Rank infrastructure by CPU, memory, and disk IO to find the next candidate for resizing or rebalancing.
Deploy-time monitoring control
Pause checks and servers around deploys and resume them afterwards — the assistant can drive this conversationally instead of you clicking through the dashboard.
Onboarding & internal Q&A
Let new team members ask plain-English questions about what's being monitored, which triggers are wired up, and who gets paged.
Security & Privacy
- All requests are served over HTTPS.
- Authentication uses your Xitoring API key — the same credential used by the REST API. Revoking the key immediately disables MCP access.
- AI clients send conversation context to their own model providers (Anthropic, OpenAI, etc.). Only the data the assistant requests via MCP tools is read from Xitoring — but anything the assistant reads becomes part of its conversation context. Avoid sharing screenshots or transcripts that contain sensitive infrastructure details outside trusted environments.
Rotate keys regularly
If you use the same API key for the MCP server and other automation, follow the rotation policy — every 90 days for production keys, immediately if compromised.
Troubleshooting
401 Unauthorized / authentication errors
- Verify the API key is correct and not revoked.
- Make sure the header is exactly
Authorization: Bearer YOUR_API_KEY(no extra spaces, noTokenprefix). - Confirm the key belongs to the account you want to query — sub-accounts need their own keys.
MCP server doesn't appear in the client
- Restart the client after editing its config file.
- Validate the JSON syntax of
claude_desktop_config.json/mcp.json(a missing comma will silently disable the server). - Check the client's MCP / developer logs for connection errors.
429 Too Many Requests
- The MCP server shares rate limits with the Xitoring REST API. Reduce the frequency of large queries, or batch requests when possible.
Empty results
- Confirm the API key has access to the resources you're querying.
- Check whether you're operating in a sub-account that has no servers or checks of its own.
See Also
- API Access & Automation — generate, rotate, and revoke API keys
- Xitoring CLI — command-line alternative for scripted access
- Notifications & Webhooks — push monitoring events to other systems
- Model Context Protocol — the open standard behind MCP