MCP Gateway is available on Portkey Cloud. For the complete observability reference, see portkey.ai/docs/product/mcp-gateway.
What gets logged
The MCP Gateway logs every tool call that passes through it. Each log entry captures:| Field | Description |
|---|---|
timestamp | When the tool call was made (UTC) |
request_id | Unique identifier for the request |
user | Authenticated user who made the call |
team | Team the user belongs to |
server | MCP server the tool call was routed to |
tool | Name of the tool that was called |
params | Parameters passed to the tool |
response | Response returned by the tool |
status | success, error, or denied |
latency_ms | End-to-end latency in milliseconds |
error | Error message if the call failed |
status: denied, giving you a complete audit trail of both successful and rejected calls.
Viewing logs in the Portkey dashboard
The Portkey dashboard provides a real-time log viewer for all MCP tool calls in your workspace:- Live feed — new tool calls appear as they happen
- Search and filter — filter by user, team, server, tool name, status, or time range
- Request detail — click any log entry to see the full parameters and response
- Latency charts — visualize latency trends per server or tool
Log structure
Logs are structured JSON. Each tool call produces an entry like:example log entry
Exporting logs
Logs can be exported from the Portkey dashboard in JSON or CSV format, or forwarded in real time to external observability platforms (Datadog, Splunk, Grafana Loki, and others) via webhook integrations configured in the dashboard.Alerting
Use any log-based alerting system with exported logs. Common alerts to configure:- High error rate — more than X% of tool calls returning errors in a time window
- Denied requests spike — unusually high number of access-denied events (potential credential misuse)
- Latency degradation — latency exceeding a threshold for a given server
- Unexpected tool access — a specific sensitive tool being called unexpectedly