Ask against real streams
Scope questions by stream, receiver, service, host, namespace, or time range.
Use case / AI diagnostics
AI Log Diagnostics With MCP and Fluxtail
AI log diagnostics are most useful when they work from scoped log streams, receiver context, and raw rows. Fluxtail combines MCP diagnostics and AI chat with streams, live tail, filters, facets, histograms, and alerts so summaries stay tied to real logs.
AI log diagnostics
MCP diagnostics
Error summaries
Receiver health
Summarize repeated errors
Group noisy exceptions and repeated messages after filtering the relevant window.
Check missing logs
Use no-log and receiver health diagnostics when the issue is silence, not noise.
Keep raw rows visible
Treat summaries as a guide, then confirm against the underlying log records.
Source
When this source should be centralized
Use this path when the source already emits logs and central reading, filtering, or alerting is the next need.
01
A stream has many similar errors
Use AI log diagnostics after filters narrow the stream enough for repeated failures to be grouped without hiding the raw rows.
02
A receiver stopped getting logs
No-log diagnostics and receiver health checks help when the source is quiet and the ingest path may be the issue.
03
An alert needs a short explanation
A scoped summary can explain a filtered time window while the original rows stay available for verification.
Prompts
Example diagnostic prompt and result shape
Good AI log diagnostics start with a scoped stream, receiver, service, or time range, then point back to the raw rows.
Scoped diagnostic prompts
text
1find exceptions in checkout-live from the last 30 minutes2summarize_errors for service checkout-api since 14:003why are no logs arriving for receiver edge-syslog?4check receiver health for the OTLP production receiver
Raw rows behind a summary
output
2026-04-25T14:21:09Z ERROR checkout-api PaymentGatewayTimeout order_id=ord_4921
2026-04-25T14:21:15Z ERROR checkout-api PaymentGatewayTimeout order_id=ord_4922
2026-04-25T14:21:22Z ERROR checkout-api PaymentGatewayTimeout order_id=ord_4923Useful summary shape
text
1Repeated PaymentGatewayTimeout errors appeared in checkout-api between 14:21:09 and 14:21:22.2The affected rows share service=checkout-api, level=ERROR, and error class PaymentGatewayTimeout.3Check the payment gateway dependency and retry budget for that window.
Questions
Good Questions to Ask
Start with a stream, receiver, service, host, namespace, or time window. Narrow questions produce answers that can be checked.
01
Error and exception questions
Ask what exception classes repeated, which service emitted most ERROR rows, or which error codes dominated the window.
Examples
text
1What exception classes repeated in checkout-live during the last 30 minutes?2Summarize errors for service checkout-api after the deploy.3Which host produced the most ERROR rows in this window?
02
Missing-log questions
Ask why a receiver or stream is quiet only after naming the source and expected window.
Examples
text
1Why are no logs arriving for receiver edge-syslog?2Check receiver health for the OTLP production receiver.
Scope
Bad Questions to Avoid
Broad prompts make weak diagnostic output because the system has too much context and no clear evidence window.
01
Too broad
Avoid prompts like “What is wrong with production?” or “Summarize everything.” Start with a stream, service, receiver, or time range.
02
No evidence window
Avoid asking for a cause without a stream or time window. First isolate the rows, then ask for a summary.
Diagnostics
Diagnostics Fluxtail Can Support
Use MCP diagnostics for find_exceptions, summarize_errors, why_no_logs, check_receiver_health, and ingestion guidance. Use AI chat for summaries and explanations after the relevant log slice is available.
01
Known diagnostic tasks
find_exceptions and summarize_errors help with noisy failures. why_no_logs and check_receiver_health help when a source goes quiet.
02
Raw rows remain the anchor
Every useful answer should be checked against the stream, time window, filters, and log rows used to produce it.
Setup
How logs move into Fluxtail
Keep the sender configuration explicit, then confirm the resulting stream keeps the fields needed for reading and filtering.
01
Start from a stream, receiver, or filtered result
Pick the stream, service, receiver, host, namespace, or time window before asking for a summary.
02
Run a focused diagnostic
Use MCP tools or built-in AI chat for find_exceptions, summarize_errors, why_no_logs, check_receiver_health, or ingestion guidance.
03
Open the raw evidence
Review the underlying log rows before deciding the summary is correct.
04
Turn repeated findings into alerts
Once a repeated pattern is understood, promote it into a saved filter or alert path.
Prompts
Example diagnostic prompt and result shape
Good AI log diagnostics start with a scoped stream, receiver, service, or time range, then point back to the raw rows.
Scoped diagnostic prompts
text
1find exceptions in checkout-live from the last 30 minutes2summarize_errors for service checkout-api since 14:003why are no logs arriving for receiver edge-syslog?4check receiver health for the OTLP production receiver
Raw rows behind a summary
output
2026-04-25T14:21:09Z ERROR checkout-api PaymentGatewayTimeout order_id=ord_4921
2026-04-25T14:21:15Z ERROR checkout-api PaymentGatewayTimeout order_id=ord_4922
2026-04-25T14:21:22Z ERROR checkout-api PaymentGatewayTimeout order_id=ord_4923Useful summary shape
text
1Repeated PaymentGatewayTimeout errors appeared in checkout-api between 14:21:09 and 14:21:22.2The affected rows share service=checkout-api, level=ERROR, and error class PaymentGatewayTimeout.3Check the payment gateway dependency and retry budget for that window.
Verification
What to check before relying on it
Collection is useful only when the resulting rows still carry enough context to search, filter, and alert on.
01
The prompt is scoped
Confirm the prompt includes a stream, receiver, service, host, namespace, time window, or filtered result.
02
The answer can be checked
Confirm the answer points back to raw rows, repeated messages, fields, or receiver status used to produce it.
03
The pattern matches filters and histograms
Use filters, facets, and histograms to confirm the same pattern before turning a finding into an alert.
Prompts
Example diagnostic prompt and result shape
Good AI log diagnostics start with a scoped stream, receiver, service, or time range, then point back to the raw rows.
Scoped diagnostic prompts
text
1find exceptions in checkout-live from the last 30 minutes2summarize_errors for service checkout-api since 14:003why are no logs arriving for receiver edge-syslog?4check receiver health for the OTLP production receiver
Raw rows behind a summary
output
2026-04-25T14:21:09Z ERROR checkout-api PaymentGatewayTimeout order_id=ord_4921
2026-04-25T14:21:15Z ERROR checkout-api PaymentGatewayTimeout order_id=ord_4922
2026-04-25T14:21:22Z ERROR checkout-api PaymentGatewayTimeout order_id=ord_4923Useful summary shape
text
1Repeated PaymentGatewayTimeout errors appeared in checkout-api between 14:21:09 and 14:21:22.2The affected rows share service=checkout-api, level=ERROR, and error class PaymentGatewayTimeout.3Check the payment gateway dependency and retry budget for that window.
Prompts
Example diagnostic prompt and result shape
Good AI log diagnostics start with a scoped stream, receiver, service, or time range, then point back to the raw rows.
Scoped diagnostic prompts
text
1find exceptions in checkout-live from the last 30 minutes2summarize_errors for service checkout-api since 14:003why are no logs arriving for receiver edge-syslog?4check receiver health for the OTLP production receiver
Raw rows behind a summary
output
2026-04-25T14:21:09Z ERROR checkout-api PaymentGatewayTimeout order_id=ord_4921
2026-04-25T14:21:15Z ERROR checkout-api PaymentGatewayTimeout order_id=ord_4922
2026-04-25T14:21:22Z ERROR checkout-api PaymentGatewayTimeout order_id=ord_4923Useful summary shape
text
1Repeated PaymentGatewayTimeout errors appeared in checkout-api between 14:21:09 and 14:21:22.2The affected rows share service=checkout-api, level=ERROR, and error class PaymentGatewayTimeout.3Check the payment gateway dependency and retry budget for that window.
Related
Related pages
Related page
AI log analysis
Use Fluxtail for AI-assisted log analysis through MCP and built-in AI chat while keeping the raw logs available for verification.
Related page
Live log viewer
Watch production logs in real time with a live log viewer for readable streams, live tail, filters, and diagnostics.
Related page
Log management
Centralized log management with readable live tail, clear streams, and straightforward ingest.
Related page
OpenTelemetry logging
Learn how OpenTelemetry logging preserves service, resource, trace, and severity context with readable Fluxtail log views.
Related page
Live-tail incident response
Use live tail during incident response with streams, service filters, severity filters, facets, histograms, alerts, MCP diagnostics, and AI chat.
Related page
Log aggregation
Learn how log aggregation works across apps, hosts, syslog, containers, Kubernetes, OTLP, GELF, and collectors.
Next step
Send one real source and read the logs
The fastest check is to point one real source at Fluxtail and see whether the resulting stream is easier to read.
Point one real source at Fluxtail.
Create a receiver, send one source, and inspect the first stream.