Accept all cookies
Cookie settings
×

We use cookies to improve your experience on our site. By using our site, you are agreeing to the collection and use of data as described in our Privacy Policy.

Cookie Settings×

Table of contents

toc link
Add secure integrations to your products and AI agents with ease via Merge.
Get a demo
Just for you
AI agent governance: key aspects, benefits, and platforms
A guide to authenticating AI agents

MCP observability: overview, benefits, and best practices

Jon Gitlin
Senior Content Marketing Manager
at Merge

Once you begin integrating your AI agents with Model Context Protocol (MCP) servers' tools, you’ll need clear visibility into the tool calls your agents make to identify and troubleshoot potential security and performance issues.

To that end, we’ll break down how you should observe MCP servers and the 3rd-party tooling that can help. But first, let’s walk through how MCP observability works.

What is MCP observability?

It’s the process of monitoring and reviewing your agents’ tool calls within an MCP server, with the goal of ensuring secure, compliant, and reliable agent behavior.

Performing MCP observability effectively requires several components:

  • Fully-searchable logs: Each log should show the MCP server that was used, the specific tool(s) that was called, the user or system that triggered the tool call, the date of the tool call, and how long the tool call lasted end to end
Merge Agent Handler’s logs also let you see the arguments passed into a given tool call and the results from the call
  • Audit trails: Track who makes actions on MCP servers, such as adding or modifying specific tools in an MCP server
  • Alerts: Get notified when your agents use MCP servers in unintended and harmful ways and set actions based on those events. For example, you can log the event in your engineer’s monitoring solution (e.g., Datadog) and/or notify specific teams (e.g., IT) in a platform like Slack  
You can set custom alerts in Merge Agent Handler based on pre-defined rules and see rule violations over time (as shown above) to identify broader trends

Related: What is AI agent observability?

Why MCP observability is important

Here are just a few reasons why you should monitor your agents’ interactions with MCP servers.

Minimizes security issues

By seeing potentially harmful agentic actions on time, your team can address them quickly and before they impact anyone.

Your team can also then address the underlying issues, such as setting policies or rules that prevent your agents from sharing the data externally.

Helps you comply with data privacy and protection regulations

Security and data protection regulations like GDPR require organizations to maintain transparent, easily-accessible records of how sensitive data is accessed and used.

Since MCP observability offers this level of visibility through detailed logs and audit trails, the process of demonstrating compliance over time will be straightforward.

Optimizes your agents’ performance

Having visibility on the length of time it takes to make a tool call, whether the right tools are consistently invoked, and how frequently those calls succeed or fail lets you make targeted performance improvements.

This can be setting logic that lets you avoid slow or unreliable tools and tightening prompt routing to reduce mis-invocations.

Lets you avoid problematic MCP servers

Many MCP servers were created for marketing purposes; they may not be secure, offer all the tools you need, have comprehensive tool descriptions, and so on.

MCP observability lets you verify when this is the case so you can replace it with a better alternative, quickly.

Related: The challenges of using MCP servers

MCP observability best practices

Here are just a few best practices to follow to observe any MCP server effectively.

Set severity-based policies for your agents’ actions

If an action isn’t necessarily bad or actionable but is worth noting, you should set a policy to log it; while if an action would be more problematic and requires immediate attention, you can set a policy to redact sensitive fields or block the call entirely. 

Your MCP observability layer should then capture every tool call along with the evaluated policy and its outcome. This allows you to filter policy violations by severity, blocked actions, or redaction events so your team can investigate and respond quickly.

Merge Agent Handler not only lets you detect policy/rule violations but also filter them by connector (or MCP server), tool, and more

Test the MCP servers first

This requires more work upfront but it saves your team a lot of time and effort in observing and managing tool calls across MCP servers.

You can test any MCP server you plan to use in a number of ways. Here are just a couple of effective methods:

  • Evaluate tool call consistency: For a given input, you can define expected (reference) tool calls, the tool call order, and arguments for a model. You can then use a test input to verify whether the model uses the same tools, in the same order, with matching argument values
Merge Agent Handler’s reference tool calls match evaluator lets you enforce the exact same call order and/or require argument-level matches for an evaluation to pass
  • Assess output quality: You can define all of the potential outputs from a given input and model, and clarify the output responses that should pass. You can then test an input to see if it passes based on your criteria
Merge Agent Handler’s label model evaluator lets you define possible output labels and specify which labels count as passing results

Related: How to test your agents

Outsource MCP observability tooling

MCP observability requires your engineers to build and maintain custom monitoring pipelines, data ingestion, alerting, and visual UIs with all of the data your security, product and/or IT teams need. All of this distracts your engineers from their core work, like building new agents and improving existing ones.

Purpose-built MCP observability solutions, like Merge Agent Handler, take this work off your engineers’ plates and provide the intuitive and powerful features your less technical teams—like PMs and IT—need to monitor and improve any agents’ tool calls.

In addition, a solution like Merge Agent Handler lets you access enterprise-grade, customizable MCP servers and tools to help you securely connect your agents to any tool.

{{this-blog-only-cta}}

Jon Gitlin
Senior Content Marketing Manager
@Merge

Jon Gitlin is the Managing Editor of Merge's blog. He has several years of experience in the integration and automation space; before Merge, he worked at Workato, an integration platform as a service (iPaaS) solution, where he also managed the company's blog. In his free time he loves to watch soccer matches, go on long runs in parks, and explore local restaurants.

Read more

How we built an opinionated design system that enables our engineers to ship faster

Engineering

Introducing Merge Agent Handler: One platform to connect, govern, and monitor your AI agents

Company

How to test AI agents effectively (5 tips)

AI

Subscribe to the Merge Blog

Get stories from Merge straight to your inbox

Subscribe

Ready to start observing your agents' tool calls?

You can evaluate Merge Agent Hander’s observability features and tool-calling capabilities by signing up for a free account.

Sign up for free

Get our best content every week

Our weekly newsletter provides the best practices you need to build high performing product integrations.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
But Merge isn’t just a Unified 
API product. Merge is an integration platform to also manage customer integrations.  gradient text
But Merge isn’t just a Unified 
API product. Merge is an integration platform to also manage customer integrations.  gradient text
But Merge isn’t just a Unified 
API product. Merge is an integration platform to also manage customer integrations.  gradient text
But Merge isn’t just a Unified 
API product. Merge is an integration platform to also manage customer integrations.  gradient text