Configure observability agents for Now Assist

  • Release version: Australia
  • Updated May 27, 2026
  • 5 minutes to read

    • Configure observability agents for third-party application performance monitoring (APM) or network performance monitoring (NPM) vendors. These agents are invoked by the analyze alert impact agentic workflow. You must configure connections to those vendors before they can be invoked.

    Important:
    This agent is turned on by default. For more information, see Now Assist skills, agents, and agentic workflows on by default.

    After you configure the agent(s), they can surface information from alerts generated by third-party systems to help you investigate alerts and incidents in the Service Operations Workspace.

    Connections to vendors use MCP when possible, otherwise they use an API connection. You need connection and credential information to complete the connection process as shown in the following tables.

    Note:
    These agents are different from the data sources used in the Service Observability dashboards.

    Before you begin

    Before configuring the integration agents, you must do the following:

    Role required: connection_admin and credential_admin

    AWS CloudWatch MCP

    Connection information Value
    Agent name AWS CloudWatch MCP Server Agent
    Overview of data returned Alarm details, metric trend analysis, CloudWatch logs (anomalies, error patterns, log insights queries), CMDB resource context, correlated service metrics, and root cause analysis with recommended next steps
    Credential & Connection Alias name AWS CloudWatch MCP server
    Connection type MCP
    Returned data type APM
    Connection URL

    https://your-mcp-server-host/mcp

    This assumes you have deployed the CloudWatch MCP server using a MID Server instead of a publicly exposed EC2 instance. For more information about deploying the MCP server, see the AWS CloudWatch MCP Server — MID Server Deployment Guide [KB3030674] article in the Now Support Knowledge Base.
    Required credentials
    • AWS access key ID
    • AWS secret access key
    Required scope

    AWS IAM permissions:

    • cloudwatch:Describe*
    • cloudwatch:Get*
    • cloudwatch:List*
    • logs:Describe*
    • logs:Get*
    • logs:StartQuery
    • logs:StopQuery
    • logs:GetQueryResults

    AWS CloudWatch API

    Connection information Value
    Agent name AWS CloudWatch API Agent
    Overview of data returned Alarm details, metric trend analysis, CloudWatch logs (anomalies, error patterns, log insights queries), CMDB resource context, correlated service metrics, and root cause analysis with recommended next steps
    Credential & Connection Alias name AWS CloudWatch API Credentials
    Connection type API (MCP fallback mechanism)
    Returned data type APM
    Connection URL N/A
    Credential type AWS Credentials
    Authentication algorithm AWS CloudWatch Algorithm
    Required credentials
    • AWS access key ID
    • AWS secret access key
    Required scope

    AWS IAM permissions:

    • cloudwatch:Describe*
    • cloudwatch:Get*
    • cloudwatch:List*
    • logs:Describe*
    • logs:Get*
    • logs:StartQuery
    • logs:StopQuery
    • logs:GetQueryResults

    Datadog

    Connection information Value
    Agent name Datadog APM MCP Server Agent
    Overview of data returned Service health, distributed traces, triggered monitors, log analysis, incidents, SLO compliance, deployment events, and service dependencies
    Credential & Connection Alias name Datadog APM MCP Connection
    Connection type MCP
    Returned data type APM
    Connection URL https://mcp.datadoghq.com/api/unstable/mcp-server/mcp?toolsets=core,alerting,apm,error-tracking
    Required credentials
    • Datadog API key
    • Datadog application key
    Required scope N/A

    Dynatrace

    Connection information Value
    Agent name Dynatrace MCP Server Agent
    Overview of data returned Insights about logs, topology, recent changes, root causes, impacted entities, and environments.
    Credential & Connection Alias name Dynatrace MCP server
    Connection type MCP
    Returned data type APM
    Connection URL

    URL of your Dynatrace instance. Dynatrace URLs follow this format:

    https://<your-resource-name>.apps.dynatrace.com/platform-reserved/mcp-gateway/v0.1/servers/dynatrace-mcp/mcp
    Required credentials Platform token (must be prefixed with Bearer). For example, Bearer dt0s01.STABCDEF12345.G3HIJKLMNOP.
    Required scope

    IAM policy and group assignment that allows the following scopes:

    • davis-copilot:nl2dql:execute
    • davis-copilot:dql2nl:execute
    • davis-copilot:conversations:execute
    • davis:analyzers:read
    • davis:analyzers:execute
    • mcp-gateway:servers:invoke
    • mcp-gateway:servers:read
    • storage:buckets:read
    • storage:logs:read
    • storage:events:read
    • storage:security.events:read
    • storage:metrics:read
    • storage:bizevents:read
    • storage:spans:read
    • storage:entities:read
    • storage:smartscape:read
    • storage:system:read
    Required Dynatrace Intelligence settings
    • Enable generative AI
    • Enable document suggestions
    • Enable environment-aware queries

    Kentik

    Connection information Value
    Agent name Kentik analysis AI agent
    Overview of data returned Service network performance, connectivity, DDOS attacks, and anomalies
    Credential & Connection Alias name Kentik analysis AI agent
    Connection type API
    Returned data type APM
    Connection URL

    URL of your Kentik instance. Kentik URLs follow this format:

    https://<your-resource-name>.api.kentik.com
    Required credentials
    • User email
    • API token
    Required scope Can view devices

    New Relic

    Connection information Value
    Agent name New Relic MCP Server Agent
    Overview of data returned Service and user impact, root cause theories, and responsible teams.
    Credential & Connection Alias name New Relic MCP Connection
    Connection type MCP
    Returned data type APM
    Connection URL https://mcp.newrelic.com/mcp/
    Required credentials

    API key (also known as "User Key")

    Header name: api-key
    Required scope N/A

    Prometheus

    Connection information Value
    Agent name Prometheus API Agent
    Overview of data returned PromQL metric queries (CPU, memory, disk, network), active alerts, alert rule definitions, and scrape target health
    Credential & Connection Alias name Prometheus connection
    Connection type API
    Returned data type APM
    Connection URL https://<your-onprem-prometheus-server>
    Required credentials
    • MID Server Prometheus is installed on
    • User name (for outbound connection)
    • Password (for outbound connection)
    Required scope N/A

    SolarWinds

    Connection information Value
    Agent name SolarWinds analysis AI agent
    Overview of data returned On-premises data from SolarWinds Orion: node health/status, CPU/memory, packet loss/latency, interface utilization/errors/discards, active alerts/history, affected entities/services, and trend/baseline metrics used for root-cause investigation
    Credential & Connection Alias name SolarWinds AI Agent
    Connection type API
    Returned data type NPM
    Connection URL https://<your-onprem-solarwinds-server>
    Required credentials
    • MID Server SolarWinds is installed on
    • User name
    • Password
    Required scope SolarWinds Orion API/SWQL read access (NPM/APM) via MID Server

    Splunk

    Connection information Value
    Agent name Splunk MCP Server Agent
    Overview of data returned SPL query results from Splunk indexes, index/sourcetype metadata, and structured investigation findings including affected entities, root cause analysis, and recommended actions
    Credential & Connection Alias name Splunk MCP Connection
    Connection type MCP
    Returned data type APM
    Connection URL https://<your-splunk-instance>.splunkcloud.com
    Required credentials Splunk MCP token
    Required scope

    For Splunk token generation:

    • mcp_user role (or any role with mcp_tool_execute) required for all MCP tool calls
    • Search capability and read access to the relevant indexes for running queries
    • Knowledge object read permissions for Get Knowledge Objects
    • Token must be generated using the Splunk MCP Server app with audience = mcp (not a standard Splunk API token)

    ThousandEyes

    Connection information Value
    Agent name ThousandEyes MCP Server Agent
    Overview of data returned Test configuration and status, aggregated metrics (response time, packet loss, latency, jitter, throughput, availability), metric anomalies with deviation analysis, network events and routing changes, ISP/network outages with provider and ASN details, hop-by-hop path visualization, and root cause analysis with ranked probable causes and recommended next steps
    Credential & Connection Alias name ThousandEyes MCP Connection
    Connection type MCP
    Returned data type NPM
    Connection URL https://api.thousandeyes.com/mcp
    Required credentials API key prefixed with Bearer. For example, Bearer <api-key>.
    Required scope ThousandEyes API access with permissions to read tests, metrics, anomalies, events, outages, and path visualization data

    Procedure

    1. Navigate to All > sys_alias.LIST.
    2. Search for and select the vendor's connection name as shown in the preceding tables.
    3. Select Create New Connection & Credential.
    4. Fill in the form, using the information in the preceding tables.
    5. Select Create.

      Your connection appears in the Connections tab.

    The agents are now ready to be used by the analyze alert impact agentic workflow