Extending AWS DevOps Agent network investigations with S3 logs and custom MCP on Amazon Bedrock AgentCore
Networking & Content Delivery Blog
This article explains how to extend AWS DevOps Agent investigations beyond API logs by integrating S3-stored logs and custom MCP servers to diagnose network and application layer failures.
- DevOps Agent correlates CloudTrail, ALB access logs, VPC Flow Logs, and packet captures for root cause analysis
- ALB access logs reveal 502 errors with -1 timing values indicating failed backend connections
- Custom PCAP MCP Server on AgentCore Runtime analyzes packet captures to detect TLS/SNI mismatches
- CloudWatch Alarm descriptions guide DevOps Agent to relevant S3 buckets and data sources
- DevOps Agent Skills provide reusable investigation playbooks for domain-specific troubleshooting patterns
- Agent Space IAM role requires scoped read-only S3 permissions for each log bucket
- GitHub repository provides fully functional demo with six networking failure scenarios
By combining alarm metadata, S3 log access, and custom MCP servers, DevOps Agent can automatically investigate failures invisible to API logs and standard metrics.
The AWS News Feed is currently looking for gold sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.
Related articles
2026
2026
2026
2026
The AWS News Feed is currently looking for silver sponsors. If you want to support the AWS community and reach a large audience of AWS professionals, consider sponsoring the AWS News Feed.