Model Context Protocol (MCP) server for Graylog log searching. It enables searching logs by absolute timestamps (from/to) or relative ranges, with optional stream filtering to focus on specific applications. The server exposes four MCP tools: search_logs_absolute, search_logs_relative, list_streams, and get_system_info, each providing structured queries and JSON results. It enforces comprehensive input validation, including ISO 8601 timestamps, Elasticsearch syntax, and valid stream IDs, and returns actionable error messages for authentication, network, and API issues. A built-in health check verifies Graylog connectivity and provides system information such as version, timezone, and cluster id. Timeouts are capped at 30 seconds to prevent hanging requests. The project emphasizes production-readiness, backed by extensive tests (54 tests) and a code quality score of 9.2/10. Configuration supports Claude Desktop integration, with environment variables BASE_URL and API_TOKEN, or via npx/local invocation. The architecture is documented as a simple, single-file MCP server with clear separation of concerns and robust error handling.