The Model Context Protocol (MCP) is a framework for connecting AI agents to data sources such as APIs and databases, but its early-stage security standards make MCP servers vulnerable to attacks like tool poisoning, rug pulls, and injection attacks. Effective monitoring of MCP server interactions requires understanding operational and audit logs, which provide insights into routine events and security-relevant actions. Since MCP servers facilitate connections between models and external resources, attackers often target these servers to exploit vulnerabilities through tool calls. Monitoring abnormal tool call patterns, such as spikes in frequency or unauthorized access attempts, can help detect potential threats. Self-hosted MCP servers allow for more control over logging, crucial for detecting SQL and command injection attempts, which can occur via tool calls if harmful query inputs are not sanitized. Correlating MCP logs with other identity and activity logs can enhance the detection of compromised accounts, and fine-tuning detection rules based on specific characteristics of MCP servers can improve the identification of unusual activities. As MCP implementations mature, monitoring additional patterns like tool substitution or credential exposure can broaden detection coverage, and using tools like Datadog Cloud SIEM can aid in enriching and investigating MCP logs for security purposes.