This MCP server provides a bridge to Google's Chronicle Security Operations suite, enabling AI assistants to perform security analysis tasks through a standardized interface. Built with Python using the FastMCP framework, it offers tools for searching security events, retrieving alerts, looking up entities (IPs, domains, hashes), listing detection rules, and getting IoC matches. The implementation handles authentication through Google Cloud credentials and supports configurable parameters like time ranges and result limits. It's particularly valuable for security analysts who want to leverage AI assistants for threat hunting, incident investigation, and security monitoring without leaving their conversation interface.
まだレビューはありません. 最初のレビューを投稿しましょう!
会話に参加するにはサインインしてください
Search for security events in Chronicle with customizable queries.
Get security alerts from Chronicle.
Look up information about an entity (IP, domain, hash).
List security detection rules from Chronicle.
Get Indicators of Compromise (IoCs) matches from Chronicle.
