The Splunk MCP tool provides a natural language interface to Splunk Enterprise/Cloud operations, enabling AI assistants to execute searches, manage indexes, handle users, and perform KV store operations. Built with Python using FastMCP and the Splunk SDK, it features async support for better performance, detailed logging with emoji indicators, and flexible SSL configuration options. The implementation can run in both STDIO mode for command-line integration and SSE mode for web server integration, making it particularly valuable for security analysts and system administrators who need to query and manage Splunk resources through conversational interfaces.
まだレビューはありません. 最初のレビューを投稿しましょう!
会話に参加するにはサインインしてください
Highlight AILists all available MCP tools with their descriptions and parameters.
Returns a list of available Splunk apps to verify connectivity.
Simple ping endpoint to verify MCP server is alive.
Returns information about the currently authenticated user.
Returns a list of all users and their roles.
Returns a list of all accessible Splunk indexes.
Returns detailed information about a specific index. Parameters: index_name (string).
Returns a comprehensive list of indexes and their sourcetypes.
Executes a Splunk search query. Parameters: search_query (string), earliest_time (string, optional), latest_time (string, optional), max_results (integer, optional).
Returns a list of saved searches in the Splunk instance.
Lists all KV store collections.
Creates a new KV store collection. Parameters: collection_name (string).
Deletes an existing KV store collection. Parameters: collection_name (string).
