Wazuh OpenSearch Analytics
Summary
MCP-OpenSearch-JS is a server that enables AI assistants to query and analyze Wazuh security logs stored in OpenSearch databases. The implementation provides tools for searching alerts, exploring field values, monitoring logs in real-time, visualizing alert trends, and retrieving detailed information about specific security events. Built with FastMCP and the OpenSearch client library, it features robust error handling, progress reporting for long-running operations, and configurable timeouts to prevent connection issues. This server is particularly valuable for security analysts who need to investigate security incidents, generate statistics on alert patterns, or monitor security events without leaving their AI assistant interface.
Available Actions(4)
searchAlerts
Search for security alerts in Wazuh data. Parameters: query (string), timeRange (string), maxResults (integer), index (string)
getAlertDetails
Get detailed information about a specific alert by ID. Parameters: id (string), index (string)
alertStatistics
Get statistics about security alerts. Parameters: timeRange (string), field (string), index (string)
visualizeAlertTrend
Visualize alert trends over time. Parameters: timeRange (string), interval (string), query (string), index (string)
커뮤니티 리뷰
아직 리뷰가 없습니다. 첫 번째 리뷰를 작성해 보세요!
대화에 참여하려면 로그인하세요
