Splunk
Summary
The Splunk MCP tool provides a natural language interface to Splunk Enterprise/Cloud operations, enabling AI assistants to execute searches, manage indexes, handle users, and perform KV store operations. Built with Python using FastMCP and the Splunk SDK, it features async support for better performance, detailed logging with emoji indicators, and flexible SSL configuration options. The implementation can run in both STDIO mode for command-line integration and SSE mode for web server integration, making it particularly valuable for security analysts and system administrators who need to query and manage Splunk resources through conversational interfaces.
Available Actions(13)
list_tools
Lists all available MCP tools with their descriptions and parameters
health_check
Returns a list of available Splunk apps to verify connectivity
ping
Simple ping endpoint to verify MCP server is alive
current_user
Returns information about the currently authenticated user
list_users
Returns a list of all users and their roles
list_indexes
Returns a list of all accessible Splunk indexes
get_index_info
Returns detailed information about a specific index. Parameters: index_name (string)
indexes_and_sourcetypes
Returns a comprehensive list of indexes and their sourcetypes
search_splunk
Executes a Splunk search query. Parameters: search_query (string), earliest_time (string, optional), latest_time (string, optional), max_results (integer, optional)
list_saved_searches
Returns a list of saved searches in the Splunk instance
list_kvstore_collections
Lists all KV store collections
create_kvstore_collection
Creates a new KV store collection. Parameters: collection_name (string)
delete_kvstore_collection
Deletes an existing KV store collection. Parameters: collection_name (string)
커뮤니티 리뷰
아직 리뷰가 없습니다. 첫 번째 리뷰를 작성해 보세요!
대화에 참여하려면 로그인하세요
