MCP-OpenSearch-JS is a server that enables AI assistants to query and analyze Wazuh security logs stored in OpenSearch databases. The implementation provides tools for searching alerts, exploring field values, monitoring logs in real-time, visualizing alert trends, and retrieving detailed information about specific security events. Built with FastMCP and the OpenSearch client library, it features robust error handling, progress reporting for long-running operations, and configurable timeouts to prevent connection issues. This server is particularly valuable for security analysts who need to investigate security incidents, generate statistics on alert patterns, or monitor security events without leaving their AI assistant interface.
暂无评论. 成为第一个评论的人!
登录以参与讨论
Highlight AISearch for security alerts in Wazuh data. Parameters: query (string), timeRange (string), maxResults (number), index (string)
Get detailed information about a specific alert by ID. Parameters: id (string), index (string)
Get statistics about security alerts. Parameters: timeRange (string), field (string), index (string)
Visualize alert trends over time. Parameters: timeRange (string), interval (string), query (string), index (string)
