Wazuh OpenSearch Analytics
Summary
MCP-OpenSearch-JS is a server that enables AI assistants to query and analyze Wazuh security logs stored in OpenSearch databases. The implementation provides tools for searching alerts, exploring field values, monitoring logs in real-time, visualizing alert trends, and retrieving detailed information about specific security events. Built with FastMCP and the OpenSearch client library, it features robust error handling, progress reporting for long-running operations, and configurable timeouts to prevent connection issues. This server is particularly valuable for security analysts who need to investigate security incidents, generate statistics on alert patterns, or monitor security events without leaving their AI assistant interface.
Available Actions(4)
searchAlerts
Search for security alerts in Wazuh data. Parameters: query (string), timeRange (string), maxResults (integer), index (string)
getAlertDetails
Get detailed information about a specific alert by ID. Parameters: id (string), index (string)
alertStatistics
Get statistics about security alerts. Parameters: timeRange (string), field (string), index (string)
visualizeAlertTrend
Visualize alert trends over time. Parameters: timeRange (string), interval (string), query (string), index (string)
社区评论
暂无评论. 成为第一个评论的人!
登录以参与讨论
