splunk-mcp
33
The Splunk MCP Tool is a robust utility for interacting with Splunk Enterprise and Cloud using natural language through various modes such as SSE and API. It provides comprehensive capabilities for data search, index management, KV store operations, and detailed logging for improved system interaction.
Splunk MCP (Model Context Protocol) Tool
A FastMCP-based tool for interacting with Splunk Enterprise/Cloud through natural language. It offers various capabilities including searching Splunk data, managing KV stores, and accessing Splunk resources with ease.
Operating Modes
- SSE Mode: Real-time, web-based interaction through Server-Sent Events.
- API Mode: RESTful API endpoints available.
- STDIO Mode: Uses standard input/output for direct integration.
Features
- Execute Splunk searches using natural language queries.
- Manage Splunk indexes and users.
- Create and manage KV store collections.
- Supports async operations for performance.
- Detailed logging and error handling.
Usage
- Local and Docker installation options.
- Supports three modes of operation (SSE is default).