splunk-mcp
The Splunk MCP Tool is a robust utility for interacting with Splunk Enterprise and Cloud using natural language through various modes such as SSE and API. It provides comprehensive capabilities for data search, index management, KV store operations, and detailed logging for improved system interaction.
What are the operating modes of Splunk MCP?
Splunk MCP operates in three modes: SSE Mode for real-time web-based interactions, API Mode for RESTful API access, and STDIO Mode for direct integration with AI assistants.
How can I install Splunk MCP locally?
Clone the repository, install dependencies using Poetry, and configure your settings in the .env file with your Splunk credentials.
What are the prerequisites for using Splunk MCP?
You need Python 3.10 or higher, Poetry for dependency management, a Splunk Enterprise/Cloud instance, and appropriate Splunk credentials.
How does Splunk MCP handle errors?
Splunk MCP includes consistent error handling for invalid search commands, insufficient permissions, resource not found, invalid input validation, unexpected server errors, and connection issues with the Splunk server.
Can Splunk MCP be used with Docker?
Yes, Splunk MCP can be installed and run using Docker. You can pull the latest image and run it using Docker Compose.