Wazuh-MCP-Server

Wazuh-MCP-Server

16
security

Wazuh MCP Server is an open-source platform that facilitates the integration of Wazuh security data with large language models like Claude Desktop. It offers features such as JWT-based authentication, alert retrieval from Elasticsearch, and robust error handling.

Wazuh MCP Server

A production-grade, open-source MCP server designed for integrating Wazuh security data with LLMs like the Claude Desktop App.

Features

  • JWT-Based Authentication
  • Alert Retrieval
  • MCP Message Transformation
  • Flask HTTP Server
  • Robust Error Handling
  • Configurable

Prerequisites

  • Python 3.8+
  • Access to a Wazuh API instance

Installation

  1. Clone the Repository
  2. Create and Activate a Virtual Environment
  3. Install Dependencies
  4. Configure via Environment Variables

Running the Server

Start the server with the command python wazuh_mcp_server.py. The server listens on the specified port.

Integration with Claude Desktop

Update the configuration file to integrate the MCP server with Claude Desktop.