Wazuh-MCP-Server
Wazuh MCP Server is an open-source platform that facilitates the integration of Wazuh security data with large language models like Claude Desktop. It offers features such as JWT-based authentication, alert retrieval from Elasticsearch, and robust error handling.
What is the purpose of the Wazuh MCP Server?
The Wazuh MCP Server is designed to integrate Wazuh security data with LLMs like the Claude Desktop App, providing real-time security context through an HTTP endpoint.
How does the server authenticate with Wazuh?
The server uses JWT-based authentication to securely connect with the Wazuh RESTful API.
What kind of data transformation does the server perform?
The server transforms Wazuh security events into MCP-compliant JSON messages for standardized communication.
Can the server handle network issues?
Yes, the server includes robust error handling for token expiration, network timeouts, and malformed data.
Is the server configurable?
Yes, the server is highly configurable via environment variables, allowing easy integration with Claude Desktop.