winlog-mcp
0
WinLog-mcp is a tool designed for retrieving and analyzing Windows event logs using the Model Context Protocol (MCP). It supports security monitoring, incident response, and log analysis through programmatic access to Sysmon logs.
🪟 WinLog-mcp
A Model Context Protocol (MCP) tool for retrieving and analyzing Windows event logs such as Application, System, and Security. It provides programmatic access for ingesting and querying Windows event logs, ideal for security monitoring, incident response, and log analysis automation.
✨ Features
- Ingest Windows Sysmon logs and store them as files in a given directory
- Query logs by timestamp for analysis or troubleshooting
- Seamless interoperability with MCP tools and ecosystem
📋 Requirements
- Operating System: Windows
- Python: 3.7 or higher
- Dependencies:
- pywin32
- mcp.server.fastmcp
📄 License
Licensed under the MIT License.