Wazuh MCP Server
JSON →A Rust-based server that integrates the Wazuh SIEM system with MCP-compatible applications.
Tools · 14
- get_wazuh_alert_summary Query recent security alerts to quickly identify and prioritize threats requiring immediate attention
- get_wazuh_vulnerability_summary Assess security posture of specific agents and prioritize patching efforts
- get_wazuh_critical_vulnerabilities Identify critical vulnerabilities for risk-based prioritization
- get_wazuh_agent_processes Investigate running processes on agents for threat hunting and system analysis
- get_wazuh_agent_ports Monitor open ports and network services to identify potential attack vectors
- get_wazuh_running_agents Track agent status and connectivity to ensure comprehensive security coverage
- get_wazuh_rules_summary Review and analyze security detection rules to optimize detection capabilities
- get_wazuh_weekly_stats Track system performance and statistics for operational monitoring
- get_wazuh_remoted_stats Monitor remoted daemon statistics for performance analysis
- get_wazuh_log_collector_stats Monitor log collector statistics for operational monitoring
- get_wazuh_cluster_health Monitor Wazuh cluster status for operational reliability
- get_wazuh_cluster_nodes Monitor Wazuh cluster nodes for infrastructure reliability
- search_wazuh_manager_logs Search and analyze manager logs for incident investigation
- get_wazuh_manager_error_logs Retrieve manager error logs for incident investigation
Environment variables
WAZUH_API_HOSTWAZUH_API_PORTWAZUH_INDEXER_HOSTWAZUH_INDEXER_PORT
Links
★ 209 GitHub stars