mcp-server-wazuh
Verified Safeby gbrigandi
Overview
This Rust-based server acts as a bridge between a Wazuh SIEM system and applications requiring contextual security data, especially for AI assistants using the Model Context Protocol (MCP).
Installation
cargo run --bin mcp-server-wazuhEnvironment Variables
- WAZUH_API_HOST
- WAZUH_API_PORT
- WAZUH_API_USERNAME
- WAZUH_API_PASSWORD
- WAZUH_INDEXER_HOST
- WAZUH_INDEXER_PORT
- WAZUH_INDEXER_USERNAME
- WAZUH_INDEXER_PASSWORD
Security Notes
The server's tools primarily provide read-only access to Wazuh data, limiting the impact of potential misuse. It properly externalizes sensitive credentials to environment variables. However, the default setting of `WAZUH_VERIFY_SSL=false` for Wazuh API and Indexer connections is explicitly insecure and should be set to `true` in production environments after ensuring proper certificate validation.
Similar Servers
hyper-mcp
A fast, secure Model Context Protocol (MCP) server that extends its capabilities through WebAssembly plugins, enabling AI agents to access tools, resources, and prompts.
Wazuh-MCP-Server
Provides an MCP-compliant remote server for seamless integration between AI assistants (like Claude Desktop) and the Wazuh SIEM platform, enabling natural language security operations.
mcp-framework
A Rust framework for building AI agents with built-in Model Context Protocol (MCP) support, multi-LLM integration, and a web-based inspector for debugging.
deliberate-thinking
Enables AI assistants to engage in dynamic, structured, and revisable problem-solving through sequential thoughts.