mcp-server-splunk
Verified Safeby pahar0
Overview
Enables AI assistants to interact with Splunk for searching, managing, and analyzing data.
Installation
npx @modelcontextprotocol/inspector uv run mcp-server-splunkEnvironment Variables
- SPLUNK_HOST
- SPLUNK_PORT
- SPLUNK_USERNAME
- SPLUNK_PASSWORD
- SPLUNK_TOKEN
- SPLUNK_SCHEME
Security Notes
The server uses environment variables for Splunk authentication (token or username/password), which is a good practice. It does not contain hardcoded secrets or direct use of Python's `eval`. However, several tools (e.g., `search_splunk`, `create_dashboard`, `update_server_settings`, and others that accept SPL queries or raw configuration content) directly incorporate string arguments into Splunk SPL queries, XML configurations, or API calls. If these inputs are sourced from untrusted user input without proper sanitization by the AI client, they could lead to injection vulnerabilities (e.g., arbitrary SPL execution, XML injection, configuration manipulation). The server relies on the calling AI client to ensure input validity and safety, which is a critical consideration for deployment.
Similar Servers
kubernetes-mcp-server
Facilitates AI agent interaction with Kubernetes and OpenShift clusters by exposing management and observability tools via the Model Context Protocol.
mcp-server-elasticsearch
Connects Model Context Protocol (MCP) clients to Elasticsearch instances, enabling natural language queries and interactions with Elasticsearch indices and data.
mcp-apache-spark-history-server
Connect AI agents to Apache Spark History Server for intelligent job analysis and performance monitoring.
mcp-zap-server
Orchestrates OWASP ZAP security scanning actions (spider, active scan, OpenAPI import, reporting) via the Model Context Protocol, enabling AI agents like Claude Desktop or Cursor to perform security testing.