Chronicle SecOps MCP Server

by emeryray2002

Apache 2.0

Overview InspectNew Schema Related Servers Reviews Score

get_ioc_matches

Retrieve Indicators of Compromise (IoCs) matches from Google Chronicle within a specified time frame. Configure project, customer ID, region, and limit matches to enhance threat detection and response.

Instructions

Get Indicators of Compromise (IoCs) matches from Chronicle.

Args:
    project_id: Google Cloud project ID (defaults to config)
    customer_id: Chronicle customer ID (defaults to config)
    hours_back: How many hours to look back (default: 24)
    max_matches: Maximum number of matches to return (default: 20)
    region: Chronicle region (defaults to config)
    
Returns:
    Formatted string with IoC matches

Input Schema

Name	Required	Description	Default
`customer_id`	No
`hours_back`	No
`max_matches`	No
`project_id`	No
`region`	No

Input Schema (JSON Schema)

{
  "properties": {
    "customer_id": {
      "default": null,
      "title": "Customer Id",
      "type": "string"
    },
    "hours_back": {
      "default": 24,
      "title": "Hours Back",
      "type": "integer"
    },
    "max_matches": {
      "default": 20,
      "title": "Max Matches",
      "type": "integer"
    },
    "project_id": {
      "default": null,
      "title": "Project Id",
      "type": "string"
    },
    "region": {
      "default": null,
      "title": "Region",
      "type": "string"
    }
  },
  "title": "get_ioc_matchesArguments",
  "type": "object"
}

Install Server

HTTP connection URL

Other Tools from Chronicle SecOps MCP Server

Related Tools

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/emeryray2002/mcp-secops-v3'

If you have feedback or need assistance with the MCP directory API, please join our Discord server