Skip to main content
Glama

Chronicle SecOps MCP Server

by emeryray2002

get_security_alerts

Retrieve and monitor security alerts from Google's Chronicle SecOps platform. Configure parameters like time range, alert count, and status filters to streamline threat detection and response.

Instructions

Get security alerts from Chronicle.

Args: project_id: Google Cloud project ID (defaults to config) customer_id: Chronicle customer ID (defaults to config) hours_back: How many hours to look back (default: 24) max_alerts: Maximum number of alerts to return (default: 10) status_filter: Query string to filter alerts by status (default: exclude closed) region: Chronicle region (defaults to config) Returns: Formatted string with security alerts

Input Schema

NameRequiredDescriptionDefault
customer_idNo
hours_backNo
max_alertsNo
project_idNo
regionNo
status_filterNofeedback_summary.status != "CLOSED"

Input Schema (JSON Schema)

{ "properties": { "customer_id": { "default": null, "title": "Customer Id", "type": "string" }, "hours_back": { "default": 24, "title": "Hours Back", "type": "integer" }, "max_alerts": { "default": 10, "title": "Max Alerts", "type": "integer" }, "project_id": { "default": null, "title": "Project Id", "type": "string" }, "region": { "default": null, "title": "Region", "type": "string" }, "status_filter": { "default": "feedback_summary.status != \"CLOSED\"", "title": "Status Filter", "type": "string" } }, "title": "get_security_alertsArguments", "type": "object" }
Install Server

Other Tools from Chronicle SecOps MCP Server

Related Tools

    MCP directory API

    We provide all the information about MCP servers via our MCP API.

    curl -X GET 'https://glama.ai/api/mcp/v1/servers/emeryray2002/mcp-secops-v3'

    If you have feedback or need assistance with the MCP directory API, please join our Discord server