Skip to main content
Glama

Chronicle SecOps MCP Server

by emeryray2002

get_security_alerts

Retrieve active security alerts from Google's Chronicle SecOps MCP Server by specifying project, customer ID, time range, and alert status filters for streamlined threat monitoring.

Instructions

Get security alerts from Chronicle.

Args: project_id: Google Cloud project ID (defaults to config) customer_id: Chronicle customer ID (defaults to config) hours_back: How many hours to look back (default: 24) max_alerts: Maximum number of alerts to return (default: 10) status_filter: Query string to filter alerts by status (default: exclude closed) region: Chronicle region (defaults to config)
Returns: Formatted string with security alerts

Input Schema

NameRequiredDescriptionDefault
customer_idNo
hours_backNo
max_alertsNo
project_idNo
regionNo
status_filterNofeedback_summary.status != "CLOSED"

Input Schema (JSON Schema)

{ "properties": { "customer_id": { "default": null, "title": "Customer Id", "type": "string" }, "hours_back": { "default": 24, "title": "Hours Back", "type": "integer" }, "max_alerts": { "default": 10, "title": "Max Alerts", "type": "integer" }, "project_id": { "default": null, "title": "Project Id", "type": "string" }, "region": { "default": null, "title": "Region", "type": "string" }, "status_filter": { "default": "feedback_summary.status != \"CLOSED\"", "title": "Status Filter", "type": "string" } }, "title": "get_security_alertsArguments", "type": "object" }

Other Tools from Chronicle SecOps MCP Server

Related Tools

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/emeryray2002/mcp-secops-v3'

If you have feedback or need assistance with the MCP directory API, please join our Discord server