Wazuh MCP Server

Overview Schema Related Servers Score Discussions

Wazuh-MCP-Server

.env.example•2.29 KiB

# Wazuh MCP Server Configuration # Production-ready MCP-compliant server for Wazuh SIEM integration # Copy to .env and update with your settings # === Wazuh Configuration === WAZUH_HOST=https://your-wazuh-server.com WAZUH_USER=your-api-user WAZUH_PASS=your-api-password WAZUH_PORT=55000 # === MCP Server Configuration === # Host to bind to (use 127.0.0.1 for local only, 0.0.0.0 for all interfaces) MCP_HOST=127.0.0.1 MCP_PORT=3000 # === Authentication === # Auth mode: bearer (default), oauth, or none (authless) AUTH_MODE=bearer # SECURITY: Generate a secure secret key for production! # Run: openssl rand -hex 32 AUTH_SECRET_KEY=CHANGE_ME_GENERATE_WITH_openssl_rand_hex_32 # Token lifetime in hours TOKEN_LIFETIME_HOURS=24 # === API Key Configuration (Recommended for production) === # Simple single API key configuration - generate with: # python -c "import secrets; print('wazuh_' + secrets.token_urlsafe(32))" # If not set, server auto-generates a key and displays it on startup # MCP_API_KEY=wazuh_your-generated-key-here # Advanced: Multiple API keys (JSON array format) # Only use if you need multiple keys with different scopes # API_KEYS=[{"id":"key1","name":"Production","key_hash":"...","scopes":["wazuh:read"]}] # === CORS Configuration === # Comma-separated list of allowed origins ALLOWED_ORIGINS=https://claude.ai,https://*.anthropic.com,http://localhost:* # === SSL Configuration (Optional) === # For HTTPS support # SSL_KEYFILE=/path/to/privkey.pem # SSL_CERTFILE=/path/to/fullchain.pem # === Logging === LOG_LEVEL=INFO # === Wazuh SSL === # SECURITY: Set WAZUH_VERIFY_SSL=true in production! # Only set to false for development with self-signed certificates WAZUH_VERIFY_SSL=true # WAZUH_ALLOW_SELF_SIGNED=true # Uncomment only for dev/testing # === Wazuh Indexer Configuration (Required for Wazuh 4.8.0+) === # The vulnerability API was removed in Wazuh 4.8.0 and replaced with Indexer queries. # Configure these settings to enable vulnerability tools. # WAZUH_INDEXER_HOST=your-wazuh-indexer.com # WAZUH_INDEXER_PORT=9200 # WAZUH_INDEXER_USER=admin # WAZUH_INDEXER_PASS=admin # === Session Storage (Serverless Ready) === # Optional Redis URL for serverless/multi-instance deployments # If not set, uses in-memory storage (single-instance only) # REDIS_URL=redis://localhost:6379/0 # SESSION_TTL_SECONDS=1800

Loading blob content...

Latest Blog Posts

Redis vs ioredis vs valkey-glide
By punkpeye on January 26, 2026.
benchmark
Redis
valkey
Quickstart: Publish an MCP Server to the MCP Registry
By punkpeye on January 24, 2026.
mcp
official reference mirror
Official MCP Registry Server.json Requirements
By punkpeye on January 24, 2026.
mcp
official reference mirror

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/gensecaihq/Wazuh-MCP-Server'

If you have feedback or need assistance with the MCP directory API, please join our Discord server

.env.example•2.29 KiB