Skip to main content
Glama

Windows Diagnostics MCP Server

by jackalterman

Windows Diagnostics MCP Server

A Model Context Protocol (MCP) server that provides Windows system diagnostic capabilities to AI agents. This server allows agents to access Windows event logs, crash information, system uptime, and stability analysis.

Features

  • System Diagnostics: Comprehensive analysis of Windows events, crashes, and system health
  • BSOD Detection: Identifies Blue Screen of Death events and critical system errors
  • Shutdown Analysis: Tracks expected and unexpected system shutdowns
  • Application Crash Monitoring: Monitors application crashes and failures
  • System Stability Scoring: Provides stability analysis with actionable recommendations
  • Uptime Tracking: Reports system uptime and boot information

Installation

Prerequisites

  • Windows 10/11 or Windows Server
  • Node.js 18+
  • PowerShell 5.1+ (built into Windows)
  • Administrator privileges (recommended for full functionality)

Setup Steps

  1. Clone or download the files:
    mkdir windows-diagnostics-mcp cd windows-diagnostics-mcp
  2. Save the TypeScript server code as src/index.ts
  3. Create package.json with the provided configuration
  4. Create tsconfig.json with the provided TypeScript configuration
  5. Install dependencies:
    npm install
  6. Build the server:
    npm run build

Configuration

For Claude Desktop

Add this to your Claude Desktop configuration file (%APPDATA%\Claude\claude_desktop_config.json):

{ "mcpServers": { "windows-diagnostics": { "command": "node", "args": ["C:\\path\\to\\your\\windows-diagnostics-mcp\\build\\index.js"], "env": { "NODE_ENV": "production" } } } }

For Other MCP Clients

The server can be started with:

node build/index.js

Available Tools

The MCP server provides the following tools that agents can use:

1. get_system_diagnostics

Comprehensive system diagnostic report including all event types.

Parameters:

  • daysBack (number, default: 7): Days to look back for events
  • detailed (boolean, default: false): Include detailed event information

2. get_shutdown_events

Get shutdown and reboot events only.

Parameters:

  • daysBack (number, default: 7): Days to look back for events

3. get_bsod_events

Get Blue Screen of Death (BSOD) events.

Parameters:

  • daysBack (number, default: 7): Days to look back for events

4. get_system_uptime

Get current system uptime and boot information.

Parameters: None

5. analyze_system_stability

Analyze system stability and provide recommendations.

Parameters:

  • daysBack (number, default: 30): Days to analyze for stability assessment

Usage Examples

Once configured with an MCP-compatible client, agents can use commands like:

  • "Check my system for any crashes in the last week"
  • "Analyze my Windows system stability"
  • "Show me recent BSOD events"
  • "What's my current system uptime?"
  • "Give me a comprehensive diagnostic report"

Security Considerations

  • Administrator Rights: Run with administrator privileges for complete event log access
  • PowerShell Execution: The server executes PowerShell scripts to gather system information
  • Local Only: This server only accesses local system information, no network requests
  • Event Log Access: Requires appropriate permissions to read Windows Event Logs

Troubleshooting

Common Issues

  1. PowerShell Execution Error:
    • Ensure PowerShell execution policy allows script execution
    • Run: Set-ExecutionPolicy -ExecutionPolicy RemoteSigned -Scope CurrentUser
  2. Access Denied Errors:
    • Run the MCP client (e.g., Claude Desktop) as Administrator
    • Some event logs require elevated privileges
  3. JSON Parse Errors:
    • Check that PowerShell is outputting valid JSON
    • Verify no additional output is being written to stdout
  4. No Events Found:
    • Normal if system has been stable
    • Try increasing the daysBack parameter
    • Check if Event Log service is running

Debugging

Enable debug logging by setting environment variable:

set DEBUG=mcp:* node build/index.js

Event Types Monitored

The server monitors these Windows Event Log entries:

System Events

  • 1074: System shutdown initiated by user/application
  • 1076: System shutdown reason recorded
  • 6005: Event Log service started (boot)
  • 6006: Event Log service stopped (shutdown)
  • 6008: Unexpected shutdown detected
  • 6009: System started
  • 6013: System uptime reported

Critical Events

  • 41: Kernel-Power critical error (unexpected shutdown)
  • 1001: Windows Error Reporting BSOD
  • 1003: System crash dump created

Application Events

  • 1000: Application error/crash
  • 1001: Application hang
  • 1002: Application recovery

Hardware/Driver Events

  • 219: Driver loading issues
  • 7026: Service start failures
  • 7000: Service start failures
  • 7009: Service timeouts
  • 7031: Service crashes

Output Format

The server provides structured information including:

  • Event timestamps in ISO format
  • Event descriptions in plain English
  • Stability scoring (0-100 scale)
  • Actionable recommendations
  • System uptime statistics
  • Memory dump information
  • Hardware error summaries

Development

To modify or extend the server:

  1. Edit source: Modify src/index.ts
  2. Rebuild: Run npm run build
  3. Test: Use MCP inspector or compatible client
  4. Add tools: Follow the MCP SDK patterns for new diagnostic functions

Adding New Diagnostic Features

To add new diagnostic capabilities:

  1. Extend the PowerShell script with additional event log queries
  2. Add new tool definitions in the ListToolsRequestSchema handler
  3. Implement corresponding handler methods
  4. Update the documentation

License

MIT License - see LICENSE file for details.

Contributing

Contributions welcome! Please:

  1. Follow TypeScript best practices
  2. Test with Windows 10/11
  3. Document new features
  4. Ensure PowerShell compatibility

Changelog

v1.0.0

  • Initial release
  • Basic diagnostic capabilities
  • MCP integration
  • Stability analysis
  • PowerShell backend
-
security - not tested
F
license - not found
-
quality - not tested

local-only server

The server can only run on the client's local machine because it depends on local resources.

Provides Windows system diagnostic capabilities to AI agents, allowing them to access event logs, crash information, system uptime, and perform stability analysis.

  1. Features
    1. Installation
      1. Prerequisites
      2. Setup Steps
    2. Configuration
      1. For Claude Desktop
      2. For Other MCP Clients
    3. Available Tools
      1. 1. get_system_diagnostics
      2. 2. get_shutdown_events
      3. 3. get_bsod_events
      4. 4. get_system_uptime
      5. 5. analyze_system_stability
    4. Usage Examples
      1. Security Considerations
        1. Troubleshooting
          1. Common Issues
          2. Debugging
        2. Event Types Monitored
          1. System Events
          2. Critical Events
          3. Application Events
          4. Hardware/Driver Events
        3. Output Format
          1. Development
            1. Adding New Diagnostic Features
          2. License
            1. Contributing
              1. Changelog
                1. v1.0.0

              Related MCP Servers

              • -
                security
                A
                license
                -
                quality
                A lightweight server that enables AI agents to interact with the Windows operating system, allowing for file navigation, application control, UI interaction, and QA testing through various tools.
                Last updated -
                673
                Python
                MIT License
              • -
                security
                A
                license
                -
                quality
                Provides programmatic access to ingest and query Windows event logs (especially Sysmon logs), enabling security monitoring, incident response, and log analysis automation.
                Last updated -
                Python
                MIT License
              • -
                security
                A
                license
                -
                quality
                A lightweight open-source server that enables AI agents to interact with the Windows operating system, allowing for file navigation, application control, UI interaction, and QA testing without requiring computer vision.
                Last updated -
                673
                Python
                MIT License
              • -
                security
                A
                license
                -
                quality
                Provides AI assistants with direct access to Wireshark network analysis capabilities, enabling AI-powered network troubleshooting, packet analysis, and network monitoring through a secure interface.
                Last updated -
                3
                Python
                MIT License
                • Linux
                • Apple

              View all related MCP servers

              MCP directory API

              We provide all the information about MCP servers via our MCP API.

              curl -X GET 'https://glama.ai/api/mcp/v1/servers/jackalterman/windows-diagnostic-mcp-server'

              If you have feedback or need assistance with the MCP directory API, please join our Discord server