Native support for Elastic Cloud deployments with cloud ID and API key authentication, enabling analytics and querying capabilities on cloud-hosted Elasticsearch instances.
Provides specialized analytics tools for querying Elasticsearch clusters, including account/group analytics, visit trends, platform breakdowns, rating distributions, and comprehensive metrics summaries with support for aggregations and time-series analysis.
Click on "Install Server".
Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state.
In the chat, type
@followed by the MCP server name and your instructions, e.g., "@Elasticsearch MCP (VSee Fork) show me the top 10 accounts with the highest visit increase this month"
That's it! The server will respond to your query, and you can continue using it as needed.
Here is a step-by-step guide with screenshots.
Elasticsearch MCP (VSee Fork)
Modified MCP server with hardcoded schemas matching VSee's Elasticsearch indexes. Specialized analytics tools optimized for stats-*
elasticsearch-mcp-vsee is a modified Model Context Protocol (MCP) server that provides specialized analytics tools for Elasticsearch clusters, optimized for VSee's stats-* indices. This fork features hardcoded schemas and field names that match VSee's specific Elasticsearch index structure, enabling specialized tools for account/group analytics, visit trends, platform breakdowns, and rating distributions. Built with TypeScript and optimized for Elastic Cloud environments, it offers comprehensive analytics capabilities with enterprise-grade security features.
π Features
π Secure by Design: Input validation, script sanitization, injection prevention
βοΈ Elastic Cloud Ready: Native support for cloud ID and API key authentication
β‘ High Performance: Connection pooling, optimized query execution, efficient aggregations
π οΈ Comprehensive Tools: 11 specialized tools for analytics, summaries, and data exploration
π Advanced Querying: Full Elasticsearch DSL support with aggregations and highlighting
π Smart Validation: Zod-based schemas with security-first validation
π Full TypeScript: Complete type safety with strict null checks
π― Purpose
This MCP server is designed for VSee's Open WebUI deployment to provide specialized analytics tools for querying VSee's Elasticsearch stats-* indices. It integrates with VSee's Open WebUI infrastructure via MCPO (MCP OpenAPI bridge) to expose Elasticsearch analytics capabilities to LLMs.
π¦ Usage with VSee's Open WebUI Deployment
This MCP server is automatically loaded by VSee's Open WebUI deployment through the MCP configuration. It connects to VSee's Elasticsearch deployment to provide analytics on visit statistics, account/group metrics, platform breakdowns, and more.
Configuration
The MCP server is configured in vsee/mcp/config.json:
The Open WebUI deployment automatically loads this configuration and starts the MCP server via MCPO, making all 11 tools available to the LLM for querying Elasticsearch data.
π Updating and Publishing
Making Changes
Develop locally: Make changes to the code in
elasticsearch-mcp/Test your changes: Use
npm run test:toolsto test against your Elasticsearch instanceBuild: Run
npm run buildto compile TypeScriptPublish: Publish to npm with
npm publish --access publicMake sure to increment the version in
package.jsonfirst
Updating VSee's Deployment
After publishing a new version to npm:
Update : Change the package version in the
argsarray:{ "mcpServers": { "elasticsearch": { "command": "npx", "args": ["-y", "elasticsearch-mcp-vsee@0.5.0"], // Update version here "env": { ... } } } }Restart the MCPO service: The MCPO container will automatically download and use the new version on restart:
docker compose -f docker-compose.vsee.yaml restart mcpoVerify: Check that the new version is loaded by examining the MCPO logs or testing the tools in Open WebUI.
Note: You can also use @latest to always pull the latest version, but specifying a version number is recommended for production stability.
π οΈ Available Tools
Tool | Description | Use Cases |
| Discover index fields and types | Schema exploration, field discovery |
| Find top accounts or groups with highest visit increase/decrease | Trend analysis, account/group monitoring |
| Compare subscription tiers with metrics per tier | Subscription-tier analysis and comparisons |
| Platform or platform version breakdown (provider/patient, platform/version) | Platform adoption, device preferences, version analysis |
| Rating histograms with statistics | Satisfaction analysis |
| Time series visit trends (daily/weekly/monthly) | Trend visualization |
| Comprehensive metrics summary with flexible filtering and grouping | Multi-dimensional analysis and comparisons |
π Tool Examples
Get Account Summary
Get Top Accounts by Growth
Get Platform Breakdown
Get Visit Trends
βοΈ Configuration
Environment Variables
The MCP server reads configuration from environment variables. These are set in vsee/mcp/config.json under the env section:
Variable | Description | Required | Example |
| Elasticsearch URL | Yes |
|
| Basic auth username | Yes |
|
| Basic auth password | Yes |
|
| Disable TLS verification (for self-signed certs) | No |
|
Alternative: Elastic Cloud Authentication
If using Elastic Cloud with cloud ID and API key:
Variable | Description | Required |
| Elastic Cloud deployment ID | Yes* |
| Elasticsearch API key | Yes* |
*Either ELASTIC_CLOUD_ID + ELASTIC_API_KEY OR ELASTIC_NODE + ELASTIC_USERNAME + ELASTIC_PASSWORD is required
π Security Features
Input Validation
Zod Schemas: Strict type validation for all inputs
Field Name Validation: Prevents reserved field usage
Size Limits: Document size, array length, string length limits
Depth Validation: Prevents deeply nested objects/queries
Script Security
Script Sanitization: Blocks dangerous script patterns
Parameter Validation: Validates script parameters
Execution Limits: Prevents resource exhaustion
Query Security
Injection Prevention: Sanitizes and validates all queries
Script Query Blocking: Prevents script-based queries in sensitive operations
Rate Limiting: Protects against abuse
Data Protection
Credential Masking: Never logs sensitive information
Secure Connections: TLS/SSL support
Access Control: Validates permissions before operations
ποΈ Architecture
π Performance
Benchmarks
Search: <500ms average response time
Aggregations: Optimized for large-scale analytics
Memory Usage: <100MB for typical operations
Concurrent Requests: Up to 10 simultaneous operations
Optimization Features
Connection Pooling: Reuses Elasticsearch connections
Optimized Queries: Efficient aggregation pipelines
Smart Caching: Reduced redundant queries
Health Monitoring: Automatic reconnection on failures
π§ Development
Setup Development Environment
Project Structure
π License
This project is licensed under the MIT License - see the LICENSE file for details.
π·οΈ Version History
v0.5.0 - Added
find_entities_by_metrictool with multi-metric filtering support, updated default limitsv0.4.0 - Tool consolidation: merged 14 tools into 11 specialized analytics tools
v0.3.0 - Specialized analytics tools for stats-* indices
Full changelog: CHANGELOG.md
π Links
Built for VSee by VSee