Fastly NGWAF MCP Server

Instructions

Implementation Reference

• server.js:1025-1031 (handler)

  MCP tool handler in the CallToolRequestSchema switch statement. Resolves corporation and site context using resolveContext, validates that siteName is provided, and calls the underlying client.getSuspiciousIPs method with corpName, siteName, and optional limit.
  case 'get_suspicious_ips': const { corpName: corpForSuspicious, siteName: siteForSuspicious } = resolveContext(typedArgs); if (!siteForSuspicious) { throw new Error('Site name is required. Please set context or provide siteName parameter.'); } result = await client.getSuspiciousIPs(corpForSuspicious, siteForSuspicious, typedArgs.limit); break;
• server.js:672-683 (schema)

  Tool schema definition in the tools array, including name, description, and inputSchema with optional corpName, siteName, and limit parameters. This is used by the ListToolsRequestHandler.
  { name: 'get_suspicious_ips', description: 'Get list of suspicious IP addresses', inputSchema: { type: 'object', properties: { corpName: { type: 'string', description: 'Corporation name (uses context default if not provided)' }, siteName: { type: 'string', description: 'Site name (uses context default if not provided)' }, limit: { type: 'number', description: 'Maximum number of IPs to return' }, }, }, },
• server.js:215-221 (helper)

  FastlyNGWAFClient method that performs the actual API request to retrieve suspicious IPs for a site. Constructs query params with optional limit and fetches from /corps/{corpName}/sites/{siteName}/suspiciousIPs endpoint.
  async getSuspiciousIPs(corpName, siteName, limit) { const params = new URLSearchParams(); if (limit) params.append('limit', limit.toString()); const response = await this.api.get(`/corps/${corpName}/sites/${siteName}/suspiciousIPs?${params.toString()}`); return response.data; }