Security Detections MCP
by MHaggis
Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| KQL_PATHS | No | KQL hunting query directories | |
| SIGMA_PATHS | No | Sigma rule directories | |
| STORY_PATHS | No | Splunk analytic story directories (optional) | |
| SPLUNK_PATHS | No | Splunk ESCU detection directories | |
| CQL_HUB_PATHS | No | CQL Hub (CrowdStrike) query directories | |
| ELASTIC_PATHS | No | Elastic detection rule directories | |
| SUBLIME_PATHS | No | Sublime Security rule directories | |
| ATTACK_STIX_PATH | No | Path to enterprise-attack.json for threat actor data (optional) | |
| JAMF_PROTECT_PATHS | No | Jamf Protect custom analytic detection directories (macOS) |
Capabilities
Server capabilities have not been inspected yet.
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
No tools | |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
No resources | |
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/MHaggis/Security-Detections-MCP'
If you have feedback or need assistance with the MCP directory API, please join our Discord server