Which integrations are available for this server?

Uses .env files for configuration management and storing API keys and database connection information Utilizes OpenAI's API for Text2SQL conversion, enabling natural language queries to be transformed into SQL Enables connection to Snowflake data warehouses for executing SQL queries generated from natural language Connects to SQLite databases to execute generated SQL queries and retrieve data

How do I use AI_SOC_MCP_Server_Sher?

1. Click on "Install Server". 2. Wait a few minutes for the server to deploy. Once ready, it will show a "Started" state. 3. In the chat, type @ followed by the MCP server name and your instructions, e.g., "@AI_SOC_MCP_Server_Sher show me failed login attempts from yesterday" That's it! The server will respond to your query, and you can continue using it as needed. Here is a step-by-step guide with screenshots.

MCP AI SOC Sher

A powerful AI-driven Security Operations Center (SOC) Text2SQL framework based MCP Server (Local and Remote) for converting natural language Prompts to SQL queries dynamically, with integrated security threat analysis and monitoring.

Features

Text2SQL Conversion: Convert natural language queries to optimized SQL
Multiple Interfaces: Support for STDIO, SSE, and REST API
Security Threat Analysis: Built-in SQL query security analysis
Multiple Database Support: Connect to SQLite or Snowflake databases
Streaming Responses: Real-time query processing feedback
SOC Monitoring: Security Operations Center monitoring capabilities

Related MCP server: salesforce-mcp

Installation

pip install mcp-ai-soc-sher

Quick Start

# Set your OpenAI API key
import os
os.environ["OPENAI_API_KEY"] = "your-api-key-here"

# Use as local server
from mcp_ai_soc_sher.local import LocalMCPServer

server = LocalMCPServer()
server.start()

# Or run from command line
# mcp-ai-soc --type local --stdio --sse

Command Line Usage

# Run local server with STDIO interface
mcp-ai-soc --type local --stdio

# Run local server with SSE interface
mcp-ai-soc --type local --sse

# Run remote server with REST API
mcp-ai-soc --type remote

Configuration

Create a .env file with your configuration:

OPENAI_API_KEY=your_openai_api_key_here
MCP_DB_URI=sqlite:///your_database.db
MCP_SECURITY_ENABLE_THREAT_ANALYSIS=true

See the documentation for all configuration options.

Example

import json
import requests

# Query the server
response = requests.post(
    "http://localhost:8000/api/sql",
    headers={"Content-Type": "application/json", "X-API-Key": "your-api-key"},
    json={
        "query": "Find all suspicious login attempts in the last 24 hours",
        "optimize": True,
        "execute": True
    }
)

# Process the response
result = response.json()
print(f"SQL Query: {result['sql']}")
if result['results']:
    print("Results:")
    for row in result['results']:
        print(row)