Binalyze AIR MCP Server
OfficialServer Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
No arguments | |||
Capabilities
Server capabilities have not been inspected yet.
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| list_assetsC | List all assets in the system |
| get_asset_by_idB | Get detailed information about a specific asset by its ID |
| get_asset_tasks_by_idC | Get all tasks associated with a specific asset by its ID |
| list_acquisition_profilesC | List all acquisition profiles in the system |
| assign_acquisition_taskC | Assign an evidence acquisition task to specific endpoints |
| get_acquisition_profile_by_idB | Get details of a specific acquisition profile by its ID |
| assign_image_acquisition_taskC | Assign a disk image acquisition task to specific endpoints and volumes |
| create_acquisition_profileC | Create a new acquisition profile |
| assign_reboot_taskC | Assign a reboot task to specific endpoints |
| assign_shutdown_taskC | Assign a shutdown task to specific endpoints |
| assign_isolation_taskC | Assign an isolation task to specific endpoints |
| assign_log_retrieval_taskC | Assign a log retrieval task to specific endpoints |
| assign_version_update_taskC | Assign a version update task to specific endpoints |
| list_organizationsB | List all organizations in the system |
| list_casesC | List all cases in the system |
| list_policiesB | List all policies in the system |
| list_tasksB | List all tasks in the system |
| list_triage_rulesC | List all triage rules in the system |
| list_usersC | List all users in the system |
| list_drone_analyzersB | List all drone analyzers in the system |
| export_audit_logsC | Initiate an export of audit logs from the AIR system |
| list_audit_logsC | List audit logs from the AIR system |
| uninstall_assetsC | Uninstall specific assets based on filters without purging data. Requires specifying |
| purge_and_uninstall_assetsC | Purge data and uninstall specific assets based on filters. Requires specifying |
| add_tags_to_assetsB | Add tags to specific assets based on filters. Requires specifying |
| remove_tags_from_assetsB | Remove tags from specific assets based on filters. Requires specifying |
| create_auto_asset_tagC | Create a new rule to automatically tag assets based on specified conditions for Linux, Windows, and macOS. |
| update_auto_asset_tagC | Update an existing auto asset tag rule. |
| get_auto_asset_tag_by_idC | Get details of a specific auto asset tag rule by its ID |
| delete_auto_asset_tag_by_idC | Delete a specific auto asset tag rule by its ID |
| list_auto_asset_tagsB | List all auto asset tag rules in the system. |
| start_taggingC | Start the auto asset tagging process for assets matching filter criteria. |
| acquire_baselineC | Assign a baseline acquisition task to specific endpoints |
| compare_baselineC | Compare baseline acquisition tasks for a specific endpoint |
| get_comparison_reportC | Get comparison result report for a specific endpoint and task |
| list_acquisition_artifactsB | List all acquisition artifacts available for evidence collection |
| list_e_discovery_patternsB | List all e-discovery patterns for file type detection |
| create_policyC | Create a new policy with specific storage and compression settings |
| update_policyC | Update an existing policy with specific storage and filter settings |
| get_policy_by_idC | Get detailed information about a specific policy by its ID |
| update_policy_prioritiesC | Update the priority order of policies |
| get_policy_match_statsC | Get statistics on how many endpoints match each policy based on filter criteria |
| delete_policy_by_idC | Delete a specific policy by its ID |
| get_task_assignments_by_idC | Get all assignments associated with a specific task by its ID |
| cancel_task_assignmentC | Cancel a task assignment by its ID |
| delete_task_assignmentC | Delete a specific task assignment by its ID |
| get_task_by_idC | Get detailed information about a specific task by its ID |
| cancel_task_by_idC | Cancel a specific task by its ID |
| delete_task_by_idC | Delete a specific task by its ID |
| list_triage_tagsB | List all triage rule tags in the system |
| create_triage_tagC | Create a new triage rule tag |
| create_triage_ruleC | Create a new triage rule |
| update_triage_ruleC | Update an existing triage rule by ID |
| delete_triage_ruleC | Delete an existing triage rule by ID |
| get_triage_rule_by_idC | Get a specific triage rule by its ID |
| validate_triage_ruleA | Validate a triage rule syntax without creating it |
| assign_triage_taskC | Assign a triage task to endpoints based on filter criteria |
| add_note_to_caseC | Add a note to a specific case by its ID |
| update_note_in_caseC | Update an existing note in a specific case |
| delete_note_from_caseC | Delete a note from a case by its ID |
| export_casesC | Export cases data from the system |
| export_case_notesC | Export notes for a specific case by its ID |
| export_case_endpointsC | Export endpoints for a specific case by its ID |
| export_case_activitiesC | Export activities for a specific case by its ID |
| create_caseC | Create a new case in the system |
| update_caseC | Update an existing case by ID |
| get_case_by_idC | Get detailed information about a specific case by its ID |
| close_case_by_idC | Close a case by its ID |
| open_case_by_idB | Open a previously closed case by its ID |
| archive_case_by_idB | Archive a case by its ID |
| change_case_ownerC | Change the owner of a case |
| check_case_nameC | Check if a case name is already in use |
| get_case_activitiesC | Get activity history for a specific case by its ID |
| get_case_endpointsB | Get all endpoints associated with a specific case by its ID |
| get_case_tasks_by_idB | Get all tasks associated with a specific case by its ID |
| get_case_usersC | Get all users associated with a specific case by its ID |
| remove_endpoints_from_caseC | Remove endpoints from a case based on specified filters |
| remove_task_assignment_from_caseC | Remove a specific task assignment from a case |
| import_task_assignments_to_caseC | Import task assignments to a specific case |
| list_repositoriesB | List all evidence repositories in the system |
| get_repository_by_idB | Get detailed information about a specific evidence repository by its ID |
| create_smb_repositoryC | Create a new SMB evidence repository |
| update_smb_repositoryC | Update an existing SMB repository by ID |
| create_sftp_repositoryC | Create a new SFTP evidence repository |
| update_sftp_repositoryC | Update an existing SFTP repository |
| create_ftps_repositoryC | Create a new FTPS evidence repository |
| update_ftps_repositoryC | Update an existing FTPS evidence repository |
| validate_ftps_repositoryB | Validate FTPS repository configuration without creating it |
| create_azure_storage_repositoryC | Create a new Azure Storage repository |
| update_azure_storage_repositoryC | Update an existing Azure Storage repository |
| validate_azure_storage_repositoryC | Validate an Azure Storage repository configuration |
| create_amazon_s3_repositoryC | Create a new Amazon S3 repository for evidence storage |
| update_amazon_s3_repositoryC | Update an existing Amazon S3 repository |
| validate_amazon_s3_repositoryC | Validate Amazon S3 repository configuration |
| get_repository_by_idB | Get detailed information about a specific evidence repository by its ID |
| delete_repositoryC | Delete an evidence repository by its ID |
| download_case_ppcC | Download a PPC file for a specific endpoint and task |
| download_task_reportC | Download a task report for a specific endpoint and task |
| get_report_file_infoC | Get information about a PPC file for a specific endpoint and task |
| get_organization_usersB | Get users for a specific organization by its ID |
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
No resources | |
Latest Blog Posts
MCP directory API
We provide all the information about MCP servers via our MCP API.
curl -X GET 'https://glama.ai/api/mcp/v1/servers/binalyze/air-mcp'
If you have feedback or need assistance with the MCP directory API, please join our Discord server