AgentGuard for Splunk MCP

AgentGuard is a black-box recorder, policy firewall, and investigation copilot for AI agents using Splunk MCP.

It sits between an AI agent and Splunk MCP-style tool calls, records every action, evaluates policy risk, blocks or routes suspicious requests for human approval, and forwards audit events to Splunk HTTP Event Collector (HEC). The demo includes a local operations console, a simulated malicious incident ticket, Splunk dashboard assets, and submission-ready video/storyboard documentation.

Hackathon Positioning

• Track: Platform & Developer Experience, with a strong Security story

• Bonus target: Best Use of Splunk MCP Server

• One-line pitch: A flight recorder and safety layer for agentic operations in Splunk.

• Core demo: An AI incident agent starts a normal investigation, receives a malicious prompt injection, attempts restricted SPL queries, and AgentGuard blocks the risky calls while creating an auditable timeline.

Submission Status

• Local demo: ready

• Public GitHub repo: ready to publish as sauravtom/agentguard-splunk-mcp

• Splunk Cloud trial: created as MyInstance, 5GB/day, June 7-22, 2026

• Live Splunk HEC ingestion: pending until the Splunk Cloud ACCESS INSTANCE button becomes enabled and HEC can be configured

What Works Today

• MCP-style tool-call proxy endpoint: POST /api/mcp/tool-call

• Policy engine for restricted indexes, PII exfiltration, destructive actions, broad searches, and prompt injection

• Local append-only audit log

• Optional Splunk HEC forwarding

• AI-style investigation summary with evidence links and safe next actions

• React demo console with incident timeline, policy decisions, approval queue, and summary panel

• Splunk Simple XML dashboard and SPL examples

• Demo video script, narration, screenshot plan, GitHub publication checklist, and Devpost copy

Quick Start

npm install
npm run dev

Open http://localhost:5173.

The API runs on http://localhost:8787. Vite proxies /api to the API server.

Demo Flow

1. Click Reset demo.

2. Click Run safe investigation to show normal Splunk MCP-style usage.

3. Click Run malicious ticket to inject a prompt that tries to leak secrets and query restricted indexes.

4. Review the timeline, blocked calls, approval queue, and investigation summary.

5. If Splunk HEC is configured, search for sourcetype=agentguard:mcp:audit in Splunk.

Optional Splunk HEC

Create .env from .env.example:

cp .env.example .env

Set:

SPLUNK_HEC_URL=https://localhost:8088/services/collector/event
SPLUNK_HEC_TOKEN=your-token
SPLUNK_HEC_INDEX=main

AgentGuard will still work without Splunk HEC. In local mode it writes audit events to data/audit-log.jsonl.

Repository Requirements Covered

• Open source license: LICENSE

• Setup and run instructions: this README

• Example config: .env.example

• Example data: data/demo-scenarios.json

• Architecture diagram: architecture_diagram.md

• Demo video plan: docs/demo-video-script.md

• Devpost copy: docs/devpost-submission.md

• Submission checklist: docs/submission-checklist.md

• Public GitHub plan: docs/github-publication-plan.md

Architecture

See architecture_diagram.md.

Security Notes

Do not commit .env, Splunk HEC tokens, Splunk session data, downloaded support files, or recorded videos that expose credentials. Runtime audit logs are ignored through .gitignore.