Best Elastic MCP Servers

Elastic is a search company that builds self-managed and SaaS offerings for search, logging, security, observability, and analytics use cases.

View all Elastic MCP Servers

Why this server?
Provides tools for querying, summarizing, and tracing logs stored in Elasticsearch, enabling AI assistants to analyze observability data directly.
mcp-server-logs-sieve
Monitoring Observability Search
Oluwatunmise-olat
A
security
A
license
-
quality
An MCP server that connects Claude (or any MCP compatible client) to your existing log infrastructure. Query, summarize, and trace logs in plain English across GCP Cloud Logging, AWS CloudWatch, Azure Log Analytics, Grafana Loki, and Elasticsearch without writing filter expressions or leaving your editor.
Last updated a month ago
14
1
MIT
Why this server?
Connects to Elastic products, specifically Elasticsearch, enabling natural language interaction with indices, mappings, and search capabilities.
Elasticsearch MCP Server
Databases Search RAG Systems
rishab2404
A
security
A
license
-
quality
Connects to Elasticsearch databases using the Model Context Protocol, allowing users to query and interact with their Elasticsearch indices through natural language conversations.
Last updated 10 months ago
4
1
Apache 2.0
Why this server?
Facilitates interaction with Elastic's search and analytics engine, providing capabilities for document indexing, search, index management, and cluster health monitoring.
Elasticsearch/OpenSearch MCP
Databases Search Monitoring
Rbedoyag
A
security
A
license
-
quality
An MCP server that enables interaction with Elasticsearch and OpenSearch clusters for searching documents and managing indices. It provides tools for cluster health monitoring, index configuration, and general API requests.
Last updated 9 months ago
16
Apache 2.0
Why this server?
Offers official ELK stack integration for log management and analysis through documented integration paths
Beelzebub MCP Honeypot
Security RAG Systems Autonomous Agents
beelzebub-labs
-
security
A
license
-
quality
Description: Introduce Beelzebub, an MCP‑based honeypot framework that enables creating decoy tools to detect prompt injection and malicious agent behavior. Motivation: Strengthen the security of LLM workflows by adding a non‑intrusive detection mechanism.
Last updated 14 days ago
1,935
GPL 3.0
Why this server?
Provides tools to manage and query a knowledge base within Elastic, including document ingestion, text chunking, and semantic search retrieval.
ElasticMind-MCP
Databases Search RAG Systems
ViratGarg2
A
security
F
license
-
quality
An MCP server that indexes PDF documentation and text into Elasticsearch for semantic search and retrieval. It enables users to query knowledge bases, ingest new files, and dynamically update content through MCP-compatible clients like Claude Desktop and Cursor.
Last updated 4 months ago
4
1
Why this server?
Enables searching security events, pivoting on indicators, and performing endpoint response actions like isolation and forensic collection.
SamiGPT
Security Autonomous Agents Monitoring
M507
-
security
A
license
-
quality
An AI-powered security operations platform that integrates with SIEM, EDR, and case management systems via MCP to automate incident response and investigation workflows. It provides specialized tools for alert triage, threat intelligence enrichment, and endpoint remediation across vendor-neutral APIs.
Last updated 3 months ago
25
MIT
Why this server?
Provides a comprehensive set of tools for security management, search operations, index management, and cluster monitoring within an Elasticsearch instance, allowing for management of users, roles, API keys, and execution of complex queries.
Elastic MCP Server
Databases Search Monitoring
schwarztim
A
security
F
license
-
quality
Provides comprehensive tools for managing Elasticsearch clusters, including security management, search operations, and index administration. It enables users to monitor cluster health, handle InfoSec tasks, and execute complex queries using Elasticsearch Query DSL and ES|QL.
Last updated 3 months ago
37
Why this server?
Provides tools for interacting with Elasticsearch clusters, enabling users to list indices, perform data searches using the full Query DSL, retrieve field mappings, and monitor cluster shard information.
Custom Elasticsearch MCP
Databases Search RAG Systems
M0-AR
-
security
F
license
-
quality
A high-performance MCP server that connects tools like Cursor to Elasticsearch clusters using public-key authorization instead of API keys. It provides optimized tools for searching data, listing indices, and inspecting cluster mappings or shards with support for concurrent requests.
Last updated 3 months ago
Why this server?
Works alongside the broader ELK Stack, providing diagnostics and monitoring capabilities that complement Elastic's ecosystem for log management and analysis.
Logstash MCP Server
Monitoring Observability Developer Tools
mashhurs
-
security
F
license
-
quality
A Model Context Protocol server that provides comprehensive tools for monitoring and identifying performance bottlenecks in Logstash instances through an interactive web UI and JSON-RPC interface.
Last updated 10 months ago
1