A
licenseA
qualityD
maintenanceThis server acts as a MCP bridge to interact with the Cribl REST API. It allows AI models or other MCP clients to query and manage Cribl configurations.
Last updated
10
8
5
MIT
Best Splunk MCP Servers
Splunk is a software platform that enables users to search, monitor, and analyze machine-generated data through a web-style interface. It specializes in collecting and indexing massive amounts of data to provide real-time visibility, troubleshooting, and security for IT operations, security, and business analytics.
Why this server?
Allows interaction with Splunk services including support for Splunk HEC (HTTP Event Collector) as a data source within Cribl Stream.
Why this server?
Converts Sigma rules to Splunk SPL queries for detection in Splunk SIEM.
AlicenseAqualityAmaintenanceSigma detection rule writing, validation, and pySigma-based multi-backend conversion (Splunk, Elastic, Wazuh, Kibana) via 3 MCP tools and 3 Claude Code skills, backed by a 61-rule production corpus across 11 MITRE ATT\&CK tactic categories.Last updated3MITWhy this server?
Provides detection lookup files for enrichment in Splunk, enabling efficient lookup operations for threat detection.
AlicenseAqualityBmaintenanceMachine-readable detection lookups for SIEM enrichment and AI agents. Query 800+ LOLBAS and GTFOBins binaries plus process parent-child baselines — get risk levels, abuse categories, and MITRE ATT\&CK mappings without embedding data in prompts.Last updated6Apache 2.0Why this server?
Supports Splunk log integration through JSON log format output, allowing structured logging events to be consumed by Splunk's log aggregation platform.
AlicenseAqualityCmaintenanceEnables AI assistants to execute shell commands and transfer files via SFTP across remote servers using existing SSH configurations. It supports parallel execution on server groups and provides built-in safety warnings for potentially destructive commands.Last updated61Mozilla Public 2.0Why this server?
Allows for interacting with Splunk Enterprise/Cloud through natural language queries. Supports executing Splunk searches, managing indexes, viewing users, and performing KV store operations.
AlicenseBqualityCmaintenanceA FastMCP-based tool for interacting with Splunk Enterprise/Cloud through natural language. This tool provides a set of capabilities for searching Splunk data, managing KV stores, and accessing Splunk resourcesLast updated12105Apache 2.0Why this server?
Provides tools for querying Cribl Stream and Edge deployments, including retrieval of worker groups, fleets, sources (including Splunk collectors), destinations, pipelines, routes, event breakers, and lookups with full configuration details.
AlicenseAqualityDmaintenanceEnables querying and exploring Cribl Stream and Edge deployments, providing access to worker groups, fleets, sources, destinations, pipelines, routes, event breakers, and lookups through a structured interface.Last updated71MIT No AttributionWhy this server?
Enables AI agents to interact with Splunk Enterprise/Cloud environments, providing comprehensive tools for search and analytics, data discovery, administration, health monitoring, and AI-powered troubleshooting workflows. Includes capabilities for natural language to SPL conversion, real-time search management, metadata exploration, user and app management, system health monitoring, and automated diagnostic procedures.
AlicenseAqualityAmaintenanceEnables AI agents to interact seamlessly with Splunk environments through 20+ tools for search, analytics, data discovery, administration, and health monitoring. Features AI-powered troubleshooting workflows and supports multiple Splunk instances with production-ready security.Last updated5323Apache 2.0Why this server?
Provides programmatic access to Splunkbase functionality, allowing users to search for apps, retrieve app information, check compatibility with Splunk versions, and download apps from Splunkbase.
AlicenseBqualityCmaintenanceA Machine Control Protocol server providing programmatic access to Splunkbase functionality, allowing users to search, download, and manage Splunkbase apps through a standardized interface.Last updated3MITWhy this server?
Provides SQL access to Splunk machine data and log analytics.
Alicense-qualityCmaintenanceDynamics 365 MCP Server by CDataLast updatedMIT
