Skip to main content
Glama

search_rules

Find Wazuh security rules by matching text in their descriptions. Optionally filter by severity level and control pagination.

Instructions

Search Wazuh rules by description text

Input Schema

TableJSON Schema
NameRequiredDescriptionDefault
descriptionYesSearch term to match against rule descriptions
limitNoMaximum number of items to return (1-100)
offsetNoPagination offset
levelNoMinimum severity level filter
Behavior2/5

Does the description disclose side effects, auth requirements, rate limits, or destructive behavior?

With no annotations, the description carries the full burden for behavioral transparency. It doesn't mention read-only nature, case sensitivity, or partial results. The brief description adds minimal behavioral context.

Agents need to know what a tool does to the world before calling it. Descriptions should go beyond structured annotations to explain consequences.

Conciseness5/5

Is the description appropriately sized, front-loaded, and free of redundancy?

One short, direct sentence with no wasted words. Information is front-loaded and necessary.

Shorter descriptions cost fewer tokens and are easier for agents to parse. Every sentence should earn its place.

Completeness2/5

Given the tool's complexity, does the description cover enough for an agent to succeed on first attempt?

Given no output schema, no annotations, and 4 parameters, the description is too minimal. It doesn't explain the return format (list of rule objects), pagination behavior, or filtering nuances beyond what the schema provides.

Complex tools with many parameters or behaviors need more documentation. Simple tools need less. This dimension scales expectations accordingly.

Parameters3/5

Does the description clarify parameter syntax, constraints, interactions, or defaults beyond what the schema provides?

Schema description coverage is 100%; all parameters have descriptions in the schema. The tool description adds no additional meaning beyond 'by description text', so baseline 3 applies.

Input schemas describe structure but not intent. Descriptions should explain non-obvious parameter relationships and valid value ranges.

Purpose5/5

Does the description clearly state what the tool does and how it differs from similar tools?

The description 'Search Wazuh rules by description text' clearly states the verb (search), resource (Wazuh rules), and method (by description text). It distinguishes from siblings like list_rules (lists all) and get_rule (by ID).

Agents choose between tools based on descriptions. A clear purpose with a specific verb and resource helps agents select the right tool.

Usage Guidelines3/5

Does the description explain when to use this tool, when not to, or what alternatives exist?

No explicit guidance on when to use this tool versus alternatives (e.g., list_rules, get_rule). Implies usage from the action 'search' but lacks when-not scenarios or sibling comparisons.

Agents often have multiple tools that could apply. Explicit usage guidance like "use X instead of Y when Z" prevents misuse.

Install Server

Other Tools

Latest Blog Posts

MCP directory API

We provide all the information about MCP servers via our MCP API.

curl -X GET 'https://glama.ai/api/mcp/v1/servers/lidless-labs/wazuh-mcp'

If you have feedback or need assistance with the MCP directory API, please join our Discord server