Is Mcp Server Splunk safe to use?

Mcp Server Splunk has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.

How do I install Mcp Server Splunk?

Mcp Server Splunk supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.

What can Mcp Server Splunk do?

Mcp Server Splunk provides 5 tools: list_splunk_saved_searches, list_splunk_alerts, list_splunk_fired_alerts, list_splunk_indexes, list_splunk_macros. See the full tools list on the server page for descriptions and parameters.

What AI clients work with Mcp Server Splunk?

Mcp Server Splunk is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.

Is Mcp Server Splunk actively maintained?

Mcp Server Splunk is less actively maintained — last commit was 123 days ago. It has 8 GitHub stars.

Mcp Server Splunk

Name: Mcp Server Splunk
Author: jkosik

by jkosik

MCP server for Splunk

8 5 tools GitHub

No known CVEs

No license

Maintained

Last commit 123d ago

Works with most clients

Transport: stdio, sse, http

5 tools · ~512 tok

Grade B · 0.3% of 200K ctx

Edit this pageView history

Analytics DevOps

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "splunk_sse": {
      "url": "http://localhost:3001/sse",
      "name": "Splunk MCP Server (SSE)",
      "type": "sse",
      "description": "MCP server for Splunk integration (SSE mode)"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/mcp-server-splunk)](https://mcppedia.org/s/mcp-server-splunk)

Read me

What Mcp Server Splunk does

A Go implementation of the MCP server for Splunk. Supports STDIO and SSE (Server-Sent Events HTTP API). Uses github.com/mark3labs/mcp-go SDK.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

59/100across 5 weighted dimensions

How we score →

0255075100

−41

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Inventory

Tools (5)

Click any tool to inspect its schema.

~512 tokens total

Inventory

Resources (1)

splunk_csv_content

Local CSV file with Splunk related content, providing further context to the chat

Inventory

Prompts (1)

splunk_alert_keyword_search

Find Splunk alerts for a specific keyword (e.g. GitHub or OKTA) and instructs Cursor to utilise multiple MCP tools to review all Splunk alerts, indexes and macros first to provide the best answer

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Mcp Server Splunk safe to use?: Mcp Server Splunk has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install Mcp Server Splunk?: Mcp Server Splunk supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Mcp Server Splunk do?: Mcp Server Splunk provides 5 tools: list_splunk_saved_searches, list_splunk_alerts, list_splunk_fired_alerts, list_splunk_indexes, list_splunk_macros. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Mcp Server Splunk?: Mcp Server Splunk is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Mcp Server Splunk actively maintained?: Mcp Server Splunk is less actively maintained — last commit was 123 days ago. It has 8 GitHub stars.

Similar servers

Others in analytics / devops

View all →

Mcp Gitlab96

MCP server for using the GitLab API

1.6k 12

Observability Mcp95

MCP Server for GCP environment for interacting with various Observability APIs.

799 10

Sink95

⚡ A Simple / Speedy / Secure Link Shortener with Analytics, 100% run on Cloudflare.

6.7k 3

Mcp Gitlab Server92

Enhanced MCP server for GitLab: group projects listing and activity tracking

51 2

MCP Security Weekly

Get CVE alerts and security updates for Mcp Server Splunk and similar servers.

Community

Discussion

Start a conversation

Ask a question, share a tip, or report an issue.

Has anyone used this with Cursor?How do you handle auth?Any alternatives?

Edit this pageView history

Analytics DevOps

Step 1

Install in your client

Config is the same across clients — only the file and path differ.

Supported in Claude Desktopstdio, sse, http · Node 18+

Paste into ~/Library/Application Support/Claude/claude_desktop_config.json

{
  "mcpServers": {
    "splunk_sse": {
      "url": "http://localhost:3001/sse",
      "name": "Splunk MCP Server (SSE)",
      "type": "sse",
      "description": "MCP server for Splunk integration (SSE mode)"
    }
  }
}

Are you the author?

Add this badge to your README to show your security score and help users find safe servers.

Embed in your READMEAbout badges →

[![MCPpedia Score](https://mcppedia.org/api/badge/mcp-server-splunk)](https://mcppedia.org/s/mcp-server-splunk)

Read me

What Mcp Server Splunk does

A Go implementation of the MCP server for Splunk. Supports STDIO and SSE (Server-Sent Events HTTP API). Uses github.com/mark3labs/mcp-go SDK.

Test This Server

No automated test available for this server. Check the GitHub README for setup instructions.

README

MCP Server for Splunk

A Go implementation of the MCP server for Splunk. Supports STDIO and SSE (Server-Sent Events HTTP API). Uses github.com/mark3labs/mcp-go SDK.

Quickstart - Cursor integration

By configuring MCP Settings in Cursor, you can include remote data directly into the LLM context.

STDIO mode

cd /tmp # CHANGE ME
git clone https://github.com/jkosik/mcp-server-splunk.git
cd mcp-server-splunk/cmd/mcp-server-splunk/

Update Cursor settings in ~/.cursor/mcp.json:

{
  "mcpServers": {
    "splunk_stdio": {
      "name": "Splunk MCP Server",
      "description": "Splunk MCP server",
      "type": "stdio",
      "command": "/tmp/mcp-server-splunk/cmd/mcp-server-splunk/mcp-server-splunk", # CHANGE ME
      "env": {
        "SPLUNK_URL": "https://changeme.splunkcloud.com:8089", # CHANGE ME
        "SPLUNK_TOKEN": "abcdef" # CHANGE ME
      }
    }
  }
}

Alternatively re-build the server first:

go build -o cmd/mcp-server-splunk/mcp-server-splunk cmd/mcp-server-splunk/main.go

SSE mode

Start the server:

export SPLUNK_URL=https://your-splunk-instance:8089
export SPLUNK_TOKEN=your-splunk-token

# Start the server
go run cmd/mcp-server-splunk/main.go -transport sse -port 3001

Update Cursor settings in ~/.cursor/mcp.json:

{
  "mcpServers": {
    "splunk_sse": {
      "name": "Splunk MCP Server (SSE)",
      "description": "MCP server for Splunk integration (SSE mode)",
      "type": "sse",
      "url": "http://localhost:3001/sse"
    }
  }
}

MCP Tools and Prompts

list_splunk_saved_searches
- Parameters:
  - count (number, optional): Number of results to return (max 100, default 100)
  - offset (number, optional): Offset for pagination (default 0)
list_splunk_alerts
- Parameters:
  - count (number, optional): Number of results to return (max 100, default 10)
  - offset (number, optional): Offset for pagination (default 0)
  - title (string, optional): Case-insensitive substring to filter alert titles
list_splunk_fired_alerts
- Parameters:
  - count (number, optional): Number of results to return (max 100, default 10)
  - offset (number, optional): Offset for pagination (default 0)
  - ss_name (string, optional): Search name pattern to filter alerts (default "*")
  - earliest (string, optional): Time range to look back (default "-24h")
list_splunk_indexes
- Parameters:
  - count (number, optional): Number of results to return (max 100, default 10)
  - offset (number, optional): Offset for pagination (default 0)
list_splunk_macros
- Parameters:
  - count (number, optional): Number of results to return (max 100, default 10)
  - offset (number, optional): Offset for pagination (default 0)
internal/splunk/prompt.go implements an MCP Prompt to find Splunk alerts for a specific keyword (e.g. GitHub or OKTA) and instructs Cursor to utilise multiple MCP tools to review all Splunk alerts, indexes and macros first to provide the best answer.
cmd/mcp/server/main.go implements MCP Resource in the form of local CSV file with Splunk related content, providing further context to the chat.

Local usage and testing

STDIO mode (default)

export SPLUNK_URL=https://your-splunk-instance:8089
export SPLUNK_TOKEN=your-splunk-token

# List available tools
echo '{"jsonrpc":"2.0","id":1,"method":"tools/list","params":{}}' | go run cmd/mcp-server-splunk/main.go | jq

# Call list_splunk_saved_searches tool
echo '{"jsonrpc":"2.0","id":1,"method":"tools/call","params":{"name":"list_splunk_saved_searches","arguments":{}}}' | go run cmd/mcp-server-splunk/main.go | jq

SSE mode (Server-Sent Events HTTP API)

export SPLUNK_URL=https://your-splunk-instance:8089
export SPLUNK_TOKEN=your-splunk-token

# Start the server
go run cmd/mcp-server-splunk/main.go -transport sse -port 

... [View full README on GitHub](https://github.com/jkosik/mcp-server-splunk#readme)

Loading README…

Scored, not listed

Why this score

Five weighted categories — click any category to see the underlying evidence.

Score breakdown

59/100across 5 weighted dimensions

How we score →

0255075100

−41

Security

Maintenance

Efficiency

Documentation

Compatibility

Categoriesclick a row to see evidence

Security

OSV.dev

No known CVEs.

No package registry to scan.

Inventory

Tools (5)

Click any tool to inspect its schema.

~512 tokens total

Inventory

Resources (1)

splunk_csv_content

Local CSV file with Splunk related content, providing further context to the chat

Inventory

Prompts (1)

splunk_alert_keyword_search

Find Splunk alerts for a specific keyword (e.g. GitHub or OKTA) and instructs Cursor to utilise multiple MCP tools to review all Splunk alerts, indexes and macros first to provide the best answer

Community

Reviews

Be the first to review

Have you used this server?

Share your experience — it helps other developers decide.

How easy was setup?Did it work reliably?How was the documentation?

Frequently Asked Questions

Is Mcp Server Splunk safe to use?: Mcp Server Splunk has no known CVEs as of the latest MCPpedia security scan. It does not require authentication, so any local process can connect — keep this in mind in shared environments.
How do I install Mcp Server Splunk?: Mcp Server Splunk supports copy-paste install configs on its MCPpedia page for Claude Desktop, Cursor, and Claude Code. Scroll to the Quick Install section and select your client.
What can Mcp Server Splunk do?: Mcp Server Splunk provides 5 tools: list_splunk_saved_searches, list_splunk_alerts, list_splunk_fired_alerts, list_splunk_indexes, list_splunk_macros. See the full tools list on the server page for descriptions and parameters.
What AI clients work with Mcp Server Splunk?: Mcp Server Splunk is compatible with claude-desktop, cursor, claude-code. It uses stdio and sse and http transport.
Is Mcp Server Splunk actively maintained?: Mcp Server Splunk is less actively maintained — last commit was 123 days ago. It has 8 GitHub stars.