Sysdig MCP Server
Config is the same across clients — only the file and path differ.
{
"mcpServers": {
"sysdig-mcp-server": {
"env": {
"SYSDIG_MCP_API_HOST": "<your_sysdig_host>",
"SYSDIG_MCP_API_TOKEN": "<your_sysdig_api_token>",
"SYSDIG_MCP_TRANSPORT": "stdio"
},
"args": [
"run",
"github.com/sysdiglabs/sysdig-mcp-server/cmd/server@latest"
],
"command": "go"
}
}
}Are you the author?
Add this badge to your README to show your security score and help users find safe servers.
No automated test available for this server. Check the GitHub README for setup instructions.
Five weighted categories — click any category to see the underlying evidence.
No known CVEs.
No package registry to scan.
Be the first to review
Have you used this server?
Share your experience — it helps other developers decide.
Sign in to write a review.
Others in security / devops
MCP server for using the GitLab API
AI-powered reverse engineering assistant that bridges IDA Pro with language models through MCP.
Proof primitive for AI agents on MultiversX. Anchor file hashes on-chain as verifiable proofs.
mcpki-server is the backend infrastructure for https://www.mcpki.org, enabling secure public key management and autonomous certificate handling for large language models (LLMs).
MCP Security Weekly
Get CVE alerts and security updates for Sysdig Mcp Server and similar servers.
Start a conversation
Ask a question, share a tip, or report an issue.
Sign in to join the discussion.
[!IMPORTANT] Breaking change — this MCP server now focuses on Sysdig Monitor.
Starting with the next major release, the dedicated Sysdig Secure tools (
list_runtime_events,get_event_info,get_event_process_tree) have been removed from this server. For Sysdig Secure use cases, install the new @sysdig/secure-mcp-server package, which provides comprehensive coverage of Sysdig Secure capabilities.
This is an implementation of an MCP (Model Context Protocol) Server that exposes Sysdig Monitor capabilities to LLMs. New tools and functionalities will be added over time following semantic versioning. The goal is to provide a simple and easy-to-use interface for querying information from the Sysdig platform using LLMs.
For Sysdig Secure-specific workflows, use the dedicated @sysdig/secure-mcp-server.
Get up and running with the Sysdig MCP Server quickly using our pre-built Docker image.
Get your API Token: Go to your Sysdig instance and navigate to Settings > Sysdig Monitor API. This token is required to authenticate requests to the Sysdig Platform (See the Configuration section for more details).
Configure your MCP client:
Add the server configuration to your MCP client (e.g., Claude Desktop's claude_desktop_config.json). Choose your preferred installation method from the Server Setup section. The Docker method is the easiest to get started with since it requires no local toolchain.
Substitute the following placeholders with your actual values:
<your_sysdig_host>: The hostname of your Sysdig instance (e.g., https://us2.app.sysdig.com or https://eu1.app.sysdig.com)<your_sysdig_api_token>: Your Sysdig API token (Secure or Monitor)The server dynamically filters the available tools based on the permissions associated with the API token used for the request. If the token lacks the required permissions for a tool, that tool will not be listed.
k8s_list_clusters
metrics-data.readk8s_list_nodes
metrics-data.readk8s_list_workloads
metrics-data.read