MCP For Splunk

v1.0.0Monitoring & Observabilitystable

MCP Server for integrating with Splunk Enterprise

mcp-for-splunkmcpai-integration
Share:
23
Stars
0
Downloads
0
Weekly
0/5

What is MCP For Splunk?

MCP For Splunk is a Model Context Protocol (MCP) server that allows AI assistants like Claude, Cursor, and VS Code to mcp server for integrating with splunk enterprise

MCP Server for integrating with Splunk Enterprise

This server falls under the Monitoring & Observability and Analytics categories on MCPgee, the world's largest MCP server directory with 33,000+ servers.

Features

  • MCP Server for integrating with Splunk Enterprise

Use Cases

Integrate with Splunk Enterprise to query and analyze logs and data.
Use Claude to ask questions about your Splunk dashboards and metrics.
deslicer

Maintainer

LicenseApache-2.0
Languagepython
Versionv1.0.0
UpdatedMay 15, 2026
Statushealthy
Maintenanceactive

Works with

ClaudeOpenAIwindowsmacoslinux

Installation

Manual Installation

npx mcp-for-splunk

Configuration

Configuration Details

Config File

claude_desktop_config.json

Performance

Response Metrics

Response Time< 200ms
ThroughputMedium

Resource Usage

Memory UsageLow
CPU UsageLow

How to Set Up and Use MCP For Splunk

MCP for Splunk is a Model Context Protocol server that bridges AI assistants with Splunk Enterprise, enabling natural language querying of logs, dashboards, and operational data. It exposes over 70 ITSI-specific tools alongside general search, administration, and health-monitoring capabilities. Teams can use it to run saved searches, troubleshoot degraded services, explore data schemas, and manage users — all through an AI chat interface without writing raw SPL.

Prerequisites

  • Python 3.10+ and the uv package manager installed
  • A running Splunk Enterprise instance with network access from your machine
  • Splunk credentials (host, port, username, password)
  • An MCP-compatible client such as Claude Desktop
1

Clone the repository

Clone the mcp-for-splunk repository to your local machine.

git clone https://github.com/deslicer/mcp-for-splunk.git
cd mcp-for-splunk
2

Run the smart installer (macOS/Linux)

The included smart-install script sets up the Python environment and dependencies automatically.

./scripts/smart-install.sh
3

Configure your Splunk credentials

Copy the example environment file and fill in your Splunk host, port, username, and password.

cp env.example .env
# Edit .env with your Splunk connection details:
# SPLUNK_HOST=your-splunk-host
# SPLUNK_PORT=8089
# SPLUNK_USERNAME=admin
# SPLUNK_PASSWORD=your-password
# SPLUNK_SCHEME=https
4

Start the MCP server

Launch the server in local mode. It listens on localhost:8003/mcp/ by default.

uv run mcp-server --local --detached
5

Verify the server is working

Run the built-in test command to confirm the server can connect to Splunk.

uv run mcp-server --test
6

Add the server to your MCP client

Configure Claude Desktop or another MCP client to connect to the running server via HTTP transport.

MCP For Splunk Examples

Client configuration

Add the Splunk MCP server to Claude Desktop config using HTTP transport pointing to the local server.

{
  "mcpServers": {
    "splunk": {
      "command": "uv",
      "args": ["run", "mcp-server", "--local"],
      "cwd": "/path/to/mcp-for-splunk",
      "env": {
        "SPLUNK_HOST": "your-splunk-host",
        "SPLUNK_PORT": "8089",
        "SPLUNK_USERNAME": "admin",
        "SPLUNK_PASSWORD": "your-password",
        "SPLUNK_SCHEME": "https"
      }
    }
  }
}

Prompts to try

Examples of questions you can ask Claude once connected to your Splunk instance.

- "List all available saved searches in Splunk"
- "Run a search for errors in the main index in the last 24 hours"
- "Show me the health status of my Splunk deployment"
- "What data sources are available in Splunk and what are their schemas?"
- "Find all failed login attempts in the last hour and summarize them"

Troubleshooting MCP For Splunk

Server fails to start with connection errors

Verify your .env file has the correct SPLUNK_HOST, SPLUNK_PORT, SPLUNK_USERNAME, and SPLUNK_PASSWORD. Ensure the Splunk management port (default 8089) is accessible from your machine and not blocked by a firewall.

uv command not found after installation

Install uv with `curl -LsSf https://astral.sh/uv/install.sh | sh` and ensure ~/.local/bin is in your PATH. Restart your terminal after installation.

MCP client cannot connect to the server

Check that the server is running with `uv run mcp-server --test`. If using HTTP transport, ensure localhost:8003 is reachable and not blocked. For multi-tenant setups, pass X-Splunk-Host and related headers in client configuration.

Frequently Asked Questions about MCP For Splunk

What is MCP For Splunk?

MCP For Splunk is a Model Context Protocol (MCP) server that mcp server for integrating with splunk enterprise It connects AI assistants to external tools and data sources through a standardized interface.

How do I install MCP For Splunk?

Follow the installation instructions on the MCP For Splunk GitHub repository. Clone the repo, install dependencies, and add the server config to your AI client.

Which AI clients work with MCP For Splunk?

MCP For Splunk works with all major MCP-compatible AI clients including Claude Desktop, Claude Code, Cursor, VS Code (GitHub Copilot), Windsurf, and Cline.

Is MCP For Splunk free to use?

Yes, MCP For Splunk is open source and available under the Apache-2.0 license. You can use it freely in both personal and commercial projects.

Browse More Monitoring & Observability MCP Servers

Explore all monitoring & observability servers available in the MCPgee directory. Each server includes setup guides for Claude, Cursor, and VS Code.

Quick Config Preview

{ "mcpServers": { "mcp-for-splunk": { "command": "npx", "args": ["-y", "mcp-for-splunk"] } } }

Add this to your claude_desktop_config.json or .cursor/mcp.json

Read the full setup guide →

Ready to use MCP For Splunk?

Browse our complete directory of 33,000+ MCP servers, read setup guides for your editor, and start building with the Model Context Protocol.

33,000+ ServersFree & Open SourceStep-by-Step Guides