io.github.thomasxm

crowdsentinel-mcp-server

AI-powered threat hunting and incident response MCP server for Elasticsearch/OpenSearch

stdiocommunityservice

Package Details

crowdsentinel-mcp-server

0.4.6https://pypi.org/project/crowdsentinel-mcp-server
Transportstdio

Environment Variables

ELASTICSEARCH_HOSTS(str)
Default:https://localhost:9200

Comma-separated Elasticsearch hosts. Supports HTTP/HTTPS, local/remote/cloud (e.g., http://localhost:9200, https://es.prod.example.com:9200)

ELASTICSEARCH_CLOUD_ID(str)

Elastic Cloud deployment ID (alternative to ELASTICSEARCH_HOSTS for cloud deployments)

ELASTICSEARCH_API_KEY(str)
Secret

API key for authentication (recommended for production and Elastic Cloud)

ELASTICSEARCH_USERNAME(str)

Username for basic authentication (alternative to API key)

ELASTICSEARCH_PASSWORD(str)
Secret

Password for basic authentication (used with ELASTICSEARCH_USERNAME)

ELASTICSEARCH_BEARER_TOKEN(str)
Secret

Bearer/service token for authentication (alternative to API key)

VERIFY_CERTS(str)
Default:false

TLS certificate verification: true (verify CA — production), false (skip — dev/test), or /path/to/ca.crt (custom CA)

REQUEST_TIMEOUT(str)

Request timeout in seconds (e.g., 60 or 10.5)