npm package discovery and stats viewer.

Discover Tips

  • General search

    [free text search, go nuts!]

  • Package details

    pkg:[package-name]

  • User packages

    @[username]

Sponsor

Optimize Toolset

I’ve always been into building performant and accessible sites, but lately I’ve been taking it extremely seriously. So much so that I’ve been building a tool to help me optimize and monitor the sites that I build to make sure that I’m making an attempt to offer the best experience to those who visit them. If you’re into performant, accessible and SEO friendly sites, you might like it too! You can check it out at Optimize Toolset.

About

Hi, 👋, I’m Ryan Hefner  and I built this site for me, and you! The goal of this site was to provide an easy way for me to check the stats on my npm packages, both for prioritizing issues and updates, and to give me a little kick in the pants to keep up on stuff.

As I was building it, I realized that I was actually using the tool to build the tool, and figured I might as well put this out there and hopefully others will find it to be a fast and useful way to search and browse npm packages as I have.

If you’re interested in other things I’m working on, follow me on Twitter or check out the open source projects I’ve been publishing on GitHub.

I am also working on a Twitter bot for this site to tweet the most popular, newest, random packages from npm. Please follow that account now and it will start sending out packages soon–ish.

Open Software & Tools

This site wouldn’t be possible without the immense generosity and tireless efforts from the people who make contributions to the world and share their work via open source initiatives. Thank you 🙏

© 2026 – Pkg Stats / Ryan Hefner

@mseep/mcp-opensearch-js

v1.0.0

Published

FastMCP server for searching OpenSearch with Wazuh security logs

Vulnerabilities

Powered byPowered by Snyk
  • 0High
  • 0Medium
  • 0Low

Links

Git

Maintainers

skydeckaiskydeckai

Keywords

opensearchmcpwazuhsecuritylogsfastmcpmseepmcp-server

Readme

OpenSearch MCP Server

A Model Context Protocol (MCP) server for querying and analyzing Wazuh security logs stored in OpenSearch.

Features

  • Search for security alerts with advanced filtering
  • Get detailed information about specific alerts
  • Generate statistics on security events
  • Visualize alert trends over time
  • Progress reporting for long-running operations
  • Structured error handling

Prerequisites

  • Node.js v16 or higher
  • Access to an OpenSearch instance containing Wazuh security logs

Installation

Option 1: Use with npx directly from GitHub (recommended)

You can run this tool directly using npx without cloning the repository:

# Run the latest version from GitHub
npx github:jetbalsa/mcp-opensearch-js

# Run with debug mode enabled
npx github:jetbalsa/mcp-opensearch-js --debug

# You can also specify a specific branch or commit
npx github:jetbalsa/mcp-opensearch-js#main

Option 2: Local Installation

  1. Clone this repository:
git clone https://github.com/jetbalsa/mcp-opensearch-js.git
cd mcp-opensearch-js
  1. Install dependencies:
npm install
  1. Configure your environment variables:
cp .env.example .env
  1. Edit the .env file with your OpenSearch connection details:
OPENSEARCH_URL=https://your-opensearch-endpoint:9200
OPENSEARCH_USERNAME=your-username
OPENSEARCH_PASSWORD=your-password
DEBUG=false

Running the Server

Start the server:

npm start

This will start the server in stdio mode.

Enable debug logging:

npm run stdio:debug

Test with MCP CLI:

npm run dev

This runs the server with the FastMCP CLI tool for interactive testing.

Test with MCP Inspector:

npm run inspect

This starts the server and connects it to the MCP Inspector for visual debugging.

Server Tools

The server provides the following tools:

1. Search Alerts

Search for security alerts in Wazuh data.

Parameters:

  • query: The search query text
  • timeRange: Time range (e.g., 1h, 24h, 7d)
  • maxResults: Maximum number of results to return
  • index: Index pattern to search

2. Get Alert Details

Get detailed information about a specific alert by ID.

Parameters:

  • id: The alert ID
  • index: Index pattern

3. Alert Statistics

Get statistics about security alerts.

Parameters:

  • timeRange: Time range (e.g., 1h, 24h, 7d)
  • field: Field to aggregate by (e.g., rule.level, agent.name)
  • index: Index pattern

4. Visualize Alert Trend

Visualize alert trends over time.

Parameters:

  • timeRange: Time range (e.g., 1h, 24h, 7d)
  • interval: Time interval for grouping (e.g., 1h, 1d)
  • query: Query to filter alerts
  • index: Index pattern

Example Usage

Using the MCP CLI tool:

> tools
Available tools:
- searchAlerts: Search for security alerts in Wazuh data
- getAlertDetails: Get detailed information about a specific alert by ID
- alertStatistics: Get statistics about security alerts
- visualizeAlertTrend: Visualize alert trends over time

> tools.searchAlerts(query: "rule.level:>10", timeRange: "12h", maxResults: 5)

Using with a Client

To use this MCP server with a client implementation:

import { Client } from "@modelcontextprotocol/sdk";
import { SSEClientTransport } from "@modelcontextprotocol/sdk/client/sse.js";

const client = new Client(
  {
    name: "example-client",
    version: "1.0.0",
  },
  {
    capabilities: {},
  },
);

const transport = new SSEClientTransport(new URL(`http://localhost:3000/sse`));

await client.connect(transport);

// Use tools
const result = await client.executeTool("searchAlerts", {
  query: "rule.level:>10",
  timeRange: "24h",
  maxResults: 10
});

console.log(result);

License

MIT