elasticsearch-mcp
v0.1.3
Published
Secure MCP server for Elasticsearch integration with comprehensive tools and Elastic Cloud support
Maintainers
rajwardhan-shinde07Readme
Elasticsearch MCP
Model Context Protocol server for Elasticsearch integration with comprehensive security and performance features
elasticsearch-mcp is a Model Context Protocol (MCP) server that provides standardized, secure tools for interacting with Elasticsearch clusters. Built with TypeScript and optimized for Elastic Cloud environments, it offers comprehensive data management capabilities with enterprise-grade security features.
🚀 Features
- 🔐 Secure by Design: Input validation, script sanitization, injection prevention
- ☁️ Elastic Cloud Ready: Native support for cloud ID and API key authentication
- ⚡ High Performance: Streaming for large datasets, connection pooling, health monitoring
- 🛠️ Comprehensive Tools: 7 essential tools covering all major Elasticsearch operations
- 📊 Advanced Querying: Full Elasticsearch DSL support with aggregations and highlighting
- 📁 Data Export: Stream large datasets to CSV with compression support
- 🔍 Smart Validation: Zod-based schemas with security-first validation
- 📝 Full TypeScript: Complete type safety with strict null checks
📦 Installation
npm install elasticsearch-mcp🏃♂️ Quick Start
1. Basic Setup
# Set your Elasticsearch credentials
export ELASTIC_CLOUD_ID="your-cloud-id"
export ELASTIC_API_KEY="your-api-key"
# Start the MCP server
npx elasticsearch-mcp2. Using with Claude Desktop
Add to your Claude Desktop MCP configuration:
{
"mcpServers": {
"elasticsearch-mcp": {
"command": "npx",
"args": ["elasticsearch-mcp"],
"env": {
"ELASTIC_CLOUD_ID": "your-cloud-id",
"ELASTIC_API_KEY": "your-api-key"
}
}
}
}3. Using with any MCP Client
import { ElasticMCPServer } from 'elasticsearch-mcp';
const server = new ElasticMCPServer();
await server.start();🛠️ Available Tools
| Tool | Description | Use Cases |
|------|-------------|-----------|
| fetch_indices | List and filter Elasticsearch indices | Index management, monitoring |
| search_elasticsearch | Advanced search with aggregations | Data analysis, querying |
| create_index | Create indices with mappings/settings | Schema management |
| insert_data | Insert documents with validation | Data ingestion |
| update_document | Update documents with scripts | Data modification |
| delete_document | Delete by ID or query | Data cleanup |
| export_to_csv | Stream data to CSV files | Reporting, data export |
📋 Tool Examples
Search with Aggregations
{
"tool": "search_elasticsearch",
"arguments": {
"index": "sales-data",
"query": {
"range": {
"date": {
"gte": "2024-01-01",
"lte": "2024-12-31"
}
}
},
"aggregations": {
"monthly_sales": {
"date_histogram": {
"field": "date",
"calendar_interval": "month"
},
"aggs": {
"total_revenue": {
"sum": { "field": "amount" }
}
}
}
}
}
}Export Large Dataset
{
"tool": "export_to_csv",
"arguments": {
"index": "user-analytics",
"query": {
"bool": {
"filter": [
{ "term": { "status": "active" } },
{ "range": { "last_login": { "gte": "2024-01-01" } } }
]
}
},
"fields": ["user_id", "email", "last_login", "country"],
"filename": "active_users_2024.csv",
"compress": true,
"maxRows": 100000
}
}Create Index with Schema
{
"tool": "create_index",
"arguments": {
"name": "product-catalog",
"mappings": {
"properties": {
"name": { "type": "text", "analyzer": "standard" },
"price": { "type": "float" },
"category": { "type": "keyword" },
"created_at": { "type": "date" },
"tags": { "type": "keyword" },
"description": { "type": "text" }
}
},
"settings": {
"number_of_shards": 1,
"number_of_replicas": 1,
"analysis": {
"analyzer": {
"product_analyzer": {
"type": "standard",
"stopwords": "_english_"
}
}
}
},
"aliases": ["products", "catalog"]
}
}⚙️ Configuration
Environment Variables
| Variable | Description | Required | Example |
|----------|-------------|----------|---------|
| ELASTIC_CLOUD_ID | Elastic Cloud deployment ID | Yes* | deployment:dXMtY2VudHJhbDE= |
| ELASTIC_API_KEY | Elasticsearch API key | Yes* | VnVhQ2ZHY0JDZGJrU... |
| ELASTIC_NODE | Self-hosted Elasticsearch URL | Yes* | https://localhost:9200 |
| ELASTIC_USERNAME | Basic auth username | No | elastic |
| ELASTIC_PASSWORD | Basic auth password | No | changeme |
| LOG_LEVEL | Logging level | No | info |
| LOG_FORMAT | Log output format | No | text |
| MAX_CONCURRENT_REQUESTS | Request concurrency limit | No | 10 |
*Either ELASTIC_CLOUD_ID or ELASTIC_NODE is required
Configuration File
Create .env file:
# Elastic Cloud (recommended)
ELASTIC_CLOUD_ID=your-deployment-id
ELASTIC_API_KEY=your-api-key
# Logging
LOG_LEVEL=info
LOG_FORMAT=json
# Performance
MAX_CONCURRENT_REQUESTS=10
REQUEST_TIMEOUT_MS=30000🔒 Security Features
Input Validation
- Zod Schemas: Strict type validation for all inputs
- Field Name Validation: Prevents reserved field usage
- Size Limits: Document size, array length, string length limits
- Depth Validation: Prevents deeply nested objects/queries
Script Security
- Script Sanitization: Blocks dangerous script patterns
- Parameter Validation: Validates script parameters
- Execution Limits: Prevents resource exhaustion
Query Security
- Injection Prevention: Sanitizes and validates all queries
- Script Query Blocking: Prevents script-based queries in sensitive operations
- Rate Limiting: Protects against abuse
Data Protection
- Credential Masking: Never logs sensitive information
- Secure Connections: TLS/SSL support
- Access Control: Validates permissions before operations
🏗️ Architecture
┌─────────────────┐ ┌─────────────────┐ ┌─────────────────┐
│ MCP Client │◄──►│Elasticsearch MCP│◄──►│ Elasticsearch │
│ (Claude, etc.) │ │ Server │ │ Cluster │
└─────────────────┘ └─────────────────┘ └─────────────────┘
│
┌─────────────┐
│ Tools │
│ │
│ • fetch │
│ • search │
│ • create │
│ • insert │
│ • update │
│ • delete │
│ • export │
└─────────────┘📊 Performance
Benchmarks
- Search: <500ms average response time
- Large Exports: 10K+ documents/second with streaming
- Memory Usage: <100MB for typical operations
- Concurrent Requests: Up to 10 simultaneous operations
Optimization Features
- Connection Pooling: Reuses Elasticsearch connections
- Streaming: Memory-efficient processing of large datasets
- Compression: Reduces export file sizes by 70%+
- Health Monitoring: Automatic reconnection on failures
🔧 Development
Setup Development Environment
# Clone repository
git clone https://github.com/RajwardhanShinde/elk-mcp.git
cd elk-mcp
# Install dependencies
npm install
# Set up environment
cp .env.example .env
# Edit .env with your Elasticsearch credentials
# Run in development mode
npm run dev
# Run tests
npm test
# Build for production
npm run buildProject Structure
elasticsearch-mcp/
├── src/
│ ├── tools/ # MCP tool implementations
│ ├── elasticsearch/ # ES client and connection management
│ ├── validation/ # Input validation schemas
│ ├── errors/ # Error handling utilities
│ ├── config.ts # Configuration management
│ ├── logger.ts # Structured logging
│ └── server.ts # Main MCP server
├── tests/ # Comprehensive test suite
├── docs/ # Documentation
└── build/ # Compiled output🤝 Contributing
We welcome contributions! Please see our Contributing Guide for details.
Development Workflow
- Fork the repository
- Create a feature branch
- Make your changes with tests
- Ensure all tests pass
- Submit a pull request
📚 Documentation
🐛 Troubleshooting
Common Issues
Connection Failed
# Check credentials
echo $ELASTIC_CLOUD_ID
echo $ELASTIC_API_KEY
# Test connection
curl -H "Authorization: ApiKey $ELASTIC_API_KEY" \\
"$ELASTIC_NODE/_cluster/health"Permission Denied
- Ensure API key has required privileges
- Check index permissions
- Verify cluster access
Tool Validation Errors
- Check input parameter types
- Validate required fields
- Review field name restrictions
See Troubleshooting Guide for more details.
📄 License
This project is licensed under the MIT License - see the LICENSE file for details.
🏷️ Version History
- v0.1.0 - Initial release with 7 core tools
- Full changelog: CHANGELOG.md
🔗 Links
Built with ❤️ for the Elasticsearch and MCP communities