mcp-server-wazuh
Author: gbrigandi
Description: Rust-based Model Context Protocol (MCP) server that exposes Wazuh SIEM data—alerts, vulnerabilities, agent status, etc.—to LLM clients via stdio or optional HTTP.
Stars: 86
Forks: 24
License: MIT License
Category: Specialized
Overview
Installation
Installation steps were not present in the repository metadata that was provided. Consult the project README for authoritative instructions. A typical Rust-based MCP server is installed with:
1. Prerequisites
• Rust tool-chain (https://rustup.rs)
• A running Wazuh manager (for SIEM integration)
• WAZUH_API_URL, WAZUH_USER and WAZUH_PASSWORD environment variables set with API credentials.
2. Clone and build
git clone https://github.com/gbrigandi/mcp-server-wazuh.git
cd mcp-server-wazuh
cargo build --release3. Run the server
./target/release/mcp-server-wazuh --config ./config.yml4. (Optional) install as a systemd service by copying the provided unit file located in `deployment/systemd/` (if present) and running `systemctl enable --now mcp-server-wazuh`.
License: MIT License
Updated 7/30/2025