MCP.so
ログイン

Anywhere MCP Server

@javierb507

Anywhere MCP Server について

AlienVault/USM Anywhere MCP Server - Threat intelligence and security monitoring

基本情報

カテゴリ

開発者ツール

ランタイム

node

トランスポート

stdio

公開者

javierb507

設定

標準の設定はありません

このサーバーの README には解析可能な MCP 設定ブロックが含まれていません。インストール手順はリポジトリをご確認ください。

リポジトリ

ツール

ツールは検出されませんでした

ツールは README から自動的に抽出されます。メンテナーは ## Tools という見出しの下に記載することで、このタブに反映できます。

概要

What is Anywhere MCP Server?

Anywhere MCP Server is a Model Context Protocol (MCP) server that integrates with the Levelblue USM Anywhere platform, providing secure access to security monitoring data including alarms, events, and threat intelligence through the USM Anywhere API v2.0. It also offers legacy support for AlienVault OTX API. Built with TypeScript and Zod validation, it is intended for security analysts and developers who need to query security data via MCP-compatible clients.

How to use Anywhere MCP Server?

Clone the repository, install dependencies with npm install, build with npm run build, and configure a .env file with your USM Anywhere credentials (client ID, client secret, subdomain) and optionally an OTX API key. Start the server with npm start. Add the server to your MCP client configuration by providing the path to the built index.js and the required environment variables. Tools include get_alarms, get_events, get_alarm_details, get_event_details, search_pulses, get_indicator, and get_pulse.

Key features of Anywhere MCP Server

  • OAuth 2.0 authentication using client credentials flow
  • USM Anywhere API v2.0 integration for alarms and events
  • Legacy OTX API support for threat intelligence
  • Type-safe implementation with TypeScript and Zod
  • Standard MCP protocol implementation
  • Automatic OAuth token refresh and rate limit handling

Use cases of Anywhere MCP Server

  • Retrieve and filter security alarms from USM Anywhere
  • Query security events with source, page, and size filters
  • Get detailed information on specific alarms or events
  • Search threat intelligence pulses and indicators via legacy OTX
  • Integrate security monitoring data into AI assistant workflows

FAQ from Anywhere MCP Server

How do I authenticate with the server?

Authentication uses OAuth 2.0 client credentials. You must set ANYWHERE_CLIENT_ID, ANYWHERE_CLIENT_SECRET, and ANYWHERE_SUBDOMAIN environment variables in your .env file or MCP client configuration.

Which tools are available on Anywhere MCP Server?

Seven tools are provided: get_alarms, get_events, get_alarm_details, get_event_details (USM Anywhere API v2.0), and search_pulses, get_indicator, get_pulse (legacy OTX API).

Can I use the legacy OTX API in addition to USM Anywhere?

Yes, the server includes legacy OTX API support. You can optionally set an OTX_API_KEY environment variable to use the OTX tools.

What runtime does Anywhere MCP Server require?

Node.js is required. The server is built with TypeScript and must be compiled with npm run build before running.

How is the server configured for MCP clients?

Add a JSON entry to your MCP client configuration with command: "node", args pointing to the built dist/index.js, and env containing the required credentials (ANYWHERE_CLIENT_ID, ANYWHERE_CLIENT_SECRET, ANYWHERE_SUBDOMAIN).

コメント

「開発者ツール」の他のコンテンツ