Anywhere MCP Server
@javierb507
About Anywhere MCP Server
AlienVault/USM Anywhere MCP Server - Threat intelligence and security monitoring
Basic information
Config
No standard config provided
This server doesn't expose a parseable MCP config block in its README. See the repository for install instructions.
RepositoryTools
No tools detected
We auto-extract tools from the README. The maintainer can list them under a ## Tools heading to populate this section.
Overview
What is Anywhere MCP Server?
Anywhere MCP Server is a Model Context Protocol (MCP) server that integrates with the Levelblue USM Anywhere platform, providing secure access to security monitoring data including alarms, events, and threat intelligence through the USM Anywhere API v2.0. It also offers legacy support for AlienVault OTX API. Built with TypeScript and Zod validation, it is intended for security analysts and developers who need to query security data via MCP-compatible clients.
How to use Anywhere MCP Server?
Clone the repository, install dependencies with npm install, build with npm run build, and configure a .env file with your USM Anywhere credentials (client ID, client secret, subdomain) and optionally an OTX API key. Start the server with npm start. Add the server to your MCP client configuration by providing the path to the built index.js and the required environment variables. Tools include get_alarms, get_events, get_alarm_details, get_event_details, search_pulses, get_indicator, and get_pulse.
Key features of Anywhere MCP Server
- OAuth 2.0 authentication using client credentials flow
- USM Anywhere API v2.0 integration for alarms and events
- Legacy OTX API support for threat intelligence
- Type-safe implementation with TypeScript and Zod
- Standard MCP protocol implementation
- Automatic OAuth token refresh and rate limit handling
Use cases of Anywhere MCP Server
- Retrieve and filter security alarms from USM Anywhere
- Query security events with source, page, and size filters
- Get detailed information on specific alarms or events
- Search threat intelligence pulses and indicators via legacy OTX
- Integrate security monitoring data into AI assistant workflows
FAQ from Anywhere MCP Server
How do I authenticate with the server?
Authentication uses OAuth 2.0 client credentials. You must set ANYWHERE_CLIENT_ID, ANYWHERE_CLIENT_SECRET, and ANYWHERE_SUBDOMAIN environment variables in your .env file or MCP client configuration.
Which tools are available on Anywhere MCP Server?
Seven tools are provided: get_alarms, get_events, get_alarm_details, get_event_details (USM Anywhere API v2.0), and search_pulses, get_indicator, get_pulse (legacy OTX API).
Can I use the legacy OTX API in addition to USM Anywhere?
Yes, the server includes legacy OTX API support. You can optionally set an OTX_API_KEY environment variable to use the OTX tools.
What runtime does Anywhere MCP Server require?
Node.js is required. The server is built with TypeScript and must be compiled with npm run build before running.
How is the server configured for MCP clients?
Add a JSON entry to your MCP client configuration with command: "node", args pointing to the built dist/index.js, and env containing the required credentials (ANYWHERE_CLIENT_ID, ANYWHERE_CLIENT_SECRET, ANYWHERE_SUBDOMAIN).
More Developer Tools MCP servers
Golf
golf-mcpProduction-Ready MCP Server Framework • Build, deploy & scale secure AI agent infrastructure • Includes Auth, Observability, Debugger, Telemetry & Runtime • Run real-world MCPs powering AI Agents
JetBrains MCP Proxy Server
JetBrainsA model context protocol server to work with JetBrains IDEs: IntelliJ, PyCharm, WebStorm, etc. Also, works with Android Studio
MCP-Bridge
SecretiveShellA middleware to provide an openAI compatible endpoint that can call MCP tools

Sentry
modelcontextprotocolModel Context Protocol Servers
MCP-Scan: An MCP Security Scanner
invariantlabs-aiSecurity scanner for AI agents, MCP servers and agent skills.
Comments