MCP AI SOC Sher
@akramIOT
关于 MCP AI SOC Sher
AI SOC Security Threat analysis using MCP Server
基本信息
配置
工具
未检测到工具
工具是从 README 中自动提取的。维护者可以在 ## Tools 标题下列出工具,即可填充这部分内容。
概览
What is MCP AI SOC Sher?
MCP AI SOC Sher is an AI-driven Security Operations Center (SOC) Text2SQL framework based on the Model Context Protocol (MCP). It converts natural language prompts into optimized SQL queries while integrating built-in security threat analysis and monitoring. It is intended for security analysts, developers, and SOC teams who need to query databases using plain English and assess the security of the resulting SQL.
How to use MCP AI SOC Sher?
Install via pip install mcp-ai-soc-sher, set the OPENAI_API_KEY environment variable (or configure it in a .env file), then run the server from the command line using mcp-ai-soc --type local --stdio (for STDIO) or --sse (for SSE) or --type remote (for REST API). You can also use the Python API by importing LocalMCPServer from mcp_ai_soc_sher.local. Send queries via HTTP POST to /api/sql with an X-API-Key header for the REST interface.
Key features of MCP AI SOC Sher
- Convert natural language to optimized SQL queries
- Support STDIO, SSE, and REST API interfaces
- Built-in rule-based and AI-powered security threat analysis
- Connect to SQLite or Snowflake databases
- Real-time streaming query processing feedback
- Security Operations Center monitoring capabilities
Use cases of MCP AI SOC Sher
- Security analysts querying databases for suspicious activities in natural language
- Automating threat hunting by converting incident descriptions to SQL
- Monitoring sensitive table access with integrated security checks
- Enabling non-technical SOC staff to run ad‑hoc database queries safely
- Building custom security dashboards that require dynamic SQL generation
FAQ from MCP AI SOC Sher
What databases does MCP AI SOC Sher support?
It supports SQLite and Snowflake databases. The database URI is configured via the MCP_DB_URI environment variable (e.g., sqlite:///your_database.db).
What interfaces are available to interact with the server?
The server supports three interfaces: STDIO (standard input/output), SSE (Server-Sent Events), and a REST API. Use the --stdio, --sse, or --type remote command-line flags accordingly.
What security features are included?
It provides rule-based and AI-powered SQL query security analysis, including detection of potential SQL injection attacks, monitoring of sensitive table access, and configurable security levels and actions. You can enable this by setting MCP_SECURITY_ENABLE_THREAT_ANALYSIS=true.
How do I configure MCP AI SOC Sher?
Configuration is done through environment variables or a .env file. Required: OPENAI_API_KEY. Optional: MCP_DB_URI (database connection string) and MCP_SECURITY_ENABLE_THREAT_ANALYSIS (boolean to enable threat analysis). See the full documentation for all options.
Does the server require an API key for the REST interface?
Yes, when using the REST API, requests must include an X-API-Key header with your API key. Local STDIO and SSE interfaces do not require this header.
其他 分类下的更多 MCP 服务器
Reactive Resume
amruthpillaiA one-of-a-kind resume builder that keeps your privacy in mind. Completely secure, customizable, portable, open-source and free forever. Try it out today!
Awesome Mcp Servers
punkpeyeA collection of MCP servers.
Awesome-MCP-ZH
yzflyMCP 资源精选, MCP指南,Claude MCP,MCP Servers, MCP Clients
Activepieces
activepiecesAI Agents & MCPs & AI Workflow Automation • (~400 MCP servers for AI agents) • AI Automation / AI Agent with MCPs • AI Workflows & AI Agents • MCPs for AI Agents
Nginx UI
0xJackyYet another WebUI for Nginx
评论