4R9UN/mcp-kql-server
A Model Context Protocol (MCP) server for executing Kusto Query Language (KQL) queries against Azure Data Explorer clusters.
MCP KQL Server
AI-Powered KQL Query Execution with Intelligent Schema Memory
A Model Context Protocol (MCP) server that provides intelligent KQL (Kusto Query Language) query execution with AI-powered schema caching and context assistance for Azure Data Explorer clusters.
š¬ Demo
Watch a quick demo of the MCP KQL Server in action:
š Features
-
execute_kql_query:- Natural Language to KQL: Generate KQL queries from natural language descriptions.
- Direct KQL Execution: Execute raw KQL queries.
- Multiple Output Formats: Supports JSON, CSV, and table formats.
- Live Schema Validation: Ensures query accuracy by using live schema discovery.
-
schema_memory:- Schema Discovery: Discover and cache schemas for tables.
- Database Exploration: List all tables within a database.
- AI Context: Get AI-driven context for tables.
- Analysis Reports: Generate reports with visualizations.
- Cache Management: Clear or refresh the schema cache.
- Memory Statistics: Get statistics about the memory usage.
š MCP Tools Execution Flow
graph TD
A[š¤ User Submits KQL Query] --> B{š Query Validation}
B -->|ā Invalid| C[š Syntax Error Response]
B -->|ā
Valid| D[š§ Load Schema Context]
D --> E{š¾ Schema Cache Available?}
E -->|ā
Yes| F[ā” Load from Memory]
E -->|ā No| G[š Discover Schema]
F --> H[šÆ Execute Query]
G --> I[š¾ Cache Schema + AI Context]
I --> H
H --> J{šÆ Query Success?}
J -->|ā Error| K[šØ Enhanced Error Message]
J -->|ā
Success| L[š Process Results]
L --> M[šØ Generate Visualization]
M --> N[š¤ Return Results + Context]
K --> O[š” AI Suggestions]
O --> N
style A fill:#4a90e2,stroke:#2c5282,stroke-width:2px,color:#ffffff
style B fill:#7c7c7c,stroke:#4a4a4a,stroke-width:2px,color:#ffffff
style C fill:#e74c3c,stroke:#c0392b,stroke-width:2px,color:#ffffff
style D fill:#8e44ad,stroke:#6a1b99,stroke-width:2px,color:#ffffff
style E fill:#7c7c7c,stroke:#4a4a4a,stroke-width:2px,color:#ffffff
style F fill:#27ae60,stroke:#1e8449,stroke-width:2px,color:#ffffff
style G fill:#f39c12,stroke:#d68910,stroke-width:2px,color:#ffffff
style H fill:#2980b9,stroke:#1f618d,stroke-width:2px,color:#ffffff
style I fill:#f39c12,stroke:#d68910,stroke-width:2px,color:#ffffff
style J fill:#7c7c7c,stroke:#4a4a4a,stroke-width:2px,color:#ffffff
style K fill:#e74c3c,stroke:#c0392b,stroke-width:2px,color:#ffffff
style L fill:#27ae60,stroke:#1e8449,stroke-width:2px,color:#ffffff
style M fill:#8e44ad,stroke:#6a1b99,stroke-width:2px,color:#ffffff
style N fill:#27ae60,stroke:#1e8449,stroke-width:2px,color:#ffffff
style O fill:#f39c12,stroke:#d68910,stroke-width:2px,color:#ffffff
Schema Memory Discovery Flow
The kql_schema_memory functionality is now seamlessly integrated into the kql_execute tool. When you run a query, the server automatically discovers and caches the schema for any tables it hasn't seen before. This on-demand process ensures you always have the context you need without any manual steps.
graph TD
A[š¤ User Requests Schema Discovery] --> B[š Connect to Cluster]
B --> C[š Enumerate Databases]
C --> D[š Discover Tables]
D --> E[š Get Table Schemas]
E --> F[š¤ AI Analysis]
F --> G[š Generate Descriptions]
G --> H[š¾ Store in Memory]
H --> I[š Update Statistics]
I --> J[ā
Return Summary]
style A fill:#4a90e2,stroke:#2c5282,stroke-width:2px,color:#ffffff
style B fill:#8e44ad,stroke:#6a1b99,stroke-width:2px,color:#ffffff
style C fill:#f39c12,stroke:#d68910,stroke-width:2px,color:#ffffff
style D fill:#2980b9,stroke:#1f618d,stroke-width:2px,color:#ffffff
style E fill:#7c7c7c,stroke:#4a4a4a,stroke-width:2px,color:#ffffff
style F fill:#e67e22,stroke:#bf6516,stroke-width:2px,color:#ffffff
style G fill:#8e44ad,stroke:#6a1b99,stroke-width:2px,color:#ffffff
style H fill:#f39c12,stroke:#d68910,stroke-width:2px,color:#ffffff
style I fill:#2980b9,stroke:#1f618d,stroke-width:2px,color:#ffffff
style J fill:#27ae60,stroke:#1e8449,stroke-width:2px,color:#ffffff
š Prerequisites
- Python 3.10 or higher
- Azure CLI installed and authenticated (
az login) - Access to Azure Data Explorer cluster(s)
š One-Command Installation
Quick Install (Recommended)
From Source
git clone https://github.com/4R9UN/mcp-kql-server.git && cd mcp-kql-server && pip install -e .
Alternative Installation Methods
pip install mcp-kql-server
That's it! The server automatically:
- ā
Sets up memory directories in
%APPDATA%\KQL_MCP(Windows) or~/.local/share/KQL_MCP(Linux/Mac) - ā Configures optimal defaults for production use
- ā Suppresses verbose Azure SDK logs
- ā No environment variables required
š± MCP Client Configuration
Claude Desktop
Add to your Claude Desktop MCP settings file (mcp_settings.json):
Location:
- Windows:
%APPDATA%\Claude\mcp_settings.json - macOS:
~/Library/Application Support/Claude/mcp_settings.json - Linux:
~/.config/Claude/mcp_settings.json
{
"mcpServers": {
"mcp-kql-server": {
"command": "python",
"args": ["-m", "mcp_kql_server"],
"env": {}
}
}
}
VSCode (with MCP Extension)
Add to your VSCode MCP configuration:
Settings.json location:
- Windows:
%APPDATA%\Code\User\mcp.json - macOS:
~/Library/Application Support/Code/User/mcp.json - Linux:
~/.config/Code/User/mcp.json
{
"MCP-kql-server": {
"command": "python",
"args": [
"-m",
"mcp_kql_server"
],
"type": "stdio"
},
}
Roo-code Or Cline (VS-code Extentions)
Ask or Add to your Roo-code Or Cline MCP settings:
MCP Settings location:
- All platforms: Through Roo-code extension settings or
mcp_settings.json
{
"MCP-kql-server": {
"command": "python",
"args": [
"-m",
"mcp_kql_server"
],
"type": "stdio",
"alwaysAllow": [
]
},
}
Generic MCP Client
For any MCP-compatible application:
# Command to run the server
python -m mcp_kql_server
# Server provides these tools:
# - kql_execute: Execute KQL queries with AI context
# - kql_schema_memory: Discover and cache cluster schemas
š§ Quick Start
1. Authenticate with Azure (One-time setup)
az login
2. Start the MCP Server (Zero configuration)
python -m mcp_kql_server
The server starts immediately with:
- š Auto-created memory path:
%APPDATA%\KQL_MCP\cluster_memory - š§ Optimized defaults: No configuration files needed
- š Secure setup: Uses your existing Azure CLI credentials
3. Use via MCP Client
The server provides two main tools:
kql_execute- Execute KQL Queries with AI Context
kql_schema_memory- Discover and Cache Cluster Schemas
š” Usage Examples
Basic Query Execution
Ask your MCP client (like Claude):
"Execute this KQL query against the help cluster:
cluster('help.kusto.windows.net').database('Samples').StormEvents | take 10and summarize the result and give me high level insights "
Complex Analytics Query
Ask your MCP client:
"Query the Samples database in the help cluster to show me the top 10 states by storm event count, include visualization"
Schema Discovery
Ask your MCP client:
"Discover and cache the schema for the help.kusto.windows.net cluster, then tell me what databases and tables are available"
Data Exploration with Context
Ask your MCP client:
"Using the StormEvents table in the Samples database on help cluster, show me all tornado events from 2007 with damage estimates over $1M"
Time-based Analysis
Ask your MCP client:
"Analyze storm events by month for the year 2007 in the StormEvents table, group by event type and show as a visualization"
šÆ Key Benefits
For Data Analysts
- ā” Faster Query Development: AI-powered autocomplete and suggestions
- šØ Rich Visualizations: Instant markdown tables for data exploration
- š§ Context Awareness: Understand your data structure without documentation
For DevOps Teams
- š Automated Schema Discovery: Keep schema information up-to-date
- š¾ Smart Caching: Reduce API calls and improve performance
- š Secure Authentication: Leverage existing Azure CLI credentials
For AI Applications
- š¤ Intelligent Query Assistance: AI-generated table descriptions and suggestions
- š Structured Data Access: Clean, typed responses for downstream processing
- šÆ Context-Aware Responses: Rich metadata for better AI decision making
šļø Architecture
graph TD
A[MCP Client<br/>Claude/AI/Custom] <--> B[MCP KQL Server<br/>FastMCP Framework]
B <--> C[Azure Data Explorer<br/>Kusto Clusters]
B <--> D[Schema Memory<br/>Local AI Cache]
style A fill:#4a90e2,stroke:#2c5282,stroke-width:3px,color:#ffffff
style B fill:#8e44ad,stroke:#6a1b99,stroke-width:3px,color:#ffffff
style C fill:#e67e22,stroke:#bf6516,stroke-width:3px,color:#ffffff
style D fill:#27ae60,stroke:#1e8449,stroke-width:3px,color:#ffffff
š Project Structure
mcp-kql-server/
āāā mcp_kql_server/
ā āāā __init__.py # Package initialization
ā āāā mcp_server.py # Main MCP server implementation
ā āāā execute_kql.py # KQL query execution logic
ā āāā memory.py # Advanced memory management
ā āāā kql_auth.py # Azure authentication
ā āāā utils.py # Utility functions
ā āāā constants.py # Configuration constants
āāā docs/ # Documentation
āāā Example/ # Usage examples
āāā pyproject.toml # Project configuration
āāā README.md # This file
š Security
- Azure CLI Authentication: Leverages your existing Azure device login
- No Credential Storage: Server doesn't store authentication tokens
- Local Memory: Schema cache stored locally, not transmitted
š Troubleshooting
Common Issues
-
Authentication Errors
# Re-authenticate with Azure CLI az login --tenant your-tenant-id -
Memory Issues
# The memory cache is now managed automatically. If you suspect issues, # you can clear the cache directory, and it will be rebuilt on the next query. # Windows: rmdir /s /q "%APPDATA%\KQL_MCP\unified_memory.json" # macOS/Linux: rm -rf ~/.local/share/KQL_MCP/cluster_memory -
Connection Timeouts
- Check cluster URI format
- Verify network connectivity
- Confirm Azure permissions
š¤ Contributing
We welcome contributions! Please do.
š Support
- Issues: GitHub Issues
- PyPI Package: PyPI Project Page
- Author: Arjun Trivedi
- Certified :
š Star History
Happy Querying! š
