agent-mcp-logging

realm-security/agent-mcp-logging

3.2

If you are the rightful owner of agent-mcp-logging and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.

This guide provides a practical approach to building an observable Phishing Triage Assistant using Model Context Protocol (MCP) and structured logging for enhanced security monitoring.

Security Monitoring for AI Agents and MCP

A practical guide to building an observable Phishing Triage Assistant with MCP and structured logging

TLDR: We show structured logging of AI Agents with MCP to tackle Phishing Triage, allowing continuous security monitoring in a SIEM and automated remediation in a SOAR.

This code is a companion to our technical blog post, published by Realm.Security.

See the technical blog for more details.

Overview of AI Phishing Triage Assistant

Contents

  • mcp_server.py provides the MCP server using FastMCP, instrumented with client-side logging
  • agent_client.py provides the AI agent using LangGraph, with structured logging across both agent and tools

Usage

Ensure uv is installed to manage the Python dependencies.

Run the MCP server:

uv run -- python mcp_server.py

Then, in a separate terminal, run the AI agent.

uv run -- python agent_client.py

The agent requires access to a Large Language Model (LLM), and is set up to use Anthropic Claude Sonnet 3.7 through AWS Bedrock by default. Ensure your access credentials are available to the LangChain API.