realm-security/agent-mcp-logging
If you are the rightful owner of agent-mcp-logging and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to henry@mcphub.com.
This guide provides a practical approach to building an observable Phishing Triage Assistant using Model Context Protocol (MCP) and structured logging for enhanced security monitoring.
Security Monitoring for AI Agents and MCP
A practical guide to building an observable Phishing Triage Assistant with MCP and structured logging
TLDR: We show structured logging of AI Agents with MCP to tackle Phishing Triage, allowing continuous security monitoring in a SIEM and automated remediation in a SOAR.
This code is a companion to our technical blog post, published by Realm.Security.
See the technical blog for more details.
Contents
mcp_server.py
provides the MCP server using FastMCP, instrumented with client-side loggingagent_client.py
provides the AI agent using LangGraph, with structured logging across both agent and tools
Usage
Ensure uv is installed to manage the Python dependencies.
Run the MCP server:
uv run -- python mcp_server.py
Then, in a separate terminal, run the AI agent.
uv run -- python agent_client.py
The agent requires access to a Large Language Model (LLM), and is set up to use Anthropic Claude Sonnet 3.7 through AWS Bedrock by default. Ensure your access credentials are available to the LangChain API.