shanto12/splunk-soar-mcp
If you are the rightful owner of splunk-soar-mcp and would like to certify it and/or have it hosted online, please leave a comment on the right or send an email to dayong@mcphub.com.
The Splunk SOAR MCP Server connects AI assistants directly to your Splunk SOAR instance, enabling seamless interaction and automation.
Tools
Functions exposed to the LLM to take actions
get_containers
Search and filter containers by severity, status, time range
get_container_details
Get comprehensive details about a specific container
get_artifacts
Retrieve artifacts (IOCs, evidence) from containers
list_playbooks
List available automation playbooks
run_playbook
Execute playbooks on containers
search_containers
Full-text search across container fields
get_action_results
View results from security actions
Prompts
Interactive templates invoked by user choice
No prompts
Resources
Contextual data attached and managed by the client