⚙️ Tenzir MCP Server
A Model Context Protocol (MCP) server thatenables AI assistants to interact with Tenzir—a datapipeline engine for security operations.
This MCP server provides tools for executing pipelines written in the TenzirQuery Language (TQL)), workingwith Open Cybersecurity Schema Framework (OCSF), managing packages, generating parsers, and exploring documentation.
✨ Features
- Pipeline Execution: Run TQL pipelines and tests
- Documentation Access: Search and browse embedded Tenzir documentation withcross-reference support
- OCSF Integration: Query and work with OCSF definitions, event classes,objects, and profiles.
- Package Management: Create and manage Tenzir packages with operators,pipelines, enrichment contexts, and tests
- Code Generation: Auto-generate TQL parsers and OCSF mapping packages
📦 Installation
Use Docker as the fastest way to get started:
docker run -i tenzir/mcp
Or use uvx when you have a local Tenzirinstallation:
uvx tenzir-mcp
📚 Documentation
Consult our setup guidefor installation and MCP client configuration.
We also provide a reference thatexplains usage and available tools.
🤝 Contributing
Want to contribute? We're all-in on agentic coding with ClaudeCode! The repo comes pre-configured with our customplugins—just clone and start hacking.
📜 License
This project is licensed under the Apache License 2.0.
