Server Configuration
Describes the environment variables required to run the server.
| Name | Required | Description | Default |
|---|---|---|---|
| DEBUG | No | Enable debug logging | false |
| OPENSEARCH_URL | Yes | The URL of your OpenSearch endpoint | https://your-opensearch-endpoint:9200 |
| OPENSEARCH_PASSWORD | Yes | Your OpenSearch password | |
| OPENSEARCH_USERNAME | Yes | Your OpenSearch username |
Schema
Prompts
Interactive templates invoked by user choice
| Name | Description |
|---|---|
No prompts | |
Resources
Contextual data attached and managed by the client
| Name | Description |
|---|---|
No resources | |
Tools
Functions exposed to the LLM to take actions
| Name | Description |
|---|---|
| listIndexes | List all available indexes in OpenSearch |
| searchLogs | Search for logs in any OpenSearch index |
| getIndexMapping | Get the field mappings for an index |
| exploreFieldValues | Explore possible values for a field in an index |
| monitorLogs | Monitor logs in real-time (simulated) |
| searchAlerts | Search for security alerts in Wazuh data |
| getAlertDetails | Get detailed information about a specific alert by ID |
| alertStatistics | Get statistics about security alerts |
| visualizeAlertTrend | Visualize alert trends over time |