MCP server for Suricata IDS/IPS and Zeek NSM: analyze EVE JSON alerts, hunt threats, and manage rules from an AI client
Quick Install
Copy the config for your editor. Some servers may need additional setup — check the README.
Add to claude_desktop_config.json:
{
"mcpServers": {
"suricata-mcp": {
"command": "npx",
"args": [
"-y",
"lidless-labs/suricata-mcp"
]
}
}
}
Run in terminal:
claude mcp add suricata-mcp npx -y lidless-labs/suricata-mcp
Add to .cursor/mcp.json:
{
"mcpServers": {
"suricata-mcp": {
"command": "npx",
"args": [
"-y",
"lidless-labs/suricata-mcp"
]
}
}
}