Query Rapid7 InsightIDR logs in natural language for faster security investigations.
Copy the install command and let the AI configure it · recommended for beginners
No copy-paste install info for "rapid7-mcp-server" yet — see the docs or source repo.
Query InsightIDR logs from the past 24 hours related to suspicious logins, focus on users with spikes in failed login attempts, and summarize results by user.
Returns relevant login logs from the last 24 hours and summarizes suspicious users with failed login trends.
Within the specified authentication and endpoint logsets, search events from the last 7 days containing high-severity alert keywords, and list timestamp, host, and alert summary.
Outputs a list of high-severity related events within selected logsets for further security analysis.
Generate an LEQL query for this need: find events in the last 48 hours where a source IP repeatedly triggered authentication failures and then later logged in successfully.
Provides an executable LEQL query and explains the security meaning of its conditions.
Query exported Rapid7 vulnerability and asset data using natural language or SQL.
Query and analyze VMware Log Insight logs using natural language.
Search and aggregate Quickwit logs in natural language for faster troubleshooting.
Query Wazuh in natural language for triage, hunting, audits, and response.
Give AI read-only logs to debug Linux servers safely without shell access.
Let AI agents research cybersecurity offline using a local security knowledge base.