MCP Server for Splunk

Build 24.0.9300

CData MCP Server for Splunk

Overview

The CData MCP Server for Splunk exposes Splunk as a toolset accessible to large language models (LLMs) like Claude, using the open Model Context Protocol (MCP). Each connector runs as a lightweight MCP server, enabling AI agents to discover, interpret, and invoke operations on live data — all through natural language.

This connector is designed specifically for tool-based, non-SQL interaction. LLMs use metadata provided by the server to understand and interact with Splunk data safely, without requiring SQL queries or traditional prompt engineering.

Key Features

  • Exposes Splunk data to Claude using the Model Context Protocol (MCP).
  • Supports secure, tool-based interactions — no SQL required.
  • Runs lightweight MCP server instances per connection.
  • Built-in support for popular authentication flows.
  • Seamless local integration with Claude Desktop.

Getting Started

See Getting Started for step-by-step instructions on installing the server, establishing a connection, and configuring Claude Desktop to access Splunk data.

Using With Claude

See Using With Claude to learn how Claude Desktop connects to the MCP Server and uses tool metadata to interact with Splunk through natural language requests.

Data Model

See Data Model for information on the available entities and how to query them.

Connection String Options

The Connection properties describe the various options that can be used to establish a connection.

Copyright (c) 2025 CData Software, Inc. - All rights reserved.
Build 24.0.9300