Wazuh MCP Server: Claude Desktop + OpenSearch (Part 2)

 Posted on March 23, 2026  |  9 minutes  |  1722 words  |  pyToshka  • Other languages: Русский

Introduction

In Part 1 we connected AWS Bedrock Claude to the Wazuh Dashboard chat via ML Commons. That approach works well for analysts working inside the Wazuh UI. In this part we open a second channel: Model Context Protocol (MCP), which allows any compatible client - Claude Desktop, custom applications, CI pipelines - to query Wazuh Indexer data through a standardized tool interface.

[Read More]
wazuh  aws  bedrock  mcp  llm  ai  security  devsecops  docker  opensearch  siem  claude  threat analysis  security monitoring  automation