MCP_AI_SOC_Sher

A powerful AI-driven Security Operations Center (SOC) Text2SQL framework based MCP Server (Local and Remote) for converting natural language Prompts to SQL queries dynamically, with integrated security threat analysis and monitoring.

• Text2SQL Conversion: Convert natural language queries to optimized SQL
• Multiple Interfaces: Support for STDIO, SSE, and REST API
• Security Threat Analysis: Built-in SQL query security analysis
• Multiple Database Support: Connect to SQLite or Snowflake databases
• Streaming Responses: Real-time query processing feedback
• SOC Monitoring: Security Operations Center monitoring capabilities

pip install mcp-ai-soc-sher

# Set your OpenAI API key
import os
os.environ["OPENAI_API_KEY"] = "your-api-key-here"

# Use as local server
from mcp_ai_soc_sher.local import LocalMCPServer

server = LocalMCPServer()
server.start()

# Or run from command line
# mcp-ai-soc --type local --stdio --sse

# Run local server with STDIO interface
mcp-ai-soc --type local --stdio

# Run local server with SSE interface
mcp-ai-soc --type local --sse

# Run remote server with REST API
mcp-ai-soc --type remote

Create a .env file with your configuration:

OPENAI_API_KEY=your_openai_api_key_here
MCP_DB_URI=sqlite:///your_database.db
MCP_SECURITY_ENABLE_THREAT_ANALYSIS=true

See the documentation for all configuration options.

import json
import requests

# Query the server
response = requests.post(
    "http://localhost:8000/api/sql",
    headers={"Content-Type": "application/json", "X-API-Key": "your-api-key"},
    json={
        "query": "Find all suspicious login attempts in the last 24 hours",
        "optimize": True,
        "execute": True
    }
)

# Process the response
result = response.json()
print(f"SQL Query: {result['sql']}")