splunk-mcp-llm-siemulator

MCP Tool

rsfl/splunk-mcp-llm-siemulator

A Docker lab integrating Splunk SIEM with Ollama LLM via MCP for AI security operations. Features Promptfoo OWASP evaluation, TA-ollama and TA-mcp-jsonrpc add-ons, dual bind-mount log ingestion, and real-time HEC streaming across six indexes for MITRE ATLAS TTP detection.

Install

$ npx loaditout add rsfl/splunk-mcp-llm-siemulator

Platform-specific configuration:

.claude/settings.json

{
  "mcpServers": {
    "splunk-mcp-llm-siemulator": {
      "command": "npx",
      "args": [
        "-y",
        "splunk-mcp-llm-siemulator"
      ]
    }
  }
}

Add the config above to .claude/settings.json under the mcpServers key.

Reviews

Loading reviews...

Quality Signals

Stars

Installs

Last updated20 days ago

Security: B

New

Safety

Risk Levelmedium

Data Access

read

Network Accessnone

Details

Sourcegithub-crawl

Last commit3/8/2026

View on GitHub→

Embed Badge

[![Loaditout](https://loaditout.ai/api/badge/rsfl/splunk-mcp-llm-siemulator)](https://loaditout.ai/skills/rsfl/splunk-mcp-llm-siemulator)