mcp-server-splunk-oncall
MCP server for Splunk On-Call (VictorOps) incident management
Ask AI about mcp-server-splunk-oncall
Powered by Claude · Grounded in docs
I know everything about mcp-server-splunk-oncall. Ask me about installation, configuration, usage, or troubleshooting.
0/500
Reviews
Documentation
mcp-server-splunk-oncall
MCP server for the Splunk On-Call (VictorOps) API. Full coverage of the REST API with automatic read-only detection.
Tools (45)
Access
| Tool | Description |
|---|---|
get_access_mode | Check if API key is full-access or read-only |
Incidents
| Tool | Description |
|---|---|
list_incidents | List all current incidents |
acknowledge_incidents | Acknowledge incidents by number |
resolve_incidents | Resolve incidents by number |
acknowledge_all_incidents | Acknowledge all triggered incidents |
resolve_all_incidents | Resolve all triggered incidents |
reroute_incidents | Reroute incidents to another user or policy |
get_incident_timeline | Get event timeline for an incident |
On-Call
| Tool | Description |
|---|---|
get_oncall | Who is currently on call across all teams |
get_team_oncall_schedule | On-call schedule for a team |
get_user_oncall_schedule | On-call schedule for a user |
Teams
| Tool | Description |
|---|---|
list_teams | List all teams |
get_team | Get team details |
create_team | Create a new team |
update_team | Update a team name |
delete_team | Delete a team |
get_team_members | List members of a team |
add_team_member | Add a user to a team |
remove_team_member | Remove a user from a team |
get_team_admins | List team admins |
get_team_policies | List escalation policies for a team |
Users
| Tool | Description |
|---|---|
list_users | List all users |
get_user | Get user details |
create_user | Invite a new user |
delete_user | Delete a user (with replacement) |
get_user_contact_methods | List contact methods (phone, email, SMS) |
get_user_devices | List push notification devices |
get_user_oncall_schedule | User on-call schedule |
get_user_policies | User escalation policies |
get_user_teams | User team memberships |
Routing Keys
| Tool | Description |
|---|---|
list_routing_keys | List routing keys and their policies |
create_routing_key | Create a routing key |
delete_routing_key | Delete a routing key |
Escalation Policies
| Tool | Description |
|---|---|
list_policies | List all escalation policies |
get_policy | Get escalation policy details |
create_policy | Create an escalation policy |
delete_policy | Delete an escalation policy |
Maintenance
| Tool | Description |
|---|---|
list_maintenance | List maintenance windows |
get_maintenance | Get maintenance window details |
create_maintenance | Create a maintenance window |
end_maintenance | End a maintenance window early |
Organization
| Tool | Description |
|---|---|
get_org_info | Get organization information |
get_org_timeline | Organization-wide event timeline |
Alerts and Reporting
| Tool | Description |
|---|---|
list_alerts | List recent alerts |
get_incident_history | Historical incident data |
get_oncall_report | On-call report for a team |
Installation
uvx mcp-server-splunk-oncall
Or install from PyPI:
pip install mcp-server-splunk-oncall
Configuration
The server requires two environment variables:
SPLUNK_ONCALL_API_ID- Your Splunk On-Call API IDSPLUNK_ONCALL_API_KEY- Your Splunk On-Call API key
Claude Code
Add to your Claude Code MCP settings:
{
"mcpServers": {
"splunk-oncall": {
"command": "uvx",
"args": ["mcp-server-splunk-oncall"],
"env": {
"SPLUNK_ONCALL_API_ID": "your-api-id",
"SPLUNK_ONCALL_API_KEY": "your-api-key"
}
}
}
}
Read-Only Mode
The server automatically detects whether the API key is read-only or full-access on first use. When a read-only key is provided, write operations return a clear error message instead of failing with a 403. Use get_access_mode to check.
You can also force read-only mode with a full-access key by setting:
"SPLUNK_ONCALL_READ_ONLY": "true"
This is useful when you want to use a full-access key but prevent accidental writes.
License
MIT