VERIFIED

Elasticsearch

Safety: 55/100

0.0(0)

This MCP server provides tools to interact with Elasticsearch/OpenSearch, enabling document searching, index management, and cluster administration with configurable security.

MCP ServersFreemium

Boost this tool

Subscribe to listing upgrades or segmented pushes.

Overview

This MCP server provides tools to interact with Elasticsearch/OpenSearch, enabling document searching, index management, and cluster administration with configurable security.

This server's safety depends heavily on configuration. Disabling high-risk operations and setting a strong MCP_API_KEY are crucial for secure deployments. The general API request tool should be used with caution due to its potential for arbitrary actions.

Performance depends on the size and complexity of the Elasticsearch/OpenSearch cluster, as well as the efficiency of the queries. Consider optimizing queries and indexing strategies for large datasets.

Cost is primarily associated with Elasticsearch/OpenSearch cluster resources (CPU, memory, storage) and any associated cloud service fees. API calls themselves are typically low-cost.

HybridPython246 starsApache-2.0Released 2/2/2026CI/CD

Connections & Capabilities

Connects To

GitHubDocker

Capabilities

ReadWriteAdmin

Client Compatibility

Claude Desktop

full

Cursor

untested

Windsurf

untested

VS Code (Copilot)

untested

Quickstart

Install

uvx elasticsearch-mcp-server-es7

Environment Variables

MCP_API_KEY

Tools (20)

high

general_api_request

Performs a general HTTP API request to Elasticsearch/OpenSearch.

Allows execution of arbitrary API calls, potentially leading to data breaches or system compromise.

safe

list_indices

Lists all indices in the Elasticsearch/OpenSearch cluster.

Read-only operation that does not modify any data.

safe

get_index

Retrieves information about one or more indices.

Read-only operation that retrieves index metadata.

moderate

create_index

Creates a new index in Elasticsearch/OpenSearch.

Creates a new index, which could impact cluster performance or storage.

critical

delete_index

Deletes an index from Elasticsearch/OpenSearch.

Deletes an index and all its data, resulting in permanent data loss.

safe

search_documents

Searches for documents within Elasticsearch/OpenSearch.

Read-only operation that retrieves documents based on a query.

moderate

index_document

Creates or updates a document in the index.

Modifies data within an index, potentially overwriting existing documents.

safe

get_document

Retrieves a document by its ID.

Read-only operation that retrieves a specific document.

critical

delete_document

Deletes a document by its ID.

Deletes a specific document, resulting in data loss.

critical

delete_by_query

Deletes documents matching the provided query.

Deletes documents based on a query, potentially resulting in significant data loss.

safe

get_cluster_health

Returns basic information about the health of the cluster.

Read-only operation that retrieves cluster health status.

safe

get_cluster_stats

Returns a high-level overview of cluster statistics.

Read-only operation that retrieves cluster statistics.

safe

list_aliases

Lists all aliases in the Elasticsearch/OpenSearch cluster.

Read-only operation that does not modify any data.

safe

get_alias

Get alias information for a specific index.

Read-only operation that retrieves alias metadata.

moderate

put_alias

Create or update an alias for a specific index.

Creates or updates an alias, which could impact query routing.

critical

delete_alias

Delete an alias for a specific index.

Deletes an alias, potentially breaking existing queries.

safe

analyze_text

Analyze text using a specified analyzer or custom analysis chain.

Read-only operation that analyzes text without modifying data.

moderate

create_data_stream

Create a new data stream (requires matching index template).

Creates a new data stream, which could impact cluster performance or storage.

safe

get_data_stream

Get information about one or more data streams.

Read-only operation that retrieves data stream metadata.

critical

delete_data_stream

Delete one or more data streams and their backing indices.

Deletes one or more data streams and their backing indices, resulting in permanent data loss.

Security

Auth Method

API Key|Environment Variable

Data Locality

hybrid

Known Risks

!Exposure of Elasticsearch/OpenSearch instance if MCP_API_KEY is not set.
!Potential for unauthorized data modification or deletion if write operations are enabled.
!Environment variable storage of sensitive credentials.
!Unvalidated input to the `general_api_request` tool could lead to security vulnerabilities.

Safety Score

moderate risk

Positive

+Supports API key authentication for Elasticsearch.
+Offers option to disable high-risk operations (write/delete).
+Allows disabling specific operations via configuration.
+Provides basic authentication via username/password.

Risks

-If MCP_API_KEY is not set for HTTP transports, no authentication is required.
-General API request tool can potentially execute arbitrary commands.
-Write operations are enabled by default.
-Secrets (passwords, API keys) are managed via environment variables.

Use Cases

Log Analysis

-Searching for specific error messages in application logs
-Aggregating log data to identify trends and anomalies
-Visualizing log data to gain insights into system behavior

Security Monitoring

-Detecting suspicious activity based on network traffic patterns
-Analyzing security logs to identify potential threats
-Investigating security incidents by correlating data from multiple sources

Application Performance Monitoring

-Tracking application response times and error rates
-Identifying performance bottlenecks in application code
-Monitoring the health of application servers and databases

Full-Text Search

-Implementing search functionality for websites and applications
-Searching for documents based on keywords and phrases
-Providing faceted search capabilities to refine search results

Who Is This For?

Best For

Analyzing large volumes of log data
Implementing full-text search capabilities
Monitoring application performance
Detecting security threats
Managing Elasticsearch/OpenSearch clusters

Not Ideal For

Real-time transaction processing
Highly sensitive data requiring strict access controls (without careful configuration)
Environments with limited resources or expertise in Elasticsearch/OpenSearch

Autonomy & Execution

Default ModeRead and Write enabled

Destructive Tools

Autonomy is determined by the enabled tools and the permissions of the Elasticsearch/OpenSearch user. Exercise caution when granting access to destructive tools.

StatelessYes

Retry LogicNot documented

ConcurrencySingle-threaded

Production Tip

Monitor Elasticsearch/OpenSearch cluster health and resource usage to ensure optimal performance.

FAQ

How do I secure the MCP server?

Always set the MCP_API_KEY environment variable for HTTP transports. Disable high-risk operations if write access is not required.

What Elasticsearch/OpenSearch versions are supported?

The server supports Elasticsearch 7.x, 8.x, 9.x and OpenSearch 1.x, 2.x, 3.x. Use the appropriate server variant for your Elasticsearch version.

How do I disable write operations?

Set the DISABLE_HIGH_RISK_OPERATIONS environment variable to true.

Can I disable specific operations?

Yes, use the DISABLE_OPERATIONS environment variable to specify a comma-separated list of operations to disable.

What authentication methods are supported?

The server supports basic authentication (username/password) and API key authentication for Elasticsearch/OpenSearch. For the MCP server itself, it supports API key authentication via the MCP_API_KEY environment variable.

How do I configure the Elasticsearch/OpenSearch connection?

Use the ELASTICSEARCH_HOSTS/OPENSEARCH_HOSTS environment variable to specify the host(s). You can also configure SSL verification and request timeouts.

What is the purpose of the `general_api_request` tool?

It allows you to execute any Elasticsearch/OpenSearch API call that is not covered by a dedicated tool. Use with caution as it can perform arbitrary actions.

Metrics

Discovered2/14/2026

Reviews0

Saved By0 users

Related Tools

Elasticsearch - AI Tool Review & Alternatives | Flaex AI