// MCP TOOL REFERENCE

NGSIEM MCP SERVER TOOLS

10 tools from the NGSIEM MCP Server MCP Server, categorised by risk level.

// ALL 10 NGSIEM MCP SERVER TOOLS

READ 8 tools

Read build_query Build a NGSIEM query from a template with parameters. Read get_available_repositories Get the list of NGSIEM repositories configured in this environment. Read get_query_best_practices Get NGSIEM query writing best practices for optimal performance. Read get_query_reference Get NGSIEM query language reference. Read get_repo_fieldset MANDATORY FIRST STEP: Discover ALL available fields in a NGSIEM repository. Read get_search_status Check the status of a running NGSIEM search and retrieve results if complete. Read list_templates List available pre-built NGSIEM query templates for security operations. Read validate_query Validate NGSIEM query syntax before execution.

EXECUTE 2 tools

Execute stop_search Cancel a running NGSIEM search. Execute search_and_wait Execute a NGSIEM search and automatically wait for results (blocking).

// FAQ

How many tools does the NGSIEM MCP Server MCP server have? +

The NGSIEM MCP Server MCP server exposes 10 tools across 2 categories: Read, Execute.

How do I enforce policies on NGSIEM MCP Server tools? +

Route the NGSIEM MCP Server server through the PolicyLayer gateway. Define allow, deny, or approval rules per tool in the dashboard; they are enforced on every call before it reaches the server.

What risk categories do NGSIEM MCP Server tools fall into? +

NGSIEM MCP Server tools are categorised as Read (8), Execute (2). Each category has a recommended default policy.

Enforce policy on every NGSIEM MCP Server tool call.

Start from NGSIEM MCP Server, add the rest of your stack, and see everything your agents can call. Then put policy on all of it.

CHECK YOUR STACK →

Free to start. No card required.

43,000+ MCP servers and 220,000+ tools scanned and risk-classified.