MCP server for Splunk On-Call (VictorOps) incident management
Project description
mcp-server-splunk-oncall
MCP server for the Splunk On-Call (VictorOps) API. Full coverage of the REST API with automatic read-only detection.
Tools (45)
Access
| Tool | Description |
|---|---|
get_access_mode |
Check if API key is full-access or read-only |
Incidents
| Tool | Description |
|---|---|
list_incidents |
List all current incidents |
acknowledge_incidents |
Acknowledge incidents by number |
resolve_incidents |
Resolve incidents by number |
acknowledge_all_incidents |
Acknowledge all triggered incidents |
resolve_all_incidents |
Resolve all triggered incidents |
reroute_incidents |
Reroute incidents to another user or policy |
get_incident_timeline |
Get event timeline for an incident |
On-Call
| Tool | Description |
|---|---|
get_oncall |
Who is currently on call across all teams |
get_team_oncall_schedule |
On-call schedule for a team |
get_user_oncall_schedule |
On-call schedule for a user |
Teams
| Tool | Description |
|---|---|
list_teams |
List all teams |
get_team |
Get team details |
create_team |
Create a new team |
update_team |
Update a team name |
delete_team |
Delete a team |
get_team_members |
List members of a team |
add_team_member |
Add a user to a team |
remove_team_member |
Remove a user from a team |
get_team_admins |
List team admins |
get_team_policies |
List escalation policies for a team |
Users
| Tool | Description |
|---|---|
list_users |
List all users |
get_user |
Get user details |
create_user |
Invite a new user |
delete_user |
Delete a user (with replacement) |
get_user_contact_methods |
List contact methods (phone, email, SMS) |
get_user_devices |
List push notification devices |
get_user_oncall_schedule |
User on-call schedule |
get_user_policies |
User escalation policies |
get_user_teams |
User team memberships |
Routing Keys
| Tool | Description |
|---|---|
list_routing_keys |
List routing keys and their policies |
create_routing_key |
Create a routing key |
delete_routing_key |
Delete a routing key |
Escalation Policies
| Tool | Description |
|---|---|
list_policies |
List all escalation policies |
get_policy |
Get escalation policy details |
create_policy |
Create an escalation policy |
delete_policy |
Delete an escalation policy |
Maintenance
| Tool | Description |
|---|---|
list_maintenance |
List maintenance windows |
get_maintenance |
Get maintenance window details |
create_maintenance |
Create a maintenance window |
end_maintenance |
End a maintenance window early |
Organization
| Tool | Description |
|---|---|
get_org_info |
Get organization information |
get_org_timeline |
Organization-wide event timeline |
Alerts and Reporting
| Tool | Description |
|---|---|
list_alerts |
List recent alerts |
get_incident_history |
Historical incident data |
get_oncall_report |
On-call report for a team |
Installation
uvx mcp-server-splunk-oncall
Or install from PyPI:
pip install mcp-server-splunk-oncall
Configuration
The server requires two environment variables:
SPLUNK_ONCALL_API_ID- Your Splunk On-Call API IDSPLUNK_ONCALL_API_KEY- Your Splunk On-Call API key
Claude Code
Add to your Claude Code MCP settings:
{
"mcpServers": {
"splunk-oncall": {
"command": "uvx",
"args": ["mcp-server-splunk-oncall"],
"env": {
"SPLUNK_ONCALL_API_ID": "your-api-id",
"SPLUNK_ONCALL_API_KEY": "your-api-key"
}
}
}
}
Read-Only Mode
The server automatically detects whether the API key is read-only or full-access on first use. When a read-only key is provided, write operations return a clear error message instead of failing with a 403. Use get_access_mode to check.
You can also force read-only mode with a full-access key by setting:
"SPLUNK_ONCALL_READ_ONLY": "true"
This is useful when you want to use a full-access key but prevent accidental writes.
License
MIT
Release history Release notifications | RSS feed
Download files
Download the file for your platform. If you're not sure which to choose, learn more about installing packages.
Source Distribution
Built Distribution
Filter files by name, interpreter, ABI, and platform.
If you're not sure about the file name format, learn more about wheel file names.
Copy a direct link to the current filters
File details
Details for the file mcp_server_splunk_oncall-0.3.0.tar.gz.
File metadata
- Download URL: mcp_server_splunk_oncall-0.3.0.tar.gz
- Upload date:
- Size: 10.3 kB
- Tags: Source
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.11.3 {"installer":{"name":"uv","version":"0.11.3","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"macOS","version":null,"id":null,"libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
dd4930d5266d51a528bb0914852fb25577d5c9177565315664e8968831b27623
|
|
| MD5 |
bb23585c156ec3f222b37e9e324fc4c8
|
|
| BLAKE2b-256 |
6c8343b7ea66130920b65df16367c542b82f2e257892b3ff901bf1370f588f18
|
File details
Details for the file mcp_server_splunk_oncall-0.3.0-py3-none-any.whl.
File metadata
- Download URL: mcp_server_splunk_oncall-0.3.0-py3-none-any.whl
- Upload date:
- Size: 9.8 kB
- Tags: Python 3
- Uploaded using Trusted Publishing? No
- Uploaded via: uv/0.11.3 {"installer":{"name":"uv","version":"0.11.3","subcommand":["publish"]},"python":null,"implementation":{"name":null,"version":null},"distro":{"name":"macOS","version":null,"id":null,"libc":null},"system":{"name":null,"release":null},"cpu":null,"openssl_version":null,"setuptools_version":null,"rustc_version":null,"ci":null}
File hashes
| Algorithm | Hash digest | |
|---|---|---|
| SHA256 |
cbb9399795f770269d1ccfa1f99755922bb1cc436490488610310955e0fd75c9
|
|
| MD5 |
a6a581ede69ba73011e23245dfc781e8
|
|
| BLAKE2b-256 |
699f350425fef87c0ca5788881a2bbecb326d3e581e68f503ddc99abf4a048f4
|
