Incident forensic with log files analyzing
Valid MCP server (1 strong, 4 medium validity signals). No known CVEs in dependencies. Imported from the Official MCP Registry. 1 finding(s) downgraded by scanner intelligence.
8 files analyzed · 1 issue found
Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.
Add this to your MCP configuration file:
{
"mcpServers": {
"io-github-james116blue-journald-mcp-server": {
"args": [
"journald-mcp-server"
],
"command": "uvx"
}
}
}From the project's GitHub README.
An MCP server for accessing systemd journal logs.
# Install dependencies
uv sync
Run as non-root: Give the user systemd-journal group access usermod -aG systemd-journal $USER
Run the server with:
uv run server.py [OPTIONS]
--transport: Transport protocol to use (stdio, sse, or streamable-http). Default: stdio--port: Port to listen on for HTTP transport (ignored for stdio transport). Default: 3002--log-level: Logging level (DEBUG, INFO, WARNING, ERROR, CRITICAL). Default: INFORun with stdio transport (default, for MCP clients that communicate via stdin/stdout):
python server.py
Run with HTTP transport on custom port:
python server.py --transport streamable-http --port 8080
Run with SSE transport:
python server.py --transport sse --port 3000
Run with debug logging:
python server.py --log-level DEBUG
The server provides the following MCP resources and tools:
journal://units: List unique systemd units from journal logs (all accessible time)journal://syslog-identifiers: List unique syslog identifiers from journal logs (all accessible time)journal://first-entry-datetime: Get the datetime of the first entry in the journaljournal://units/{since}/{until}: List unique systemd units within a specified time rangejournal://syslog-identifiers/{since}/{until}: List unique syslog identifiers within a specified time rangeget_journal_entries: Get journal entries with datetime filtering
since (optional), until (optional), unit (optional), identifier (optional), message_contains (optional), limit (default: 100)since="2 hours ago", message_contains="error"get_recent_logs: Get recent journal logs from the last N minutes
minutes (default: 60), unit (optional), limit (default: 50)The server uses natural language datetime parsing via the dateparser library. Supported formats include:
All times are interpreted as UTC and returned in human-readable format: "YYYY-MM-DD HH:MM:SS UTC"
This project uses:
journald-mcp-server/
├── journald_mcp_server/ # Main package
│ ├── __init__.py
│ ├── server.py # MCP server implementation
│ └── datetime_utils.py # Datetime parsing and formatting utilities
├── tests/ # Test suite
│ ├── __init__.py
│ └── test_server.py
├── server.py # Entry point wrapper
├── pyproject.toml
└── README.md
python -m pytest tests/
Be the first to review this server!
by Modelcontextprotocol · Developer Tools
Read, search, and manipulate Git repositories programmatically
by Toleno · Developer Tools
Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.
by mcp-marketplace · Developer Tools
Create, build, and publish Python MCP servers to PyPI — conversationally.