How do I install Kibana?

Kibana is a local plugin. Install it using PyPI package: kibana-mcp and add the generated configuration snippet to your AI app's MCP config file. Then restart your AI app.

What credentials does Kibana need?

Kibana requires the following credentials or environment variables: KIBANA_URL, ELASTICSEARCH_URL, KIBANA_API_KEY, KIBANA_USERNAME, KIBANA_PASSWORD, KIBANA_SSL_VERIFY. You can find setup instructions on the server detail page.

What AI apps work with Kibana?

Kibana uses the Model Context Protocol (MCP) and works with any MCP-compatible AI app, including Claude, ChatGPT / Codex, Gemini, Copilot, Cursor, and more.

Back to Browse

Kibana MCP Server

by Mshegolev

Developer ToolsUse Caution1.0MCP RegistryLocal

Free

Server data from the Official MCP Registry

Kibana/Elasticsearch MCP — log search, aggregations, index discovery, dashboards.

About

Kibana/Elasticsearch MCP — log search, aggregations, index discovery, dashboards.

Security Report

1.0

Use Caution1.0Critical Risk

Valid MCP server (1 strong, 2 medium validity signals). 12 known CVEs in dependencies (0 critical, 6 high severity) Package registry verified. Imported from the Official MCP Registry.

5 files analyzed · 13 issues found

Security scores are indicators to help you make informed decisions, not guarantees. Always review permissions before connecting any MCP server.

Permissions Required

This plugin requests these system permissions. Most are normal for its category.

env_vars

Check that this permission is expected for this type of plugin.

HTTP Network Access

Connects to external APIs or services over the internet.

Unverified package source

We couldn't verify that the installable package matches the reviewed source code. Proceed with caution.

What You'll Need

Set these up before or after installing:

Kibana base URL (e.g. https://kibana.example.com)Optional

Environment variable: KIBANA_URL

Direct Elasticsearch URL. If unset, ES requests route through the Kibana Console proxy.Optional

Environment variable: ELASTICSEARCH_URL

Elasticsearch API key (ApiKey base64(id:api_key) format). Takes priority over Basic auth.Required

Environment variable: KIBANA_API_KEY

HTTP Basic auth username. Used only when KIBANA_API_KEY is not set.Optional

Environment variable: KIBANA_USERNAME

HTTP Basic auth password.Required

Environment variable: KIBANA_PASSWORD

Verify SSL certificates (true/false). Set to 'false' for self-signed certs.Optional

Environment variable: KIBANA_SSL_VERIFY

How to Install

Add this to your MCP configuration file:

{
  "mcpServers": {
    "io-github-mshegolev-kibana-mcp": {
      "env": {
        "KIBANA_URL": "your-kibana-url-here",
        "KIBANA_API_KEY": "your-kibana-api-key-here",
        "KIBANA_PASSWORD": "your-kibana-password-here",
        "KIBANA_USERNAME": "your-kibana-username-here",
        "ELASTICSEARCH_URL": "your-elasticsearch-url-here",
        "KIBANA_SSL_VERIFY": "your-kibana-ssl-verify-here"
      },
      "args": [
        "kibana-mcp"
      ],
      "command": "uvx"
    }
  }
}

Documentation

View on GitHub

From the project's GitHub README.

kibana-mcp

MCP server for Kibana / Elasticsearch — log search, aggregations, index discovery, and dashboard browsing via Claude and any MCP-compatible agent.

Why another Kibana MCP?

Existing integrations require a running Kibana instance with browser-level credentials and often wrap the Kibana UI rather than the stable REST APIs. This server:

Hits Elasticsearch REST API directly for log queries (faster, stable across Kibana UI changes)
Falls back to the Kibana Console proxy when no direct ES URL is configured (zero extra firewall rules)
Supports ApiKey auth (best for agents) as well as Basic auth and anonymous access
Returns both structured JSON (outputSchema) and markdown text so it works with any MCP client
Is read-only — all tools carry readOnlyHint: true, no data is modified

Tools

Tool	API	Description
`kibana_list_indices`	`GET ES/_cat/indices`	Discover available indices with health, docs, size
`kibana_search_logs`	`POST ES/{index}/_search`	Full-text log search with time range, sort, size
`kibana_aggregate_logs`	`POST ES/{index}/_search`	Terms grouping with count/avg/sum/min/max metric
`kibana_list_dashboards`	`GET Kibana/api/saved_objects/_find`	List saved dashboards with search + pagination
`kibana_get_dashboard`	`GET Kibana/api/saved_objects/dashboard/{id}`	Fetch one dashboard with panel breakdown

Installation

pip install kibana-mcp

Or run directly with uvx:

uvx kibana-mcp

Configuration

Environment Variables

Variable	Required	Description
`KIBANA_URL`	Yes	Kibana base URL (e.g. `https://kibana.example.com`)
`ELASTICSEARCH_URL`	No	Direct ES endpoint. If unset, ES requests go through Kibana Console proxy
`KIBANA_API_KEY`	No	ES API key (`ApiKey base64(id:api_key)` format). Recommended for agents
`KIBANA_USERNAME`	No	HTTP Basic auth username (used if API key not set)
`KIBANA_PASSWORD`	No	HTTP Basic auth password
`KIBANA_SSL_VERIFY`	No	`true` (default) or `false` for self-signed certificates

Auth priority: ApiKey > Basic > anonymous.

Copy .env.example to .env and fill in your values.

MCP Client Configuration (Claude Desktop / claude.app)

{
  "mcpServers": {
    "kibana": {
      "command": "uvx",
      "args": ["kibana-mcp"],
      "env": {
        "KIBANA_URL": "https://kibana.example.com",
        "KIBANA_API_KEY": "your-api-key-here"
      }
    }
  }
}

Or with direct ES access for better performance:

{
  "mcpServers": {
    "kibana": {
      "command": "uvx",
      "args": ["kibana-mcp"],
      "env": {
        "KIBANA_URL": "https://kibana.example.com",
        "ELASTICSEARCH_URL": "https://es.example.com:9200",
        "KIBANA_API_KEY": "your-api-key-here"
      }
    }
  }
}

Docker

docker run --rm -i \
  -e KIBANA_URL=https://kibana.example.com \
  -e KIBANA_API_KEY=your-key \
  ghcr.io/mshegolev/kibana-mcp

Usage Examples

Log Search

Find the last 50 ERROR logs from the API service in the last hour

→ kibana_search_logs(index="logs-*", query="level:ERROR AND service:api", size=50, time_from="2026-04-18T09:00:00Z")

Show 500 HTTP errors sorted oldest first for incident replay

→ kibana_search_logs(index="nginx-*", query="status:500", sort_order="asc", size=100)

Aggregations

How many logs per log level in the last hour?

→ kibana_aggregate_logs(index="logs-*", group_by="level", time_from="2026-04-18T09:00:00Z")

What is the average response time per service?

→ kibana_aggregate_logs(index="logs-*", group_by="service.keyword", metric="avg", metric_field="response_time_ms")

Index Discovery

What log indices are available?

→ kibana_list_indices()

Show me all filebeat indices

→ kibana_list_indices(pattern="filebeat-*")

Dashboards

Find the infrastructure dashboard

→ kibana_list_dashboards(search="infrastructure")

What panels does dashboard X have?

→ kibana_get_dashboard(dashboard_id="<id from list_dashboards>")

Performance Characteristics

Log search (kibana_search_logs): typically 50-500ms with direct ES URL; add 100-200ms when routing through Kibana Console proxy
Aggregations (kibana_aggregate_logs): size:0 queries — no hits transferred, usually 10-100ms
Index listing: single _cat/indices call, O(index_count) response, typically <100ms
Dashboard APIs: Kibana Saved Objects API, typically 50-200ms; latency is Kibana-side, not network
Set ELASTICSEARCH_URL directly if your agent does frequent log searches — eliminates the proxy overhead

Development

git clone https://github.com/mshegolev/kibana-mcp
cd kibana-mcp
pip install -e '.[dev]'
pytest tests/ -v
ruff check src tests
ruff format src tests

License

MIT — see LICENSE.

Reviews

No reviews yet

Be the first to review this server!

More Developer Tools MCP Servers

Fetch

Free

by Modelcontextprotocol · Developer Tools

Web content fetching and conversion for efficient LLM usage

Git

Free

by Modelcontextprotocol · Developer Tools

Read, search, and manipulate Git repositories programmatically

Toleno

Free

by Toleno · Developer Tools

Toleno Network MCP Server — Manage your Toleno mining account with Claude AI using natural language.

mcp-creator-python

Free

by mcp-marketplace · Developer Tools

Create, build, and publish Python MCP servers to PyPI — conversationally.

Kibana MCP Server

About

Security Report

Permissions Required

Findings (13)

What You'll Need

How to Install

Documentation

kibana-mcp

Why another Kibana MCP?

Tools

Installation

Configuration

Environment Variables

MCP Client Configuration (Claude Desktop / claude.app)

Docker

Usage Examples

Log Search

Aggregations

Index Discovery

Dashboards

Performance Characteristics

Development

License

Reviews

No reviews yet

More Developer Tools MCP Servers

Fetch

Git

Toleno

mcp-creator-python

MarkItDown

mcp-creator-typescript