mcp-server-splunk-oncall 0.1.0__tar.gz

mcp_server_splunk_oncall-0.1.0/.gitignore

@@ -0,0 +1,7 @@
+__pycache__/
+*.pyc
+*.egg-info/
+dist/
+build/
+.env
+.venv/

mcp_server_splunk_oncall-0.1.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 amendezsap
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

mcp_server_splunk_oncall-0.1.0/PKG-INFO

@@ -0,0 +1,103 @@
+Metadata-Version: 2.4
+Name: mcp-server-splunk-oncall
+Version: 0.1.0
+Summary: MCP server for Splunk On-Call (VictorOps) incident management
+Project-URL: Homepage, https://github.com/amendezsap/mcp-server-splunk-oncall
+Project-URL: Repository, https://github.com/amendezsap/mcp-server-splunk-oncall
+Project-URL: Issues, https://github.com/amendezsap/mcp-server-splunk-oncall/issues
+Author: amendezsap
+License-Expression: MIT
+License-File: LICENSE
+Keywords: incident-management,mcp,oncall,splunk,victorops
+Classifier: Development Status :: 4 - Beta
+Classifier: Intended Audience :: System Administrators
+Classifier: License :: OSI Approved :: MIT License
+Classifier: Programming Language :: Python :: 3
+Classifier: Topic :: System :: Monitoring
+Requires-Python: >=3.10
+Requires-Dist: httpx>=0.27.0
+Requires-Dist: mcp>=1.0.0
+Description-Content-Type: text/markdown
+
+# mcp-server-splunk-oncall
+
+MCP server for Splunk On-Call (VictorOps) incident management. Provides tools for managing incidents, on-call schedules, maintenance windows, and team operations from any MCP client.
+
+## Installation
+
+```bash
+uvx mcp-server-splunk-oncall
+```
+
+Or install from PyPI:
+
+```bash
+pip install mcp-server-splunk-oncall
+```
+
+## Configuration
+
+The server requires two environment variables:
+
+- `SPLUNK_ONCALL_API_ID` - Your Splunk On-Call API ID
+- `SPLUNK_ONCALL_API_KEY` - Your Splunk On-Call API key
+
+### Claude Code
+
+Add to your Claude Code MCP settings:
+
+```json
+{
+  "mcpServers": {
+    "splunk-oncall": {
+      "command": "uvx",
+      "args": ["mcp-server-splunk-oncall"],
+      "env": {
+        "SPLUNK_ONCALL_API_ID": "your-api-id",
+        "SPLUNK_ONCALL_API_KEY": "your-api-key"
+      }
+    }
+  }
+}
+```
+
+For read-only access, use a read-only API key. For full access (acknowledge, resolve, reroute incidents), use a full-access API key.
+
+## Available Tools
+
+### Incidents
+- `list_incidents` - List all current incidents
+- `acknowledge_incidents` - Acknowledge incidents by number
+- `resolve_incidents` - Resolve incidents by number
+- `reroute_incidents` - Reroute incidents to another user or policy
+- `get_incident_timeline` - Get event timeline for an incident
+- `get_incident_history` - Query historical incident data
+
+### On-Call
+- `get_oncall` - Who is currently on call across all teams
+- `get_team_oncall_schedule` - On-call schedule for a team
+- `get_user_oncall_schedule` - On-call schedule for a user
+
+### Teams and Users
+- `list_teams` - List all teams
+- `get_team_members` - List members of a team
+- `get_team_policies` - List escalation policies for a team
+- `list_users` - List all users
+- `get_user` - Get user details
+
+### Routing and Policies
+- `list_routing_keys` - List routing keys and their policies
+- `list_policies` - List all escalation policies
+- `get_policy` - Get escalation policy details
+
+### Maintenance
+- `list_maintenance` - List active and scheduled maintenance windows
+- `create_maintenance` - Create a maintenance window
+- `end_maintenance` - End a maintenance window early
+
+### Organization
+- `get_org_info` - Get organization information
+
+## License
+
+MIT

mcp_server_splunk_oncall-0.1.0/README.md

@@ -0,0 +1,82 @@
+# mcp-server-splunk-oncall
+
+MCP server for Splunk On-Call (VictorOps) incident management. Provides tools for managing incidents, on-call schedules, maintenance windows, and team operations from any MCP client.
+
+## Installation
+
+```bash
+uvx mcp-server-splunk-oncall
+```
+
+Or install from PyPI:
+
+```bash
+pip install mcp-server-splunk-oncall
+```
+
+## Configuration
+
+The server requires two environment variables:
+
+- `SPLUNK_ONCALL_API_ID` - Your Splunk On-Call API ID
+- `SPLUNK_ONCALL_API_KEY` - Your Splunk On-Call API key
+
+### Claude Code
+
+Add to your Claude Code MCP settings:
+
+```json
+{
+  "mcpServers": {
+    "splunk-oncall": {
+      "command": "uvx",
+      "args": ["mcp-server-splunk-oncall"],
+      "env": {
+        "SPLUNK_ONCALL_API_ID": "your-api-id",
+        "SPLUNK_ONCALL_API_KEY": "your-api-key"
+      }
+    }
+  }
+}
+```
+
+For read-only access, use a read-only API key. For full access (acknowledge, resolve, reroute incidents), use a full-access API key.
+
+## Available Tools
+
+### Incidents
+- `list_incidents` - List all current incidents
+- `acknowledge_incidents` - Acknowledge incidents by number
+- `resolve_incidents` - Resolve incidents by number
+- `reroute_incidents` - Reroute incidents to another user or policy
+- `get_incident_timeline` - Get event timeline for an incident
+- `get_incident_history` - Query historical incident data
+
+### On-Call
+- `get_oncall` - Who is currently on call across all teams
+- `get_team_oncall_schedule` - On-call schedule for a team
+- `get_user_oncall_schedule` - On-call schedule for a user
+
+### Teams and Users
+- `list_teams` - List all teams
+- `get_team_members` - List members of a team
+- `get_team_policies` - List escalation policies for a team
+- `list_users` - List all users
+- `get_user` - Get user details
+
+### Routing and Policies
+- `list_routing_keys` - List routing keys and their policies
+- `list_policies` - List all escalation policies
+- `get_policy` - Get escalation policy details
+
+### Maintenance
+- `list_maintenance` - List active and scheduled maintenance windows
+- `create_maintenance` - Create a maintenance window
+- `end_maintenance` - End a maintenance window early
+
+### Organization
+- `get_org_info` - Get organization information
+
+## License
+
+MIT

mcp_server_splunk_oncall-0.1.0/pyproject.toml

@@ -0,0 +1,32 @@
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[project]
+name = "mcp-server-splunk-oncall"
+version = "0.1.0"
+description = "MCP server for Splunk On-Call (VictorOps) incident management"
+readme = "README.md"
+license = "MIT"
+requires-python = ">=3.10"
+authors = [{ name = "amendezsap" }]
+keywords = ["mcp", "splunk", "victorops", "oncall", "incident-management"]
+classifiers = [
+    "Development Status :: 4 - Beta",
+    "Intended Audience :: System Administrators",
+    "License :: OSI Approved :: MIT License",
+    "Programming Language :: Python :: 3",
+    "Topic :: System :: Monitoring",
+]
+dependencies = [
+    "mcp>=1.0.0",
+    "httpx>=0.27.0",
+]
+
+[project.scripts]
+mcp-server-splunk-oncall = "mcp_server_splunk_oncall.server:main"
+
+[project.urls]
+Homepage = "https://github.com/amendezsap/mcp-server-splunk-oncall"
+Repository = "https://github.com/amendezsap/mcp-server-splunk-oncall"
+Issues = "https://github.com/amendezsap/mcp-server-splunk-oncall/issues"

mcp_server_splunk_oncall-0.1.0/src/mcp_server_splunk_oncall/client.py

@@ -0,0 +1,158 @@
+"""HTTP client for the Splunk On-Call (VictorOps) REST API."""
+
+from __future__ import annotations
+
+import httpx
+
+
+API_BASE = "https://api.victorops.com/api-public"
+
+
+class SplunkOnCallClient:
+    """Thin wrapper around the Splunk On-Call public REST API."""
+
+    def __init__(self, api_id: str, api_key: str) -> None:
+        self._headers = {
+            "X-VO-Api-Id": api_id,
+            "X-VO-Api-Key": api_key,
+            "Content-Type": "application/json",
+            "Accept": "application/json",
+        }
+        self._client = httpx.AsyncClient(
+            base_url=API_BASE,
+            headers=self._headers,
+            timeout=30.0,
+        )
+
+    async def close(self) -> None:
+        await self._client.aclose()
+
+    async def _request(self, method: str, path: str, **kwargs) -> dict:
+        resp = await self._client.request(method, path, **kwargs)
+        resp.raise_for_status()
+        return resp.json()
+
+    # -- Incidents --
+
+    async def list_incidents(self) -> dict:
+        return await self._request("GET", "/v2/incidents")
+
+    async def acknowledge_incidents(
+        self, user_name: str, incident_names: list[str], message: str | None = None,
+    ) -> dict:
+        body: dict = {"userName": user_name, "incidentNames": incident_names}
+        if message:
+            body["message"] = message
+        return await self._request("POST", "/v1/incidents/acknowledge", json=body)
+
+    async def resolve_incidents(
+        self, user_name: str, incident_names: list[str], message: str | None = None,
+    ) -> dict:
+        body: dict = {"userName": user_name, "incidentNames": incident_names}
+        if message:
+            body["message"] = message
+        return await self._request("POST", "/v1/incidents/resolve", json=body)
+
+    async def reroute_incidents(
+        self, user_name: str, incident_names: list[str], targets: list[dict],
+    ) -> dict:
+        body = {
+            "userName": user_name,
+            "incidentNames": incident_names,
+            "targets": targets,
+        }
+        return await self._request("POST", "/v1/incidents/reroute", json=body)
+
+    async def get_incident_timeline(self, incident_number: str) -> dict:
+        return await self._request("GET", f"/v1/incidents/{incident_number}/timeline")
+
+    # -- On-Call --
+
+    async def get_oncall(self) -> dict:
+        return await self._request("GET", "/v2/oncall/current")
+
+    async def get_team_oncall_schedule(
+        self, team_slug: str, days_forward: int = 14, days_skip: int = 0,
+    ) -> dict:
+        params = {"daysForward": days_forward, "daysSkip": days_skip}
+        return await self._request(
+            "GET", f"/v2/team/{team_slug}/oncall/schedule", params=params,
+        )
+
+    # -- Teams --
+
+    async def list_teams(self) -> dict:
+        return await self._request("GET", "/v1/team")
+
+    async def get_team(self, team_slug: str) -> dict:
+        return await self._request("GET", f"/v1/team/{team_slug}")
+
+    async def get_team_members(self, team_slug: str) -> dict:
+        return await self._request("GET", f"/v1/team/{team_slug}/members")
+
+    async def get_team_policies(self, team_slug: str) -> dict:
+        return await self._request("GET", f"/v1/team/{team_slug}/policies")
+
+    # -- Users --
+
+    async def list_users(self) -> dict:
+        return await self._request("GET", "/v1/user")
+
+    async def get_user(self, user_name: str) -> dict:
+        return await self._request("GET", f"/v1/user/{user_name}")
+
+    async def get_user_oncall_schedule(self, user_name: str) -> dict:
+        return await self._request("GET", f"/v1/user/{user_name}/oncall/schedule")
+
+    # -- Routing Keys --
+
+    async def list_routing_keys(self) -> dict:
+        return await self._request("GET", "/v1/org/routing-keys")
+
+    # -- Escalation Policies --
+
+    async def list_policies(self) -> dict:
+        return await self._request("GET", "/v1/policies")
+
+    async def get_policy(self, policy_slug: str) -> dict:
+        return await self._request("GET", f"/v1/policies/{policy_slug}")
+
+    # -- Maintenance Mode --
+
+    async def list_maintenance(self) -> dict:
+        return await self._request("GET", "/v1/maintenancemode")
+
+    async def create_maintenance(
+        self,
+        names: list[str],
+        purpose: str,
+        start_date: str | None = None,
+        end_date: str | None = None,
+        is_global: bool = False,
+    ) -> dict:
+        body: dict = {"names": names, "purpose": purpose, "isGlobal": is_global}
+        if start_date:
+            body["startDate"] = start_date
+        if end_date:
+            body["endDate"] = end_date
+        return await self._request("POST", "/v1/maintenancemode", json=body)
+
+    async def end_maintenance(self, maintenance_id: str) -> dict:
+        return await self._request("DELETE", f"/v1/maintenancemode/{maintenance_id}")
+
+    # -- Organization --
+
+    async def get_org(self) -> dict:
+        return await self._request("GET", "/v1/org")
+
+    # -- Reporting --
+
+    async def get_incident_history(
+        self, start: str | None = None, end: str | None = None,
+    ) -> dict:
+        params: dict = {}
+        if start:
+            params["startedAfter"] = start
+        if end:
+            params["startedBefore"] = end
+        return await self._request("GET", "/v2/reporting/incidents", params=params)

mcp_server_splunk_oncall-0.1.0/src/mcp_server_splunk_oncall/server.py

@@ -0,0 +1,316 @@
+"""MCP server for Splunk On-Call (VictorOps) incident management."""
+
+from __future__ import annotations
+
+import json
+import os
+
+from mcp.server.fastmcp import FastMCP
+
+from .client import SplunkOnCallClient
+
+mcp = FastMCP(
+    "splunk-oncall",
+    instructions="Manage Splunk On-Call (VictorOps) incidents, on-call schedules, and maintenance windows",
+)
+
+_client: SplunkOnCallClient | None = None
+
+
+def _get_client() -> SplunkOnCallClient:
+    global _client
+    if _client is None:
+        api_id = os.environ.get("SPLUNK_ONCALL_API_ID")
+        api_key = os.environ.get("SPLUNK_ONCALL_API_KEY")
+        if not api_id or not api_key:
+            raise ValueError(
+                "SPLUNK_ONCALL_API_ID and SPLUNK_ONCALL_API_KEY environment variables are required"
+            )
+        _client = SplunkOnCallClient(api_id, api_key)
+    return _client
+
+
+def _fmt(data: dict) -> str:
+    return json.dumps(data, indent=2, default=str)
+
+
+# -- Incidents --
+
+
+@mcp.tool()
+async def list_incidents() -> str:
+    """List all current incidents (triggered, acknowledged, resolved)."""
+    result = await _get_client().list_incidents()
+    return _fmt(result)
+
+
+@mcp.tool()
+async def acknowledge_incidents(
+    user_name: str, incident_numbers: list[str], message: str = "",
+) -> str:
+    """Acknowledge one or more incidents.
+
+    Args:
+        user_name: Your Splunk On-Call username
+        incident_numbers: List of incident numbers to acknowledge (e.g. ["123", "456"])
+        message: Optional message to attach to the acknowledgment
+    """
+    result = await _get_client().acknowledge_incidents(
+        user_name, incident_numbers, message or None,
+    )
+    return _fmt(result)
+
+
+@mcp.tool()
+async def resolve_incidents(
+    user_name: str, incident_numbers: list[str], message: str = "",
+) -> str:
+    """Resolve one or more incidents.
+
+    Args:
+        user_name: Your Splunk On-Call username
+        incident_numbers: List of incident numbers to resolve (e.g. ["123", "456"])
+        message: Optional message to attach to the resolution
+    """
+    result = await _get_client().resolve_incidents(
+        user_name, incident_numbers, message or None,
+    )
+    return _fmt(result)
+
+
+@mcp.tool()
+async def reroute_incidents(
+    user_name: str,
+    incident_numbers: list[str],
+    target_user: str = "",
+    target_policy: str = "",
+) -> str:
+    """Reroute incidents to another user or escalation policy.
+
+    Args:
+        user_name: Your Splunk On-Call username
+        incident_numbers: List of incident numbers to reroute
+        target_user: Username to reroute to (provide this or target_policy)
+        target_policy: Escalation policy slug to reroute to (provide this or target_user)
+    """
+    targets = []
+    if target_user:
+        targets.append({"type": "User", "slug": target_user})
+    if target_policy:
+        targets.append({"type": "EscalationPolicy", "slug": target_policy})
+    if not targets:
+        return "Error: provide either target_user or target_policy"
+    result = await _get_client().reroute_incidents(user_name, incident_numbers, targets)
+    return _fmt(result)
+
+
+@mcp.tool()
+async def get_incident_timeline(incident_number: str) -> str:
+    """Get the event timeline for a specific incident.
+
+    Args:
+        incident_number: The incident number to get the timeline for
+    """
+    result = await _get_client().get_incident_timeline(incident_number)
+    return _fmt(result)
+
+
+# -- On-Call --
+
+
+@mcp.tool()
+async def get_oncall() -> str:
+    """Get who is currently on call across all teams and policies."""
+    result = await _get_client().get_oncall()
+    return _fmt(result)
+
+
+@mcp.tool()
+async def get_team_oncall_schedule(
+    team_slug: str, days_forward: int = 14,
+) -> str:
+    """Get the on-call schedule for a specific team.
+
+    Args:
+        team_slug: The team slug identifier
+        days_forward: Number of days to look ahead (default 14)
+    """
+    result = await _get_client().get_team_oncall_schedule(team_slug, days_forward)
+    return _fmt(result)
+
+
+@mcp.tool()
+async def get_user_oncall_schedule(user_name: str) -> str:
+    """Get the on-call schedule for a specific user.
+
+    Args:
+        user_name: The username to look up
+    """
+    result = await _get_client().get_user_oncall_schedule(user_name)
+    return _fmt(result)
+
+
+# -- Teams --
+
+
+@mcp.tool()
+async def list_teams() -> str:
+    """List all teams in the organization."""
+    result = await _get_client().list_teams()
+    return _fmt(result)
+
+
+@mcp.tool()
+async def get_team_members(team_slug: str) -> str:
+    """List members of a specific team.
+
+    Args:
+        team_slug: The team slug identifier
+    """
+    result = await _get_client().get_team_members(team_slug)
+    return _fmt(result)
+
+
+@mcp.tool()
+async def get_team_policies(team_slug: str) -> str:
+    """List escalation policies for a specific team.
+
+    Args:
+        team_slug: The team slug identifier
+    """
+    result = await _get_client().get_team_policies(team_slug)
+    return _fmt(result)
+
+
+# -- Users --
+
+
+@mcp.tool()
+async def list_users() -> str:
+    """List all users in the organization."""
+    result = await _get_client().list_users()
+    return _fmt(result)
+
+
+@mcp.tool()
+async def get_user(user_name: str) -> str:
+    """Get details for a specific user.
+
+    Args:
+        user_name: The username to look up
+    """
+    result = await _get_client().get_user(user_name)
+    return _fmt(result)
+
+
+# -- Routing Keys --
+
+
+@mcp.tool()
+async def list_routing_keys() -> str:
+    """List all routing keys and their associated escalation policies."""
+    result = await _get_client().list_routing_keys()
+    return _fmt(result)
+
+
+# -- Escalation Policies --
+
+
+@mcp.tool()
+async def list_policies() -> str:
+    """List all escalation policies in the organization."""
+    result = await _get_client().list_policies()
+    return _fmt(result)
+
+
+@mcp.tool()
+async def get_policy(policy_slug: str) -> str:
+    """Get details for a specific escalation policy.
+
+    Args:
+        policy_slug: The escalation policy slug
+    """
+    result = await _get_client().get_policy(policy_slug)
+    return _fmt(result)
+
+
+# -- Maintenance Mode --
+
+
+@mcp.tool()
+async def list_maintenance() -> str:
+    """List all active and scheduled maintenance windows."""
+    result = await _get_client().list_maintenance()
+    return _fmt(result)
+
+
+@mcp.tool()
+async def create_maintenance(
+    routing_keys: list[str],
+    purpose: str,
+    end_date: str = "",
+    start_date: str = "",
+) -> str:
+    """Create a maintenance window to suppress alerts.
+
+    Args:
+        routing_keys: List of routing key names to suppress alerts for
+        purpose: Description of why maintenance is being performed
+        end_date: ISO 8601 end time (e.g. "2026-04-09T06:00:00Z"). Required.
+        start_date: ISO 8601 start time. Defaults to now if omitted.
+    """
+    if not end_date:
+        return "Error: end_date is required"
+    result = await _get_client().create_maintenance(
+        names=routing_keys,
+        purpose=purpose,
+        start_date=start_date or None,
+        end_date=end_date,
+    )
+    return _fmt(result)
+
+
+@mcp.tool()
+async def end_maintenance(maintenance_id: str) -> str:
+    """End a maintenance window early.
+
+    Args:
+        maintenance_id: The maintenance window ID to end
+    """
+    result = await _get_client().end_maintenance(maintenance_id)
+    return _fmt(result)
+
+
+# -- Organization --
+
+
+@mcp.tool()
+async def get_org_info() -> str:
+    """Get organization information."""
+    result = await _get_client().get_org()
+    return _fmt(result)
+
+
+# -- Reporting --
+
+
+@mcp.tool()
+async def get_incident_history(start: str = "", end: str = "") -> str:
+    """Get historical incident data for reporting.
+
+    Args:
+        start: ISO 8601 start time filter (e.g. "2026-04-01T00:00:00Z")
+        end: ISO 8601 end time filter (e.g. "2026-04-08T00:00:00Z")
+    """
+    result = await _get_client().get_incident_history(
+        start=start or None, end=end or None,
+    )
+    return _fmt(result)
+
+
+def main():
+    mcp.run()
+
+
+if __name__ == "__main__":
+    main()