home / mcp / elasticsearch mcp server
Provides Elasticsearch and OpenSearch interactions for indexing, searching, and cluster management through a configurable MCP runtime.
Configuration
View docs{
"mcpServers": {
"cr7258-elasticsearch-mcp-server": {
"command": "uvx",
"args": [
"elasticsearch-mcp-server"
],
"env": {
"OPENSEARCH_HOSTS": "https://localhost:9200",
"ELASTICSEARCH_HOSTS": "https://localhost:9200",
"OPENSEARCH_PASSWORD": "admin",
"OPENSEARCH_USERNAME": "admin",
"ELASTICSEARCH_API_KEY": "YOUR_ELASTICSEARCH_API_KEY",
"ELASTICSEARCH_PASSWORD": "test123",
"ELASTICSEARCH_USERNAME": "elastic"
}
}
}
}You can use this MCP server to interact with Elasticsearch or OpenSearch clusters, performing index, document, and cluster operations through a consolidated set of tools. It enables searching, indexing, and managing your data and cluster health via a configurable runtime that supports both local development and production deployments.
You will connect to the MCP server using an MCP-compatible client. Start the MCP server in stdio mode to run locally, then configure your client to invoke the available tools for Elasticsearch or OpenSearch operations. Use the provided credentials or API keys to authenticate with your cluster, and select the appropriate tools for tasks such as listing indices, indexing documents, searching content, and managing data streams or aliases.
Prerequisites: you need Python installed to run the MCP server components, as well as a running Elasticsearch or OpenSearch cluster you can connect to. You also need a terminal with access to the uvx or uv runtime if you plan to run the MCP server from the command line.
Configure access to your Elasticsearch and OpenSearch clusters through environment variables in your runtime. You can enable basic authentication or API key authentication for Elasticsearch, and provide the appropriate host URLs. For HTTP transports, you can enable an API key and protect the MCP server with a Bearer token. It is recommended to set a strong MCP_API_KEY in production to prevent unauthorized access.
General, index, document, and cluster operations are exposed as tools you can call through your MCP client. These tools provide concrete actions such as:
If you cannot reach your cluster, verify network connectivity, SSL verification settings, and correct host URLs in your environment variables. Check authentication credentials and ensure the MCP_API_KEY is set when using HTTP transports. Review server logs for any startup or connection errors and confirm the MCP server start command used in your environment matches the tooling configuration.
Perform a general HTTP API request for Elasticsearch/OpenSearch APIs without a dedicated tool.
List all indices in the connected cluster.
Retrieve information about one or more indices, including mappings, settings, and aliases.
Create a new index with the specified mappings and settings.
Delete a specified index.
Create a new data stream tied to a matching index template.
Retrieve information about data streams.
Delete one or more data streams and their backing indices.
Search for documents within an index or data stream.
Create or update a document in the index.
Retrieve a document by its ID.
Delete a document by its ID.
Delete documents matching a given query.
Return basic health information about the cluster.
Return high-level statistics about the cluster.
List all aliases in the cluster.
Get alias information for a specific index.
Create or update an alias for a specific index.
Delete an alias for a specific index.
Analyze text with a specified analyzer or custom analysis chain to understand tokenization.