playbooks

Home / MCP / Elasticsearch MCP Server

Elasticsearch MCP Server

Provides MCP access to Elasticsearch data, enabling index discovery, mappings, searches, and shard information.

other
560stars
View on GitHub
Installation
Add the following to your MCP client configuration file.

Configuration

View docs
{
    "mcpServers": {
        "elasticsearch_mcp": {
            "url": "http://<host>:8080/mcp"
        }
    }
}

Connect to your Elasticsearch data directly from any MCP Client using the Model Context Protocol. This MCP server lets you interact with Elasticsearch indices through natural language conversations, enabling you to list indices, inspect mappings, run searches, perform ES|QL queries, and view shard information.

How to use

You connect using an MCP client and your MCP server endpoints. Start a stdio server locally with Docker to talk directly to Elasticsearch, or run a streamable HTTP endpoint to access the server over HTTP. The HTTP endpoint is preferred when your client supports streamable HTTP.

Available actions you can perform through the MCP interface include listing indices, getting field mappings, issuing searches with a DSL, running ES|QL queries, and retrieving shard information. Use these actions to explore your Elasticsearch data with conversational queries.

How to install

Prerequisites you need before starting include Docker and access to an Elasticsearch instance with credentials. You will provide the Elasticsearch URL and credentials to the MCP server via environment variables.

Install and run the stdio MCP server locally using Docker. This starts a stdio endpoint that your MCP client can connect to.

# Run the Elasticsearch MCP server in stdio mode using Docker
docker run -i --rm -e ES_URL -e ES_API_KEY docker.elastic.co/mcp/elasticsearch stdio

Additional notes and configuration

Prerequisites details and environment variables are shown here so you can configure your client and the MCP server correctly.

For the streamable HTTP endpoint, start the server in http mode. This exposes a streamable HTTP endpoint suitable for clients that support the streamable-HTTP protocol.

# Run the Elasticsearch MCP server in http mode using Docker
docker run --rm -e ES_URL -e ES_API_KEY -p 8080:8080 docker.elastic.co/mcp/elasticsearch http

Example configurations for clients

The following examples show how to configure clients to connect to the MCP server. Use the stdio or http configuration depending on your client support.

{
  "mcpServers": {
    "elasticsearch-mcp-server": {
      "command": "docker",
      "args": [
        "run", "-i", "--rm",
        "-e", "ES_URL", "-e", "ES_API_KEY",
        "docker.elastic.co/mcp/elasticsearch",
        "stdio"
      ],
      "env": {
        "ES_URL": "<elasticsearch-cluster-url>",
        "ES_API_KEY": "<elasticsearch-API-key>"
      }
    }
  }
}

Health and security notes

Optionally, you can enable SSL verification skip by setting ES_SSL_SKIP_VERIFY to true if your Elasticsearch server uses a self-signed certificate. This is not enabled by default and should be used with awareness of security implications.

Available tools

list_indices

List all available Elasticsearch indices

get_mappings

Get field mappings for a specific Elasticsearch index

search

Perform an Elasticsearch search with the provided query DSL

esql

Perform an ES|QL query

get_shards

Get shard information for all or specific indices