TheHive MCP Server

Name: TheHive MCP Server
Availability: InStock
Author: gbrigandi

Supports UI

by gbrigandi

Bridge AI models to TheHive incident response platform for alert analysis and case management.

0 stars

3 views

Works in:claude

Exposes:Tools

View on GitHub Docs

What it does

Connects AI assistants to TheHive, a scalable security incident response platform. It allows AI models to retrieve security alerts, manage cases, and perform incident response operations directly through the MCP protocol.

Tools

get_thehive_alerts: Retrieve a list of active alerts.
get_thehive_alert_by_id: Get detailed information for a specific alert.
get_thehive_cases: Retrieve a list of existing cases.
get_thehive_case_by_id: Get comprehensive details for a specific case.
promote_alert_to_case: Convert a security alert into a formal case.
create_thehive_case: Create a new incident case with detailed metadata.

Installation

Add the following to your claude_desktop_config.json:

{
  "mcpServers": {
    "thehive": {
      "command": "/path/to/mcp-server-thehive",
      "env": {
        "THEHIVE_URL": "https://your-thehive-instance.com:9000/api",
        "THEHIVE_API_TOKEN": "your-api-token-here"
      }
    }
  }
}

Supported hosts

claude

Quick install

cargo build --release

Information

Pricing: free
Published: 4/27/2026
stars

Related Apps

Choose your AI client and follow the steps below.

Claude Desktop

{
  "mcpServers": {
    "thehive": {
      "command": "/path/to/mcp-server-thehive",
      "env": {
        "THEHIVE_URL": "https://your-thehive-instance.com:9000/api",
        "THEHIVE_API_TOKEN": "your-api-token-here"
      }
    }
  }
}