Connects Claude to the Blumira SIEM API for querying security findings, device agents, user accounts, and detection evidence. Supports both single-tenant and MSP multi-account operations with tools for listing alerts, resolving findings, managing comments, and pulling device/agent data. Uses decision-tree navigation where you start with a domain picker, then get domain-specific tools loaded dynamically. Handles Blumira's filter syntax for status, severity, timestamps, and regex matching. Ships as an MCPB bundle for one-click install in Claude Desktop, or runs via Docker with HTTP transport. Good fit if you're triaging security incidents in Blumira and want LLM-assisted querying without switching contexts.
claude mcp add --transport stdio wyre-technology-blumira-mcp uvx blumira-mcp