Skip to content
MCP-Bridge
Cloud Infrastructure

Security Insights Claude Desktop Config

Add the Security Insights MCP server to Claude Desktop with this ready-to-use configuration.

Setup Instructions

  1. Open Claude Desktop
  2. Go to Settings → Developer → Edit Config → claude_desktop_config.json
  3. Paste the JSON below into the file
  4. Set your credentials in the env section
  5. Restart Claude Desktop

Configuration JSON

Copy the entire block into your claude_desktop_config.json

{
  "mcpServers": {
    "azure-com-securityinsights-securityinsights": {
      "command": "npx",
      "args": [
        "-y",
        "@mcp/azure-com-securityinsights-securityinsights"
      ],
      "env": {
        "SECURITY_INSIGHTS_API_KEY": "your_security_insights_api_key"
      }
    }
  }
}

Environment Variables

SECURITY_INSIGHTS_API_KEY

Replace your_security_insights_api_key with your actual security insights api key

Endpoints

GET/providers/Microsoft.SecurityInsights/operations

Operations_List

GET/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/aggregations/{aggregationsName}

CasesAggregations_Get

GET/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRuleTemplates

AlertRuleTemplates_List

GET/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRuleTemplates/{alertRuleTemplateId}

AlertRuleTemplates_Get

GET/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules

AlertRules_List

GET/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}

AlertRules_Get

PUT/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}

AlertRules_CreateOrUpdate

DELETE/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}

AlertRules_Delete

GET/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions

Actions_ListByAlertRule

GET/subscriptions/{subscriptionId}/resourceGroups/{resourceGroupName}/providers/{operationalInsightsResourceProvider}/workspaces/{workspaceName}/providers/Microsoft.SecurityInsights/alertRules/{ruleId}/actions/{actionId}

AlertRules_GetAction