elasticsearch-mcp-server
Provides a Model Context Protocol (MCP) server that exposes Elasticsearch capabilities as MCP tools, implemented using Quarkus. It starts an SSE endpoint and a streamable HTTP endpoint and forwards requests to a configured Elasticsearch cluster (supports optional basic username/password).
Score Breakdown
⚙ Agent Friendliness
🔒 Security
TLS requirement for MCP endpoints is not documented; authentication for MCP endpoints is not described (only Elasticsearch credentials for upstream access). Secrets appear intended to be provided via CLI args/env vars, but guidance about logging/redaction is not documented. Since the service can connect to Elasticsearch with credentials, ensure proper network controls and avoid exposing the MCP server publicly without additional safeguards.
⚡ Reliability
Best When
You want a lightweight, locally deployable MCP bridge from agent workflows to Elasticsearch operations.
Avoid When
You require strict governance features (auditing, fine-grained auth, documented quotas) or you plan to expose the service publicly without network-level protections.
Use Cases
- • Letting AI agents query an Elasticsearch cluster via standardized MCP tools
- • Operational introspection (cluster health, index/alias listing, mappings retrieval)
- • Search workflows using Elasticsearch SQL or DSL through an agent-friendly interface
- • Retrieval of individual documents by ID
Not For
- • Public internet deployment without additional access controls
- • Use cases requiring a fully specified REST/OpenAPI contract for MCP endpoints
- • Environments needing explicit, documented rate limiting and pagination semantics for MCP tools
Interface
Authentication
README describes connecting to Elasticsearch with optional username/password, but does not document authentication/authorization for the MCP server endpoints themselves.
Pricing
Appears to be an open-source project (MIT) intended for self-hosting; no hosted pricing information provided.
Agent Metadata
Known Gotchas
- ⚠ Default MCP server listens on 0.0.0.0:19000 and auto-enables SSE and streamable endpoints; ensure network exposure is controlled.
- ⚠ Default Elasticsearch connection is http://localhost:9200 with no password; misconfiguration may lead to accidental connections to unintended clusters.
- ⚠ Only communication endpoints are documented; tool schemas, argument validation behavior, and error payload formats are not shown in the provided README.
Alternatives
Full Evaluation Report
Comprehensive deep-dive: security analysis, reliability audit, agent experience review, cost modeling, competitive positioning, and improvement roadmap for elasticsearch-mcp-server.
AI-powered analysis · PDF + markdown · Delivered within 30 minutes
Package Brief
Quick verdict, integration guide, cost projections, gotchas with workarounds, and alternatives comparison.
Delivered within 10 minutes
Score Monitoring
Get alerted when this package's AF, security, or reliability scores change significantly. Stay ahead of regressions.
Continuous monitoring
Scores are editorial opinions as of 2026-04-04.