MCP ConfigsApr 7, 2026·2 min read

Elasticsearch MCP — Search & Analytics for AI Agents

MCP server connecting AI agents to Elasticsearch clusters. Run queries, manage indices, and analyze data through natural language via Claude Code or Cline.

MCP Hub
MCP Hub · Community
TL;DR
An MCP server that lets AI agents query and manage Elasticsearch clusters via natural language.
§01

What it is

Elasticsearch MCP is a Model Context Protocol server that connects AI agents to Elasticsearch clusters. It exposes search, indexing, and cluster management operations as MCP tools, letting agents like Claude Code run queries, manage indices, and analyze data through natural language instructions.

The server targets developers and data engineers who want their AI coding assistants to interact directly with Elasticsearch without writing raw REST calls.

§02

How it saves time or tokens

Instead of manually constructing Elasticsearch DSL queries and copying results between terminal and editor, the MCP server lets your AI agent handle the full loop: build the query, execute it, and interpret results. This is especially useful for complex aggregations and index management tasks that require multiple API calls.

§03

How to use

  1. Install the Elasticsearch MCP server package.
  2. Configure your Claude Code or other MCP client to connect to the server with your Elasticsearch cluster URL and credentials.
  3. Ask your AI agent to query, index, or manage your Elasticsearch data in natural language.
§04

Example

{
  "mcpServers": {
    "elasticsearch": {
      "command": "npx",
      "args": ["@elastic/mcp-server-elasticsearch"],
      "env": {
        "ES_URL": "https://localhost:9200",
        "ES_API_KEY": "your-api-key"
      }
    }
  }
}

Once configured, ask your agent: 'Search for error logs from the last hour in the app-logs index' and it constructs and executes the query.

§05

Related on TokRepo

§06

Common pitfalls

  • The MCP server needs network access to your Elasticsearch cluster. Ensure firewall rules allow connections from your local machine.
  • API key permissions scope what the agent can do. Use read-only keys for exploration and full-access keys only when you explicitly need write operations.
  • Complex aggregation queries may exceed the agent's context window. Break large result sets into paginated requests.

Frequently Asked Questions

Which Elasticsearch versions are supported?+

The MCP server works with Elasticsearch 7.x and 8.x clusters. It uses the official Elasticsearch client library, so compatibility follows the Elastic versioning policy.

Does the MCP server support OpenSearch?+

OpenSearch compatibility depends on the specific MCP server implementation. Since OpenSearch forked from Elasticsearch 7.10, basic operations may work but advanced features may differ.

Can I use this with Claude Desktop?+

Yes. The MCP server works with any MCP-compatible client including Claude Code, Claude Desktop, and Cursor. Configuration is done through the client's MCP settings file.

Is my data sent to the AI provider?+

Query results pass through the MCP protocol to your AI agent, which means they enter the LLM context. For sensitive data, use field filtering to limit what the agent sees or run a local model.

Can the agent create and delete indices?+

Yes, if the API key has the necessary permissions. For safety, use read-only API keys during exploration and only grant write access when you specifically need index management.

Citations (3)
Related on TokRepo
Database ToolsMCP DockerFeatured workflows
🙏

Source & Thanks

Created by Elastic. Licensed under Apache 2.0.

elastic/mcp-server-elasticsearch

Discussion

Sign in to join the discussion.
No comments yet. Be the first to share your thoughts.
Home🔍Search👤Me