Upload MCP Event Logs

Upload a JSON file containing MCP events for batch processing. The system will automatically analyze each event for security threats and send alerts for any suspicious activity.

Expected File Format

Your JSON file should contain MCP event data in this exact format:

Single Event Example:
{
  "timestamp": "2023-12-01T10:30:00Z",
  "user": "user@example.com",
  "agent": "claude-3",
  "tool": "filesystem",
  "prompt": "Read the configuration file",
  "response": "File contents: {...}"
}
Multiple Events Example:
[
  {
    "timestamp": "2023-12-01T10:30:00Z",
    "user": "user@example.com",
    "agent": "claude-3",
    "tool": "filesystem",
    "prompt": "Read the configuration file",
    "response": "File contents: config.json"
  },
  {
    "timestamp": "2023-12-01T10:31:00Z",
    "user": "user@example.com", 
    "agent": "claude-3",
    "tool": "operation",
    "prompt": "Read the configuration file",
    "response": "Operation: read\nFile: /etc/config.json"
  }
]
Required fields: timestamp, user, agent, tool, prompt, response
Supported formats: Single JSON object or array of objects
Only JSON files are accepted. File can contain a single event object or an array of events.
Back to Dashboard
Real-time API Ingestion

For real-time event ingestion, use the API endpoint:

POST /api/events

Single Event:

{
  "timestamp": "2024-01-15T14:30:00Z",
  "user": "alice",
  "agent": "ChatBot",
  "tool": "web_search",
  "prompt": "Search for recent security vulnerabilities",
  "response": "Found 15 recent CVE entries..."
}

Multiple Events:

[
  {
    "timestamp": "2024-01-15T14:30:00Z",
    "user": "alice",
    "agent": "ChatBot",
    "tool": "web_search",
    "prompt": "Search for data",
    "response": "Results found"
  },
  {
    "timestamp": "2024-01-15T14:31:00Z",
    "user": "bob",
    "agent": "AssistantBot",
    "tool": "os_shell",
    "prompt": "Run whoami command",
    "response": "user123"
  }
]

cURL Example:

curl -X POST https://mcpsentinel.com/api/events \
  -H "Content-Type: application/json" \
  -d '{
    "timestamp": "2024-01-15T14:30:00Z",
    "user": "alice",
    "agent": "ChatBot",
    "tool": "web_search",
    "prompt": "Search for information",
    "response": "Search completed successfully"
  }'
Security Detection Rules

Events are automatically flagged based on the following criteria:

Dangerous Tools
  • os_shell - Direct shell access
Suspicious Keywords
  • • "delete all"
  • • "ignore instructions"
  • • "export database"
  • • "shell", "sudo"
  • • "<script>", "<system>"
Size Limits
  • • Prompts > 3,000 characters
  • • Responses > 5,000 characters
Injection Patterns
  • • SQL injection attempts
  • • Command injection patterns
  • • Script injection attempts