Adx

Overview

This MCP server enables AI assistants to execute KQL queries and explore Azure Data Explorer databases, providing access to data insights.

This server provides a moderate level of safety due to its reliance on Azure's authentication mechanisms and configurable tool access. However, the ability to execute arbitrary KQL queries introduces a risk of data exfiltration or unauthorized access if the underlying ADX cluster is not properly secured. It is safe when used with appropriate ADX cluster permissions and monitoring, but risky if the cluster is misconfigured or compromised.

Performance depends on the complexity of the KQL queries and the size of the data being processed. Consider optimizing queries and using appropriate indexing to improve performance. The server itself is likely lightweight, but the ADX cluster may require scaling for heavy workloads.

Cost is primarily determined by the resources consumed by the ADX cluster during query execution. Complex queries and large data volumes will result in higher costs. Consider optimizing queries and using appropriate data retention policies to minimize costs.

HybridPython52 starsMITReleased 8/23/2025CI/CD

Connections & Capabilities

Connects To

GitHubDockerKubernetesAzure

Capabilities

ReadExec

Client Compatibility

Claude Desktop

full

Cursor

untested

Windsurf

untested

VS Code (Copilot)

untested

Quickstart

Claude Desktop Config

{
  "mcpServers": {
    "adx": {
      "command": "uv",
      "args": [
        "--directory",
        "<full path to adx-mcp-server directory>",
        "run",
        "src/adx_mcp_server/main.py"
      ],
      "env": {
        "ADX_CLUSTER_URL": "https://yourcluster.region.kusto.windows.net",
        "ADX_DATABASE": "your_database"
      }
    }
  }
}

Environment Variables

AZURE_TENANT_IDAZURE_CLIENT_ID

Tools (5)

moderate

execute_query

Executes a Kusto Query Language (KQL) query against the Azure Data Explorer database.

While read-only, poorly constructed queries could impact performance or expose sensitive data.

safe

list_tables

Lists all tables available in the configured Azure Data Explorer database.

Provides read-only access to table names, posing minimal risk.

safe

get_table_schema

Retrieves the schema for a specified table in the Azure Data Explorer database.

Provides read-only access to table schema, posing minimal risk.

safe

sample_table_data

Fetches sample data from a specified table in the Azure Data Explorer database.

Provides read-only access to sample data, but large sample sizes could impact performance.

safe

get_table_details

Retrieves statistics and metadata for a specified table in the Azure Data Explorer database.

Provides read-only access to table metadata, posing minimal risk.

Security

Auth Method

Environment Variable

Data Locality

hybrid

Known Risks

!Exposure of ADX credentials in environment variables if not properly managed.
!Potential for KQL injection attacks if input sanitization is not implemented in the AI assistant.
!Unauthorized data access if the ADX cluster permissions are not correctly configured.
!Risk of data exfiltration through malicious KQL queries.
!Logging level not configurable, potentially missing important audit trails

Safety Score

65

moderate risk

This server provides a moderate level of safety due to its reliance on Azure's authentication mechanisms and configurable tool access. However, the ability to execute arbitrary KQL queries introduces a risk of data exfiltration or unauthorized access if the underlying ADX cluster is not properly secured. It is safe when used with appropriate ADX cluster permissions and monitoring, but risky if the cluster is misconfigured or compromised.

Positive

+Uses Azure's DefaultAzureCredential for authentication, leveraging existing Azure security protocols.
+Supports Workload Identity for secure authentication in AKS environments.
+Provides read-only access to data through query execution and schema discovery.
+Tool list is configurable, allowing administrators to restrict access to potentially dangerous tools.

Risks

-Executes arbitrary KQL queries, which could potentially be used for data exfiltration if not properly monitored.
-Relies on environment variables for configuration, which can be a security risk if not managed securely.
-Improperly configured permissions on the ADX cluster could lead to unauthorized data access or modification.
-If the ADX cluster itself is compromised, this server could be used as a pivot point for further attacks.

Use Cases

Data Analysis

-Analyzing website traffic patterns
-Identifying trends in sales data
-Monitoring application performance metrics

Security Monitoring

-Detecting suspicious activity in audit logs
-Investigating security incidents
-Identifying potential vulnerabilities

Infrastructure Monitoring

-Tracking resource utilization
-Identifying performance bottlenecks
-Monitoring system health

Log Analysis

-Troubleshooting application errors
-Identifying root causes of issues
-Analyzing user behavior

Who Is This For?

Best For

Data analysts who need to query and explore Azure Data Explorer databases.
Security engineers who need to monitor security logs and investigate incidents.
Infrastructure engineers who need to track resource utilization and monitor system health.
Developers who need to troubleshoot application errors and analyze user behavior.

Not Ideal For

Environments where strict data governance policies prohibit direct query access.
Use cases that require real-time data processing with low latency.
Scenarios where the AI assistant is untrusted or has limited security controls.

Autonomy & Execution

Default ModeRead and Write enabled

The server's autonomy depends on the AI assistant's configuration and the permissions granted to the ADX cluster. Ensure appropriate safeguards are in place to prevent unintended data access or modification.

StatelessYes

Retry LogicNot documented

ConcurrencySingle-threaded

Production Tip

Implement robust input validation and output sanitization to prevent KQL injection attacks and ensure data integrity.

FAQ

What authentication methods are supported?

The server supports Azure CLI, Managed Identity, and Workload Identity through DefaultAzureCredential. You can also specify Azure Tenant ID and Client ID for Workload Identity.

How do I configure the server to use Workload Identity in AKS?

Ensure the pod has AZURE_TENANT_ID and AZURE_CLIENT_ID environment variables set and that the token file is mounted at the default path or specify a custom path with ADX_TOKEN_FILE_PATH.

What transport modes are supported?

The server supports stdio (default), HTTP, and Server-Sent Events (SSE) transport modes. You can configure the transport mode using the ADX_MCP_SERVER_TRANSPORT environment variable.

How do I configure the server to use HTTP transport?

Set the ADX_MCP_SERVER_TRANSPORT environment variable to http and configure the ADX_MCP_BIND_HOST and ADX_MCP_BIND_PORT environment variables as needed.

How do I restrict the tools available to the AI assistant?

The list of tools is configurable. You can modify the server's code to remove or disable specific tools.

What are the required environment variables?

The required environment variables are ADX_CLUSTER_URL (Azure Data Explorer cluster URL) and ADX_DATABASE (database name to connect to).

How do I run the server in a Docker container?

Build the Docker image using `docker build -t adx-mcp-server .` and then run it using `docker run` or `docker-compose` with the necessary environment variables.

Key Features

Data & Databases Cloud & Infrastructure Development Search & Web Productivity AI & LLM Utilities

Overview

Connections & Capabilities

Connects To

Capabilities

Client Compatibility

Quickstart

Claude Desktop Config

Environment Variables

Tools (5)

Security

Safety Score

Positive

Risks

Use Cases

Data Analysis

Security Monitoring

Infrastructure Monitoring

Log Analysis

Who Is This For?

Best For

Not Ideal For

Autonomy & Execution

FAQ

What authentication methods are supported?

How do I configure the server to use Workload Identity in AKS?

What transport modes are supported?

How do I configure the server to use HTTP transport?

How do I restrict the tools available to the AI assistant?

What are the required environment variables?

How do I run the server in a Docker container?

Key Features

Metrics

Related Tools