Case Study: How Kaizen Gaming Cut Log Latency 10x | See Full Story >>

Contact Us
Free Tools
See Demo
Graylog logo blue

What is the Model Context Protocol (MCP)

What is the Model Context Protocol

The Iron Man’s J.A.R.V.I.S. is the artificial intelligence (AI) that almost every person wants to see. A conversational technology that answers questions like a friend would. The rise of large language models (LLMs) almost seems to give people the friendly robotic sidekick that generations of children grew up dreaming about.

The rapid rise of AI streamlines how people query and analyze data. However, the rapid expansion of these technologies brings integration issues. Backed by industry leaders like Anthropic, OpenAI, and Google, the Model Context Protocol (MCP) aims to replace the fragmented landscape of bespoke integrations with a standardized, predictable, and secure framework. Acting as a standardized protocol, MCP enables models to discover, interact with, and use external resources.

By understanding what MCP is and how it works, organizations can make informed decisions around integrating it and the products that use it.

 

What is Model Context Protocol (MCP)?

The Model Context Protocol (MCP) is an open-source specification that defines and provides a standard for how AI models communicate with external systems. As organizations increasingly integrate large language models into their internal processes, MCP enables them to connect multiple AI applications to internal:

  • Data sources: local files, spreadsheets, structured databases, content repositories, proprietary datasets.
  • Tools: search engines, calculators, or internal Application Programming Interfaces (APIs).
  • Workflows: approvals, notifications, and status updates.

Prior to MCP, every AI implementation required a custom API wrapper. With MCP providing a standardized protocol across all AI applications, organizations can connect any AI model to any tool, data source, or service that understands and uses it.

MCP establishes a predictable set of rules for:

  • Requests: Messages that AI applications send to internal data sources, tools, or workflows, specifying the action or information needed.
  • Responses: Messages returned to the AI application, providing the requested data, computation results, or status updates from workflows.
  • Metadata exchange: Contextual information about requests and responses for interoperability across multiple AI applications, like user identity, timestamps, or source system.

By eliminating the need for developers to write custom integration code for every new connection, MCP simplifies how organizations develop sophisticated AI applications and agents.

 

What Are the MCP Components and Architecture?

The MCP’s core architecture clearly creates a separation of concerns that allows for:

  • Modularity: Separating AI logic, data sources, tools, and workflows into independent components for easier updating, replacement, or extension of individual parts without disrupting the system.
  • Security: Enforcing access controls, authentication, and metadata validation at each interface to isolate components and mitigate risks from unauthorized access or data leaks.
  • Scalability: Independent component scalability to support multiple AI applications, high-volume requests, and growing data sets while maintaining system performance.

MCP Host

The MCP host is the environment where the AI model or agent operates to decide the tools to use and when to use them based on context around the user’s query and the connected capabilities.

When the model determines it needs to interact with external services or resources, the host initiates the MCP workflow. The host is responsible for:

  • Interpreting the model’s intent.
  • Formulating a request that conforms to the MCP specification.
  • Managing the lifecycle of the external tool interaction.

MCP Client

The MCP client establishes and manages the connection to an MCP server, translating the host’s requests into protocol-compliant messages then using the transport layer to send them to the server. The client handles the low-level details of communication like:

  • Establishing connections.
  • Sending requests for tool discovery.
  • Invoking specific tool functions.

It also receives responses from the server and passes them back to the host. Often organizations integrate the client as a library or Software Development Kit (SDK) within the host environment.

MCP Server

The MCP server is the gateway to the external tools and data sources, exposing the resources to the AI system via the MCP standard. The server listens for incoming MCP client connections then responds to the request according to the protocol. Some examples of how the MCP server works include:

  • Discovery requests: Returning a structured list of the tools it manages, including their names, functions, and input/output schemas.
  • Run request: Executing the specified function with the provided arguments and returning the result.

The MCP server abstracts the underlying tool’s complexity so any compatible tools can integrate into the AI ecosystem, including simple database queries or complex, multi-step workflows.

Transport Layer

The transport layer defines how MCP messages travel between the client and the server. MCP is transport-agnostic, meaning that it can operate over various communication channels. To enable this deployment flexibility, the specification defines the following primary transport mechanisms:

  • Standard I/O (stdio): Client and server communicate by writing to and reading from standard input and output streams, typically used when the MCP server is a local child process that the host manages.
  • Server-Sent Events (SSE): An HTTP-based protocol allows a server to push data to a client asynchronously, often used with web-based applications that requires updates or streaming results over a persistent connection.
  • JSON-RPC message types: As the core MCP messaging format, lightweight, stateless, and transport-agnostic remote procedure call (RPC) protocol, encoded in JSON-RPC 2.0, ensures that requests and responses are structured, versioned, and include robust error handling.

 

How Does MCP Work?

MCP operates on a client-server model designed for structured, asynchronous communication between an AI system and its external resources that standardizes:

  • Capability discovery: How the AI system identifies the available data sources, tools, or workflows and the operations they support.
  • Action invocation: How the AI system triggers an operation or task on a connected resource.
  • Results returned: How outputs from the invoked actions are sent back to the AI system, including the main data and associated metadata.

The AI model acts through a host to identify a need for external information or action, then it uses the MCP server to discover the relevant tool before instructing the MCP client to execute a function on the tool.

 

How to Evaluate a SIEM Vendor’s MCP Integration

According to a recent article, MCP and AI enables security operations centers (SOCs) to create a secure bridge between AI tools and operational systems to improve investigation times, increase reach, enrich data with context, and create well-defined automations.

As organizations look for solutions that implement AI models, they should include these considerations when evaluating options.

Vendor Approach

Nearly every vendor offers some generative AI capability because customers want streamlined processes and need capabilities to overcome the cybersecurity skills gap. However, before integrating a solution, organizations need to understand the vendor’s approach to incorporating AI. In security, organizations need purpose-built integrations based on real practitioner needs.

Some questions to ask vendors include:

  • How long does it take to get started using AI with your solution?
  • What kinds of capabilities do you have through safe tools?
  • What data are query results grounded in?
  • What milestones can we expect to hit during the first 90 days?

Deployment Options

Every company is different. Some organizations need to meet strict compliance requirements so they use an on-premises SIEM deployment. Other organizations want the speed and ease of a cloud deployment. Still others may have a hybrid deployment. A vendor’s AI implementation should meet a customer where they are, on land or in the cloud.

Some questions to ask vendors include:

  • Is there a local deployment model, and how will this impact data control, privacy, compliance, and operational overhead?
  • Is there a cloud deployment model, and how can we measure time-to-value and reduce exposure?

Day-One Workflows

Implementing any new technology comes with a learning curve. However, generative AI should make people’s lives easier, giving them natural language data access and search capabilities. If SOC teams need deep knowledge around how to implement the solution, then they lack the ability to achieve the intended return on investment.

Some questions to ask vendors include:

  • What types of administration use cases do you support from day one, like indexes nearing capacity or validating memory requirements?
  • What types of investigation use cases do you support from day one, like recent high-risk alerts or failed logins from risky entities?
  • What types of case management use cases do you support from day one, like summarizing detections and attaching them to open tickets?

Security and Guardrails

Security telemetry contains sensitive information that organizations need to protect. The potential for data leakage or malicious prompts exposing data is a fundamental concern around implementing AI in SOCs. As with any technology, organizations need to ensure that people are part of the oversight. When vendors integrate AI into their solutions, they should provide the appropriate security controls and guardrails.

Some questions to ask vendors include:

  • What access controls are available to maintain the principle of least privilege?
  • How does the solution handle sensitive operations?
  • What activities does that solution create an audit trail for?
  • What network ports need to be opened?
  • Can we disable remote access or turn off the integration?

 

Graylog: Practice, Secure, and Effective Conversational SIEM

With MCP inside Graylog, conversational access becomes secure, accountable, and ROI-driven. SOC teams gain the clarity they need, analysts cut wasted time, and executives see measurable impact.

To learn about how Graylog implements MCP, read “The Ultimate Guide to MCP: Conversational SIEM with Graylog.”

See MCP in action. Book a demo and experience how conversational SIEM becomes a daily advantage for your SOC.

Jeff Darrington

Jeff Darrington is Graylog's Director, Technical Marketing. He is a long-time Graylog OS user with extensive experience in IT Operations, IT product solutions deployment in Firewalls, Networking, VOIP, Physical security Controls, and many others.
View More Posts By Jeff Darrington

Categories

Get the Monthly Tech Blog Roundup

Subscribe to the latest in log management, security, and all things Graylog blog delivered to your inbox once a month.

Blog Graphic
Read Now