librenms-mcp

WIP

MCP server for LibreNMS network monitoring.

GitHub repo → npm: @solomonneas/librenms-mcp →

WIP · This is a work-in-progress release. v1 ships read tools (tier 1) and confirm-gated safe writes (tier 2) only. Destructive operations (tier 3) such as device deletion, alert-rule removal, and bulk port resets are intentionally deferred until the write-gate pattern has more field time.

WHAT IT DOES

librenms-mcp is a Model Context Protocol server for LibreNMS, the open-source network monitoring system. It authenticates with a LibreNMS API token and lets an AI client read your monitoring surface: devices, ports, port health, current alerts, alert history, and the event log.

Writes are gated in three tiers. Reads are open. Safe writes (acknowledge an alert, unmute it, enter device maintenance) require an explicit confirm: true argument, so a hallucinated tool call throws WriteGateError before any HTTP traffic leaves the host. Destructive operations are not implemented yet.

Every tool call is validated against its published TypeBox input schema before it runs; ids, limits, and enum filters are bounds-checked and interpolated values are URL-encoded. The API token is registered with a redactor on startup and masked from all log and error output.

INSTALL

Published to npm as @solomonneas/librenms-mcp. Install the global binary, or run it on demand with npx.

$ npm install -g @solomonneas/librenms-mcp
$ npx -y @solomonneas/librenms-mcp # run on demand

CAPABILITIES / TOOLS EXPOSED

Reads (10) · open

librenms_status
LibreNMS instance status check.
librenms_list_devices
List monitored devices.
librenms_get_device
Fetch a single device by id.
librenms_list_ports
List ports across devices.
librenms_get_port
Fetch a single port detail.
librenms_port_health
Port health and utilization view.
librenms_list_alerts
List current alerts.
librenms_get_alert
Fetch a single alert by id.
librenms_alert_history
Historical alert records.
librenms_event_log
Read the device event log.

Safe writes (3) · require confirm: true

librenms_ack_alert
Acknowledge an alert.
librenms_unmute_alert
Unmute a previously muted alert.
librenms_set_maintenance
Put a device into maintenance.

CLIENT CONFIG

Stdio transport via npx. Both LIBRENMS_URL and LIBRENMS_TOKEN are required. Example mcpServers entry (Claude Desktop / Claude Code): 

{
  "mcpServers": {
    "librenms": {
      "command": "npx",
      "args": ["-y", "@solomonneas/librenms-mcp"],
      "env": {
        "LIBRENMS_URL": "https://librenms.example.local",
        "LIBRENMS_TOKEN": "<your-api-token>",
        "LIBRENMS_TLS_INSECURE": "false"
      }
    }
  }
}

Start with a read-only LibreNMS API token role and confirm the read tools work end-to-end before grading up. Set LIBRENMS_TLS_INSECURE=true only for homelab self-signed certs.