Getting Started with SOLVE-IT MCP Server¶
This guide will get you up and running with the SOLVE-IT MCP Server in less than 5 minutes.
What You'll Need¶
- Docker installed (recommended) OR Python 3.11/3.12
- Basic understanding of Model Context Protocol (MCP)
- 5 minutes of your time
Choose Your Path¶
Why Docker?¶
- Fastest setup: No Python dependencies to manage
- Cross-platform: Works on Linux, macOS, Windows
- Production-ready: Same image used in production deployments
- Multi-architecture: Native support for AMD64, ARM64, ARMv7
Quick Start¶
# Pull the latest image
docker pull 3soos3/solve-it-mcp:latest
# Run in HTTP mode
docker run -p 8000:8000 \
-e MCP_TRANSPORT=http \
-e HTTP_PORT=8000 \
3soos3/solve-it-mcp:latest
Verify It's Working¶
# Test health endpoint
curl http://localhost:8000/healthz
# List available tools
curl -X POST http://localhost:8000/mcp/v1/messages \
-H "Content-Type: application/json" \
-d '{"method":"tools/list"}'
Success! You should see a JSON response listing 20+ available tools.
Next Steps¶
Prerequisites¶
- Python 3.11 or 3.12
- pip package manager
- SOLVE-IT knowledge base (downloaded separately)
Installation Steps¶
1. Clone SOLVE-IT Knowledge Base¶
# Clone the knowledge base
git clone https://github.com/SOLVE-IT-DF/solve-it.git
cd solve-it
export SOLVE_IT_DATA_PATH=$(pwd)/data
2. Install MCP Server¶
# Clone this repository
git clone https://github.com/3soos3/solve-it-mcp.git
cd solve-it-mcp
# Install dependencies
pip install -r requirements.txt
3. Run the Server¶
# Run in stdio mode (for desktop MCP clients)
python3 src/server.py
# Or run in HTTP mode
python3 src/server.py --transport http --port 8000
Verify It's Working¶
If running in HTTP mode:
If running in stdio mode, the server is ready when you see:
Next Steps¶
For Claude Desktop / Cline / Other MCP Clients¶
The easiest way to use with desktop MCP clients is via Docker in stdio mode.
1. Install Docker¶
Make sure Docker is installed and running on your system.
2. Configure Your MCP Client¶
Add to your MCP client configuration (e.g., claude_desktop_config.json):
{
"mcpServers": {
"solveit": {
"command": "docker",
"args": [
"run",
"-i",
"--rm",
"-e", "MCP_TRANSPORT=stdio",
"3soos3/solve-it-mcp:latest"
]
}
}
}
3. Restart Your Client¶
Restart your MCP client to load the new configuration.
4. Verify Installation¶
In your MCP client, try asking:
"What SOLVE-IT tools are available?"
You should see a list of 20+ forensic investigation tools.
Alternative: Python-based¶
If you prefer not to use Docker:
{
"mcpServers": {
"solveit": {
"command": "python3",
"args": ["/path/to/solve-it-mcp/src/server.py"],
"cwd": "/path/to/solve-it-mcp",
"env": {
"SOLVE_IT_DATA_PATH": "/path/to/solve-it/data"
}
}
}
}
Next Steps¶
Your First Query¶
Once the server is running, try these example queries:
Example 1: Search for Techniques¶
curl -X POST http://localhost:8000/mcp/v1/messages \
-H "Content-Type: application/json" \
-d '{
"method": "tools/call",
"params": {
"name": "search",
"arguments": {
"keywords": "network analysis",
"item_types": ["techniques"]
}
}
}'
Example 2: Get Technique Details¶
curl -X POST http://localhost:8000/mcp/v1/messages \
-H "Content-Type: application/json" \
-d '{
"method": "tools/call",
"params": {
"name": "get_technique_details",
"arguments": {
"technique_id": "T1001"
}
}
}'
Example 3: Explore Relationships¶
curl -X POST http://localhost:8000/mcp/v1/messages \
-H "Content-Type: application/json" \
-d '{
"method": "tools/call",
"params": {
"name": "get_weaknesses_for_technique",
"arguments": {
"technique_id": "T1001"
}
}
}'
Understanding the Response¶
Successful responses will include:
- Content: The requested data (technique details, search results, etc.)
- Metadata: Information about the query and results
- Structure: JSON-formatted for easy parsing
Example response structure:
Common Configuration Options¶
Environment Variables¶
| Variable | Default | Description |
|---|---|---|
MCP_TRANSPORT | stdio | Transport mode: http or stdio |
HTTP_HOST | 0.0.0.0 | HTTP server bind address |
HTTP_PORT | 8000 | HTTP server port |
SOLVE_IT_DATA_PATH | /app/solve-it-main/data | Path to SOLVE-IT data |
LOG_LEVEL | INFO | Logging level (DEBUG, INFO, WARNING, ERROR) |
LOG_FORMAT | json | Log format: json or text |
Docker Compose Example¶
For persistent setups, use Docker Compose:
version: '3.8'
services:
solve-it-mcp:
image: 3soos3/solve-it-mcp:latest
ports:
- "8000:8000"
environment:
- MCP_TRANSPORT=http
- HTTP_PORT=8000
- LOG_LEVEL=INFO
healthcheck:
test: ["CMD", "curl", "-f", "http://localhost:8000/healthz"]
interval: 30s
timeout: 3s
retries: 3
restart: unless-stopped
Save as docker-compose.yml and run:
Next Steps¶
For Forensic Analysts¶
Learn how to use SOLVE-IT MCP in real investigations:
For Researchers¶
Understand how to use SOLVE-IT MCP in your research:
For Developers¶
Set up a development environment:
For Production Deployments¶
Deploy to Kubernetes or production environments:
Troubleshooting¶
Server Won't Start¶
Problem: Connection refused or server doesn't start
Solutions: - Verify Docker is running: docker ps - Check port availability: lsof -i :8000 - Review logs: docker logs <container-id>
SOLVE-IT Data Not Found¶
Problem: Failed to load SOLVE-IT knowledge base
Solutions: - Verify SOLVE_IT_DATA_PATH environment variable - Check that the path contains techniques.json, weaknesses.json, etc. - For Docker: the data is embedded in the image (no action needed)
Tools Not Appearing¶
Problem: MCP client doesn't show SOLVE-IT tools
Solutions: - Restart your MCP client - Check client configuration syntax - Verify server is running: curl http://localhost:8000/healthz - Check client logs for errors
For more help, see the Troubleshooting Guide.
Getting Help¶
- Documentation Issues: Check Troubleshooting
- Bug Reports: GitHub Issues
- Questions: GitHub Discussions
- Security Issues: See SECURITY.md