mcp-sentinel analytics and gateway plane.

Transparent sidecar that extracts identity, evaluates tool-level policy, emits allow or deny audit events, and forwards traffic upstream to the MCP server.

Receives POST /events, validates API keys or optional JWTs, and writes events to Kafka.

Consumes Kafka, batches events, and writes them into ClickHouse with indexed audit fields for filtering.

Exposes /api/events, /api/stats, /api/sources, /api/event-types, and filtered event queries.

Shows total events, latest source, last event, limit controls, auto refresh, and the event stream table against the API.

Kubernetes gateway deployment that fronts the sentinel API, ingest, and UI surfaces.

The repo also includes a small example MCP server so sidecar, ingest, and smoke-test flows can be exercised end to end.

The sidecar reads identity headers, loads policy data, checks trust, and decides allow or deny at tool-call time.

The event is sent to /events on the ingest service and written into the Kafka topic mcp.events.

The processor reads Kafka, batches messages, and writes them to the ClickHouse-backed event table.

The API returns recent events, stats, sources, event types, and filtered audit views over the stored event stream.

The UI shows the stream directly, while Grafana, Prometheus, Tempo, Loki, and Promtail cover the broader observability path.

Stores the event stream with materialized fields for server, namespace, cluster, human, agent, session, decision, and tool name.

Back the ingestion pipeline so events can be buffered before the processor writes them to ClickHouse.

The manifests include scrape configuration and a Grafana deployment so service metrics are part of the out-of-box story.

Trace and log plumbing are part of the same install path so the stack goes beyond one audit table.

00-namespace, 01-config, 02-secrets, 03-clickhouse, 04-clickhouse-init, 05-kafka, 06-ingest, 07-processor, 08-api, 09-ui, and 10-gateway.

11-prometheus, 12-grafana, 15-otel-collector, 16-tempo, 17-loki, 18-promtail, and 19-grafana-datasources.

13-mcp-example, 14-mcp-proxy-sidecar, and the example README show how an in-cluster MCP server emits analytics events through sentinel.

mcp-runtime setup builds the sentinel images and deploys this stack by default. Use --without-sentinel to skip it.

Docs, manifests, images, namespace defaults, and runtime integration now use mcp-sentinel rather than the older analytics-only naming.

The runtime and sample MCP wiring still accept older MCP_ANALYTICS_* environment names so existing ingest configuration does not break during the rename.