Note
Access to this page requires authorization. You can try signing in or changing directories.
Access to this page requires authorization. You can try changing directories.
Learn how to use a remote Model Context Protocol (MCP) for eventhouse to execute KQL queries. The eventhouse remote MCP server allows AI agents to query, reason, and act on real-time data in the RTI eventhouse. This is a hosted MCP where you configure a URL to point to the Eventhouse. There's no need to install or deploy anything.
The Eventhouse remote MCP enables AI agents to query Eventhouse using natural language. Through the Model Context Protocol (MCP), AI assistants can:
- Discover KQL database schemas and metadata dynamically.
- Generate KQL queries to query and analyze the data in KQL databases.
- Use natural language queries that get translated to KQL queries.
- Return insights over real-time and historical data.
- Sample data.
This capability lets Copilot and custom AI agents securely interact with your eventhouse. Cloud agent platforms can consume these agents.
Get started
To get started with the remote Eventhouse MCP integration, follow these steps:
Connect to the Eventhouse MCP Server from Visual Studio Code or GitHub Copilot CLI.
Prerequisites
GitHub Copilot in VS Code.
Enable Copilot in Fabric to enable the MCP server to fetch the database schema. Otherwise it can only execute KQL queries.
An Eventhouse with KQL database tables.
- Read or query permissions to the KQL database.
- The MCP Server URI for configuration. See Find the MCP server URI.
Connect to the Eventhouse MCP Server
The Eventhouse MCP server acts as an HTTP-based MCP endpoint. Add the remote MCP server definition to the MCP client's configuration file. Currently, only manual configuration is supported.
Open the MCP client configuration file.
In VS Code, the configuration file is typically located at
.vscode/mcp.json, or in your user profile. For more information, see VS Code MCP configuration reference.Add the Eventhouse MCP server URL to the MCP client configuration file. Find the MCP server URI and refer to the Example MCP client configuration.
Tip
To add the MCP server using GitHub Copilot CLI instead of VS Code, see Adding MCP servers for GitHub Copilot CLI. Use the /mcp add command with the HTTP server type and provide the Eventhouse URL.
Find the MCP server URI
Sign in to the Fabric portal.
Navigate to the workspace containing your Eventhouse.
Select the KQL database.
From the Database details > Overview section, select Copy URI next to the MCP Server URI.
Example MCP client configuration
{
"servers": {
"eventhouse-remote": {
"type": "http",
"url": "https://api.fabric.microsoft.com/v1/mcp/dataPlane/workspaces/11112222-bbbb-3333-cccc-4444dddd5555/items/b1b1b1b1-cccc-dddd-eeee-f2f2f2f2f2f2/kqlEndpoint"
}
}
}
Test the connection
Once configured, verify that the setup is working.
Start the Eventhouse MCP server
Start the Eventhouse MCP server in Visual Studio Code.
Authenticate to the MCP server using a credential that has access to the Eventhouse.
Ensure the Eventhouse MCP server status shows as Running.
Use GitHub Copilot to run queries
Open GitHub Copilot Chat window in VS Code.
Enable agent mode.
Ask a question, for example:
- What tables are in #eventhouse-remote? (use the remote name you provided in the mcp.json file).
- Analyze the data in the StormEvents table and show the most damaging storm events
Review the response returned by Copilot.
Available tools
The Eventhouse MCP server exposes a set of tools that AI agents can use to interact with the Eventhouse and its KQL databases. These tools allow agents to discover KQL database schemas, generate KQL queries from natural language, execute queries, and sample data.
Troubleshoot
If you encounter issues:
- Verify that the MCP server is connected in Visual Studio Code or GitHub Copilot CLI.
- Ensure your MCP host supports remote HTTP MCP servers.
- Confirm you have sufficient permissions on the Eventhouse database. See Prerequisites.
- Reauthenticate if prompted.
Example: Analyze your data
Example prompt:
'I have data about user executed commands in the ProcessEvents table. Sample a few rows and classify the executed commands with a threat tolerance of low/med/high, and provide a tabular view of the overall summary.`
Response:
