Argus Case MCP Tools

These MCP tools let you retrieve Argus cases from the case API.

They support six common tasks:

• fetch case details by case ID

• fetch case comments by case ID

• search cases using a structured request

• list allowed case fields

• list allowed case services

• list allowed case categories

General Notes

• Use these tools when you want the LLM to retrieve case data from Argus APIs.

• If you ask the LLM to search for cases, it may first use the case search translator tools to construct the search request and then use the search tool to fetch results.

• Each search tool call returns only one page of results. It does not automatically fetch additional pages.

• When more results may exist, the response includes pagination metadata under page, such as nextOffset, stop, and reason, which the LLM can use if you ask it to continue.

• When category filtering is involved, the LLM can look up the allowed categories and use the returned shortName values behind the scenes.

• When service filtering is involved, the LLM can look up the allowed services and use the returned shortName values behind the scenes.

• When case-field filtering is involved, the LLM can look up the allowed case fields and use the returned field name values behind the scenes.

• Search results are usually summaries. If you need the full case details, the LLM can fetch them with getArgusCaseByID.

• Case comments are separate. If you need the discussion history for a case, the LLM can fetch it with getArgusCaseComments.

Tool: getArgusCaseByID

Purpose

Retrieve Argus case details for one specific case ID.

Arguments

Field	Description	Type	Default	Required
caseID	The case ID to look up.	number	None	Yes

Tool: getArgusCaseComments

Purpose

Retrieve all comments associated with one specific case ID.

Arguments

Field	Description	Type	Default	Required
caseID	The case ID whose comments should be returned.	number	None	Yes

Tool: executeSearchArgusCase

Purpose

Retrieve Argus case search results for the search criteria the LLM has prepared.

Arguments

Field	Description	Type	Default	Required
request	The full case search definition the LLM builds from your request.	object	None	Yes

request fields

Field	Description	Type	Default	Required
asset	Match cases associated with any of the specified assets, using asset ID or short name.	array<string>	None	No
customer	Match cases belonging to any of the specified customers, using customer ID or short name.	array<string>	None	No
caseID	Match specific case IDs.	array<number>	None	No
type	Match case types. Allowed values: securityIncident, operationalIncident, information, change.	array<string>	None	No
serviceFilter	Match case service criteria.	object	None	No
category	Match case categories. When this filter is used, the LLM can resolve the allowed category shortName values behind the scenes.	array<string>	None	No
currentPriority	Match current priority values. Allowed values: low, medium, high, critical.	array<string>	None	No
initialPriority	Match initial priority values. Allowed values: low, medium, high, critical.	array<string>	None	No
currentStatus	Match current case status values.	array<string>	None	No
initialStatus	Match initial case status values.	array<string>	None	No
timeFilter	Time-based narrowing for case search.	object	{ "timeField": ["all"], "startTime": "startOfDay", "endTime": "now", "timeMatchStrategy": "any" }	No
tag	Tag-based case filter criteria.	array<object>	None	No
workflow	Workflow-based case filter criteria.	array<object>	None	No
caseField	Case field metadata filter criteria. When this filter is used, the LLM can resolve allowed field names behind the scenes.	array<object>	None	No
keywordFilter	Keyword-based search across case text fields.	object	None	No
userFilter	User or user-group based case filtering.	object	None	No
userAssigned	Filter specifically on whether a user is assigned.	boolean	None	No
techAssigned	Filter specifically on whether technical personnel is assigned.	boolean	None	No
caseAccessMode	Match case access modes. Allowed values: roleBased, readRestricted, writeRestricted, explicit.	array<string>	None	No
caseExplicitAccessFilter	Match explicit-access grant criteria. When multiple criteria are provided, all must match.	array<object>	None	No
includeCaseFlag	Case flags that must all be present.	array<string>	None	No
excludeCaseFlag	Case flags that must not be present.	array<string>	None	No
page	Pagination settings.	object	{ "limit": 25, "offset": 0 }	No
sortBy	Sort order list. Use list order as priority. Prefix with - for descending.	array<string>	None	No

request.serviceFilter fields

Field	Description	Type	Default	Required
caseService	Match cases with any of these case service IDs or short names. When this filter is used, the LLM can resolve allowed service shortName values behind the scenes.	array<string>	None	No
includeCaseServiceFlag	Service flags that must all be present.	array<string>	None	No
excludeCaseServiceFlag	Service flags that must not be present.	array<string>	None	No

request.timeFilter fields

Field	Description	Type	Default	Required
timeField	Which case time field(s) the range applies to. Allowed values: createdTimestamp, lastUpdatedTimestamp, closedTimestamp, publishedTimestamp, customerDueTimestamp, techDueTimestamp, all.	array<string>	["all"]	No
startTime	Start of the time range. Accepts epoch millis as string, ISO-8601 UTC, or relative expressions such as startOfDay - 1 day.	string	startOfDay	No
endTime	End of the time range. Accepts epoch millis as string, ISO-8601 UTC, or relative expressions such as now.	string	now	No
timeMatchStrategy	How to evaluate multiple timeField values. Allowed values: any, all.	string	any	No

request.tag[] fields

Field	Description	Type	Default	Required
tagKey	The exact tag key or name to search for.	string	None	Yes
value	Tag values to match. Optional when checking only whether the tag exists.	array<string>	None	No
searchCondition	How to apply this tag criterion. Allowed values: MATCH, NEGATE, EXCLUDE_TAG.	string	None	Yes

request.workflow[] fields

Field	Description	Type	Default	Required
flow	Workflow token to match.	string	None	Yes
acknowledgeStatus	Workflow acknowledgement filter. Allowed values: acknowledged, unacknowledged, all.	string	all	No
exclude	Negate this criterion.	boolean	false	No

request.caseField[] fields

Field	Description	Type	Default	Required
fieldName	The case field name to search for. When this filter is used, the LLM can resolve allowed field names behind the scenes.	string	None	Yes
value	Field values to match. Optional when checking only whether the field exists.	array<string>	None	No
searchCondition	How to apply this field criterion. Allowed values: MATCH, NEGATE, EXCLUDE_FIELD.	string	None	Yes

request.keywordFilter fields

Field	Description	Type	Default	Required
keywords	Search terms to match.	array<string>	None	No
keywordField	Which case text fields to search. Allowed values: subject, description, comments, customerReference, id, all.	array<string>	None	No
keywordMatch	How to evaluate multiple keywords. Allowed values: any, all.	string	None	No

request.userFilter fields

Field	Description	Type	Default	Required
user	User IDs, user names, or user-group names to match.	array<string>	None	No
userField	Which user-related case fields to search. Allowed values: reporter, assignedUser, assignedTech, createdByUser, lastUpdatedByUser, closedByUser, publishedByUser, commentedByUser, watchedByUser, all.	array<string>	["all"]	No

request.caseExplicitAccessFilter[] fields

Field	Description	Type	Default	Required
startTime	Match cases with explicit access granted after this time. Uses the same time formats as other time filters.	string	None	No
endTime	Match cases with explicit access granted before this time. Uses the same time formats as other time filters.	string	None	No
accessLevel	Match explicit access levels. Allowed values: read, write, owner.	array<string>	None	No
user	User IDs, user names, or user-group names whose explicit access grants should match.	array<string>	None	No
includeAncestor	Whether to include the specified users and their ancestors when matching access grants.	boolean	false	No

request.page fields

Field	Description	Type	Default	Required
limit	Maximum number of items per page. Accepted range: 1 to 100.	number	25	No
offset	Number of items to skip before returning results. Must be 0 or greater.	number	0	No

Usage notes

• If your request is a search rather than a direct case lookup, the LLM may first use the case search translator tools to shape the query.

• Case search pagination supports 1 to 100 items per page.

• If you want more than one page of results, ask the LLM to continue fetching more pages. The tool itself returns one page at a time.

• For descending sorting, the LLM can use a - prefix such as -createdTimestamp.

• currentStatus and initialStatus support: pendingCustomer, pendingSoc, pendingVendor, workingSoc, workingCustomer, pendingClose, closed.

• Tag and case-field filters support both value matching and existence checks.

Tool: listArgusCaseFields

Purpose

Return the allowed case fields the LLM can use when case-field filtering is involved.

Arguments

This tool takes no arguments.

Result notes

• When case-field filtering is involved, the LLM can use the returned field name values behind the scenes.

Tool: listArgusCaseServices

Purpose

Return the allowed case services the LLM can use when service filtering is involved.

Arguments

This tool takes no arguments.

Result notes

• When service filtering is involved, the LLM can use the returned shortName values behind the scenes.

Tool: listArgusCaseCategories

Purpose

Return the allowed case categories the LLM can use when category filtering is involved.

Arguments

This tool takes no arguments.

Result notes

• When category filtering is involved, the LLM can use the returned shortName values behind the scenes.