Snowflake MCP server
Query the Snowflake security data lake and run Cortex Agents from your AI agents.
About
Connect Tracecat to Snowflake to query the security data lake for detection engineers and SOC analysts working with long-retention logs. You can ask Cortex Analyst a natural-language question and run the resulting SQL against your security tables from a workflow. From there, execute Cortex Search queries, invoke Cortex Agents end-to-end, and bring the results back into a Tracecat case with every call attributed to the connected role in Snowflake's account usage logs.
Setup
- 1
Sign in with OAuth
You'll authorize Tracecat to access Snowflake on your behalf. No API keys to manage.
- 2
Select the
Snowflaketile in the Tracecat MCP catalogOpen the
MCP catalogin your workspace, select theSnowflaketile, and complete the OAuth flow. - 3
Enable
Snowflakein your agentIn your
ai.agentaction orAgents→toolstab, selectSnowflakefrom theMCP integrationsdropdown.
Tools
CORTEX_SEARCH_SERVICE_QUERY | Query a Cortex Search service for semantic search over indexed Snowflake data. |
CORTEX_ANALYST_MESSAGE | Send a natural-language message to Cortex Analyst and get back a SQL-grounded answer. |
SYSTEM_EXECUTE_SQL | Execute a SQL statement against Snowflake using the connected role. |
CORTEX_AGENT_RUN | Run a Snowflake Cortex Agent end-to-end with tool calling enabled. |
GENERIC | Invoke a Snowflake user-defined function or stored procedure registered as an MCP tool. |