NetClaw Gets Long-Term Memory: Community Contribution Brings MemPalace Integration

One of the most exciting aspects of open source is when the community steps up and adds capabilities you didn’t even know you needed. Today we’re thrilled to announce that NetClaw now has long-term memory — thanks to a fantastic contribution from community member Satyam Thakur.

The Memory Problem

AI agents are brilliant in the moment, but they forget everything between sessions. Ask NetClaw to troubleshoot a network issue today, and tomorrow it has no memory of what you discussed, what you tried, or what worked.

OpenClaw already had short-term memory through daily log files (memory/YYYY-MM-DD.md), but these are ephemeral — yesterday’s context fades as today’s work takes over.

Enter MemPalace: A Two-Layer Memory Architecture

The new integration creates a two-layer memory system:

Layer	Purpose	Technology
Short-Term	Daily session logs	OpenClaw’s existing `memory/YYYY-MM-DD.md` files
Long-Term	Persistent knowledge across sessions	MemPalace MCP with temporal knowledge graphs

What is a Memory Palace?

MemPalace uses a spatial metaphor inspired by ancient rhetoric techniques. Instead of a flat search index, memories are organized into a navigable structure:

Wings — People or projects (e.g., "datacenter-migration", "customer-acme")
Rooms — Specific topics within a wing
Halls — Memory types (facts, events, relationships)
Closets — Summaries for quick retrieval
Drawers — Original verbatim content

This architecture means NetClaw can now remember that "the BGP peer with AS65000 was flapping last month due to MTU issues" and recall that context when similar symptoms appear again.

19 Tools for Memory Management

The MemPalace MCP server provides 19 tools across five categories:

Palace Operations

Check memory status
List wings and rooms
Semantic search with filtering
Duplicate detection

Temporal Knowledge Graphs

Store facts with validity windows ("this was true from January to March")
Query what was true at a specific point in time
Track entity relationships over time
Generate timelines

Navigation

Traverse the knowledge graph across wings
Discover tunnels between related topics
Analyze connectivity patterns

Content Management

Add and organize memories
Delete outdated information

Agent Diaries

Per-agent continuous diaries using AAAK compression
Enables specialized expertise development over time

Why This Matters for Network Operations

Imagine these scenarios:

Recurring Issues: "This interface keeps flapping. Have we seen this before?"
NetClaw can now search its long-term memory and find that yes, this same interface had issues 6 months ago, and the root cause was a bad SFP.

Tribal Knowledge: "What’s the story with VLAN 100?"
NetClaw remembers that VLAN 100 was originally created for guest WiFi, was repurposed for IoT devices in Q2, and has special QoS policies because of that legacy camera system nobody wants to touch.

Change Context: "Why did we set the OSPF cost to 1000 on this link?"
NetClaw recalls the change request from 8 months ago where the link was deprioritized during a circuit migration that never got cleaned up.

Semantic Search Without API Calls

MemPalace uses ChromaDB for semantic search — meaning NetClaw can find relevant memories even when the exact keywords don’t match. Searching for "BGP problems" will find memories about "peering session failures" or "route convergence issues."

And it’s all local. No API calls to external services. Your network’s institutional memory stays on your infrastructure.

Community-Driven Innovation

This integration exists because Satyam Thakur saw an opportunity and contributed PR #55. The changes include:

MCP server registration in config/openclaw.json
Installation automation in scripts/install.sh
A comprehensive skill definition at workspace/skills/mempalace/SKILL.md
Documentation updates across README, TOOLS, SOUL, and AGENTS files

This is what open source is all about — the community identifying gaps and filling them with elegant solutions.

Getting Started

After updating NetClaw, the MemPalace MCP server is available immediately. NetClaw will automatically learn the memory protocol and AAAK dialect from status responses — no manual configuration needed.

Start building institutional memory by simply working with NetClaw. Over time, your AI network assistant will develop deep contextual knowledge about your specific environment, your historical decisions, and your operational patterns.

Thank you to Satyam Thakur for this contribution. NetClaw continues to grow through community involvement — now with long-term memory capabilities that transform ephemeral AI assistance into persistent institutional knowledge.

April 10, 2026

NetClaw Now Has Direct Access to Cisco’s Official Meraki and Catalyst Center API Documentation

Network automation with AI is powerful, but only when the AI has access to accurate, authoritative information. Today we’re excited to announce that NetClaw now integrates with Cisco’s official DevNet Content Search MCP server — giving our AI agent direct access to the source of truth for Meraki and Catalyst Center APIs.

The Problem with Guessing API Endpoints

When you ask an AI to help with Meraki or Catalyst Center automation, it typically relies on training data that may be outdated, incomplete, or simply wrong. API endpoints change. New features get added. Parameters get deprecated. The result? Code that doesn’t work, frustrating debugging sessions, and wasted time.

The Solution: Cisco-Approved MCP Integration

NetClaw now connects directly to Cisco DevNet’s official MCP server at https://devnet.cisco.com/v1/foundation-search-mcp/mcp. This means:

Always accurate — API documentation comes straight from Cisco, not from cached training data
Always current — As Cisco updates their APIs, NetClaw sees the changes immediately
Always complete — Full OpenAPI specifications including parameters, response schemas, and examples

What This Enables

Meraki API Search

Ask NetClaw about any Meraki capability and it will search Cisco’s official documentation:

"How do I configure L3 firewall rules?"
"What’s the API for VLAN management?"
"Show me the wireless SSID endpoints"
"How do I set up OAuth for Meraki?"

NetClaw returns the exact API endpoints, HTTP methods, required parameters, and example payloads — all from Cisco’s official documentation.

Catalyst Center API Search

The same applies to Catalyst Center (DNA Center):

"Find device inventory APIs"
"How do I automate policy deployment?"
"Show me assurance and health monitoring endpoints"
"What APIs handle site provisioning?"

Operation ID Lookup

For developers who know exactly what they need, NetClaw can lookup specific Meraki operations by ID and return the complete OpenAPI specification:

Lookup: updateNetworkApplianceFirewallL3FirewallRules

Returns: Full spec including path, method, all parameters, 
request body schema, response codes, and examples

Two New Skills

This integration adds two new skills to NetClaw’s arsenal:

Skill	Purpose
`devnet-meraki-search`	Search Meraki Dashboard API documentation
`devnet-catalyst-search`	Search Catalyst Center API documentation

No Authentication Required

The DevNet Content Search MCP is a public service — no API keys, no tokens, no setup. It just works.

Why This Matters

This isn’t just another integration. This is NetClaw getting authoritative access to Cisco’s own documentation. When you ask NetClaw about Meraki or Catalyst Center APIs, you’re not getting guesses based on training data — you’re getting answers sourced directly from Cisco DevNet.

The result: more reliable automation, fewer errors, and faster development cycles.

Get Started

NetClaw 71 MCP integrations now include DevNet Content Search. Just ask:

"Search Meraki API for firewall rules"

"Find Catalyst Center device inventory endpoints"

"Lookup the Meraki operation createNetworkMerakiAuthUser"

NetClaw will search Cisco’s official documentation and return exactly what you need.

NetClaw continues to grow — now with 162 skills backed by 71 MCP integrations, bringing authoritative network automation to your fingertips.

April 5, 2026

BREAKTHROUGH: NetClaw Brings Your Network to Life in Stunning 3D with Blender Integration!

The Future of Network Visualization Has Arrived

Hold onto your console cables, network engineers — NetClaw just shattered the boundaries of what’s possible with network visualization!

We’re thrilled to announce the most visually stunning integration in NetClaw’s history: full Blender 3D visualization support. That’s right — the same Blender used by Hollywood studios, game developers, and 3D artists worldwide is now your network visualization engine.

One Command. Infinite Possibilities.

Imagine saying this to your AI network coworker:

"Draw the network topology in Blender using CDP data"

And then watching — in real-time — as your network materializes in full 3D right before your eyes. Routers rising as blue cubes. Switches glowing green. Firewalls blazing red. All connected by sleek cylindrical links showing your actual network topology.

This isn’t science fiction. This is NetClaw + Blender. And it’s available NOW.

156 Skills. One Stunning Visualization Platform.

Here’s what makes this truly revolutionary: NetClaw doesn’t just visualize static data. It pulls live network intelligence from across your entire infrastructure:

pyATS grabs interface states, CDP/LLDP neighbors, routing tables
Grafana & Prometheus feed real-time metrics
SuzieQ provides network-wide observability data
Cisco Meraki, Catalyst Center, ACI — all feeding the visualization
AWS, Azure, GCP cloud infrastructure — rendered in 3D
PagerDuty incidents — see which devices are on fire (literally, in red!)

156 skills worth of network data — now rendered in breathtaking 3D.

What Can You Actually DO?

Draw Your Entire Network Topology

"Visualize the CDP neighbors for all core routers in 3D"

Watch as NetClaw queries your devices, extracts neighbor relationships, and builds a complete 3D model of your network. Devices are automatically color-coded:

Device Type	Color	Because…
Routers	Blue	Cool, calm, directing traffic
Switches	Green	The workhorses, always on
Firewalls	Red	Security = high alert
Access Points	Yellow	Wireless, bright, everywhere

Export for Documentation & Presentations

"Export the Blender scene as network-topology.png"

Need to show the board what your network looks like? Export stunning 3D renders. Create rotating videos. Build presentations that make your infrastructure team look like absolute wizards.

Customize Everything

"Color the core routers dark blue and highlight router-1"
"Add hostname labels to all devices"
"Make the firewalls larger and more prominent"

Full creative control. Your network, your way.

The Technical Magic Behind the Scenes

NetClaw leverages the community blender-mcp server to bridge the gap between AI-powered network intelligence and professional 3D visualization:

NetClaw (WSL) → blender-mcp (MCP Server) → Blender (Windows)
     ↓                    ↓                      ↓
  AI Brain          Translation Layer      3D Rendering Engine

Zero code required — just natural language
Real-time updates — change something, see it instantly
Cross-platform — WSL intelligence, Windows visualization
Professional quality — Blender’s industry-leading renderer

Why This Changes Everything

For Network Engineers

Stop staring at CLI output. Stop squinting at 2D diagrams. See your network in three dimensions. Understand spatial relationships. Spot issues visually.

For Network Architects

Design reviews just got a massive upgrade. Walk stakeholders through your topology in 3D. Export renders for documentation. Create videos for training.

For Incident Response

When things go wrong, visualize the blast radius. See which devices are affected. Understand the topology context instantly.

For Executive Communication

Try explaining BGP peering to a CFO with CLI output. Now try showing them a 3D visualization where they can see the connections. Night and day.

Getting Started in 5 Minutes

Install Blender on Windows: winget install BlenderFoundation.Blender
Install the BlenderMCP addon from GitHub
Connect the addon (Press N → BlenderMCP tab → Connect)
Ask NetClaw: "Create a blue cube in Blender"
Mind = Blown 🤯

That’s it. You’re now running the most advanced network visualization system on the planet.

The Numbers Don’t Lie

156 skills feeding data into visualizations
69 MCP integrations providing network intelligence
5 Blender tools for complete 3D control
25 devices rendered per topology (optimized for clarity)
30 seconds from request to rendered topology
Infinite possibilities for network visualization

What’s Next?

This is just the beginning. We’re already dreaming about:

Traffic animation — watch packets flow between devices
Health overlays — devices glow based on CPU/memory
Timeline scrubbing — see your network evolve over time
VR integration — literally walk through your data center
Digital twin sync — real-time 3D mirror of production

Join the Revolution

NetClaw with Blender integration represents a fundamental shift in how we interact with network infrastructure. We’re not just monitoring networks anymore. We’re not just configuring them. We’re experiencing them.

Your network has never looked this good.

Ready to see your network in 3D?

Update to the latest NetClaw, install Blender, and prepare to have your mind blown. The future of network visualization is here, and it’s absolutely gorgeous.

@NetClaw draw my network topology in Blender

Welcome to the future. 🚀

NetClaw is the AI-powered CCIE-level network engineer with 156 skills across 69 MCP integrations. From CLI commands to 3D visualization, from incident response to infrastructure automation — NetClaw transforms how network teams operate.

Today’s milestone: NetClaw + Blender = Network visualization will never be the same.

April 5, 2026

NetClaw Adds Blender 3D Network Topology Visualization

Visualize Your Network in 3D with Blender

NetClaw now integrates with Blender via the community blender-mcp server, enabling 3D network topology visualization. Network engineers can now say "draw the network topology using CDP data" and watch their network come to life in stunning 3D.

What’s New

This integration brings NetClaw’s total to 156 skills backed by 69 MCP servers, adding a powerful visualization capability that transforms how you understand and document your network infrastructure.

Natural Language to 3D Visualization

Simply ask NetClaw to draw your network:

"Draw the network topology in Blender using CDP data"
"Visualize the CDP neighbors for core-rtr-01 in 3D"
"Create a 3D network diagram from the LLDP data"

NetClaw automatically:

Queries CDP/LLDP neighbor data from your devices
Identifies device types from hostnames
Calculates optimal 3D layout positions
Creates cubes for each device with appropriate colors
Connects devices with visual links

Device Type Color Coding

Devices are automatically colored by type:

Device Type	Color	Visual
Router	Blue	Easy to identify core infrastructure
Switch	Green	Clear distinction from routers
Firewall	Red	Security devices stand out
Access Point	Yellow	Wireless infrastructure highlighted
Unknown	Gray	Catch-all for unidentified devices

Export and Customize

Beyond basic visualization, you can:

Export your diagrams:

"Export the Blender scene as topology.png"
"Save the network diagram as a PNG file"

Customize appearance:

"Color router-1 red"
"Add labels to all devices"
"Highlight the core switches"

Technical Architecture

The integration uses a clever cross-platform architecture:

NetClaw (WSL) → blender-mcp (MCP Server) → Blender (Windows)
                     ↓
              Socket:9876

NetClaw runs in WSL2, processing natural language requests
blender-mcp translates commands to Blender Python API calls
Blender runs on Windows with the BlenderMCP addon

This architecture supports the WSL-to-Windows connectivity pattern common in enterprise development environments.

Getting Started

Prerequisites

Blender installed on Windows (winget install BlenderFoundation.Blender)
BlenderMCP addon from GitHub
NetClaw with the latest configuration

Quick Setup

Install the BlenderMCP addon in Blender (Edit → Preferences → Add-ons → Install)
Press ‘N’ in Blender to show the sidebar, find "BlenderMCP" tab
Click "Connect to Claude" — should show "Server running on port 9876"
Get your Windows IP from WSL: cat /etc/resolv.conf | grep nameserver
Set BLENDER_HOST in your .env file

Test It

"Create a blue cube in Blender"

If a blue cube appears in Blender, you’re ready to visualize your network!

Design Decisions

Several thoughtful design decisions make this integration practical:

25-device limit: Keeps visualizations readable and Blender responsive
Force-directed layout: Automatically positions devices for clarity
Hostname-based type inference: No manual device classification needed
Graceful error handling: Clear messages when Blender isn’t connected

What’s Next

This is just the beginning of 3D network visualization in NetClaw. Future possibilities include:

Traffic animation: Show packet flows between devices
Health overlays: Color devices by CPU/memory utilization
Timeline scrubbing: Visualize network changes over time
VR integration: Walk through your network in virtual reality

Conclusion

The Blender integration exemplifies NetClaw’s philosophy: powerful capabilities accessible through natural language. Whether you’re documenting your network, presenting to stakeholders, or troubleshooting connectivity issues, 3D visualization provides a new perspective on your infrastructure.

Try it today: "Draw the network topology in Blender"

NetClaw is the AI-powered network engineer that speaks fluent CLI. With 156 skills across 69 MCP integrations, it transforms how network teams operate, automate, and innovate.

April 5, 2026

NetClaw Adds Zscaler and Cloudflare: Zero Trust Security Through Natural Language

Zero trust, conversational access. NetClaw now integrates with Zscaler and Cloudflare, bringing 10 new skills for managing zero trust security, DNS, edge networking, and web security. Query policies, inspect tunnels, analyze traffic, and investigate threats—all through natural language.

The Security Perimeter is Everywhere

Modern networks don’t have walls. Users work from anywhere, applications live in multiple clouds, and the "perimeter" is wherever a connection happens. Zscaler and Cloudflare are leaders in this zero trust world:

Zscaler: Secure access to applications and internet, wherever users are
Cloudflare: Edge security, DNS, and performance at global scale

Now NetClaw speaks both.

Zscaler Integration: 5 Skills

zscaler-zia

Zscaler Internet Access—secure web gateway:

List URL filtering policies in ZIA

Show web security rules for the engineering group

What categories are blocked for guest users?

Get details on the DLP policy for sensitive data

Tools included: list_url_policies, get_url_policy, list_firewall_rules, get_firewall_rule, list_dlp_policies, get_dlp_policy, list_url_categories, get_url_category

zscaler-zpa

Zscaler Private Access—zero trust application access:

List all application segments in ZPA

Show access policies for the internal-apps segment

What connectors are online for the datacenter group?

Get details on the SAP application segment

Tools included: list_application_segments, get_application_segment, list_access_policies, get_access_policy, list_connectors, get_connector, list_connector_groups

zscaler-zdx

Zscaler Digital Experience—endpoint and application performance:

Show ZDX scores for all devices

What's the application performance for Office 365?

List devices with poor network quality scores

Get the digital experience trend for the sales team

Tools included: get_zdx_scores, list_applications, get_application_metrics, list_devices, get_device_details, get_network_metrics

zscaler-identity

User and group management across Zscaler:

List all user groups in Zscaler

Show users in the engineering department

What groups does user john.doe belong to?

Get identity provider configuration

Tools included: list_users, get_user, list_groups, get_group, list_departments, get_idp_config

zscaler-insights

Analytics and reporting:

Show web traffic analytics for the last 24 hours

What are the top blocked categories today?

Get bandwidth usage by department

List security events for the network team

Tools included: get_traffic_analytics, get_security_analytics, get_bandwidth_report, list_audit_logs, get_threat_report

Cloudflare Integration: 5 Skills

cloudflare-dns

DNS management at the edge:

List all DNS zones in Cloudflare

Show DNS records for example.com

What's the TTL for the www A record?

List zones with DNSSEC enabled

Tools included: list_zones, get_zone, list_dns_records, get_dns_record, get_zone_settings, get_dnssec_status

cloudflare-security

Web application security:

List WAF rules for example.com

Show firewall events from the last hour

What custom rules are blocking traffic?

Get the security level for the API zone

Tools included: list_waf_rules, get_waf_rule, list_firewall_events, list_custom_rules, get_custom_rule, get_security_settings, list_rate_limits

cloudflare-zerotrust

Cloudflare Access and Tunnels:

List all Access applications

Show policies for the internal-dashboard app

What Cloudflare Tunnels are configured?

Get connection status for the datacenter tunnel

Tools included: list_access_applications, get_access_application, list_access_policies, get_access_policy, list_tunnels, get_tunnel, list_casb_findings, get_casb_finding

cloudflare-analytics

Traffic insights and Radar data:

Show traffic analytics for example.com today

What are the global Internet traffic trends?

Scan https://suspicious-site.com for threats

Get threat intelligence for IP 1.2.3.4

Tools included: get_zone_analytics, search_logs, get_traffic_insights, scan_url, get_threat_intel, get_internet_trends

cloudflare-workers

Edge compute monitoring:

List all deployed Workers

Show details for the api-gateway Worker

What bindings does my edge-proxy Worker have?

Get build history for auth-worker

Tools included: list_workers, get_worker, get_worker_bindings, list_builds, get_build, get_worker_analytics

Quick Setup

Zscaler

# ZIA (Internet Access)
export ZSCALER_ZIA_API_KEY="your-zia-api-key"
export ZSCALER_ZIA_CLOUD="zscaler.net"
export ZSCALER_ZIA_USERNAME="admin@example.com"
export ZSCALER_ZIA_PASSWORD="your-password"

# ZPA (Private Access)
export ZSCALER_ZPA_CLIENT_ID="your-client-id"
export ZSCALER_ZPA_CLIENT_SECRET="your-client-secret"
export ZSCALER_ZPA_CUSTOMER_ID="your-customer-id"

Cloudflare

export CLOUDFLARE_API_TOKEN="your-api-token"
export CLOUDFLARE_ACCOUNT_ID="your-account-id"

Generate tokens at dash.cloudflare.com → My Profile → API Tokens.

Real-World Security Investigation

Here’s how a security engineer investigates a potential threat:

1. Check Cloudflare for Anomalies

netclaw: Show firewall events for the api zone in the last hour

2. Analyze Traffic Patterns

netclaw: Get traffic analytics for api.example.com today

3. Investigate Suspicious Source

netclaw: Get threat intelligence for IP 203.0.113.42 from Cloudflare Radar

4. Check Zscaler for Internal Activity

netclaw: List security events in Zscaler for users accessing external APIs

5. Verify Access Policies

netclaw: Show ZPA access policies for the internal-api application segment

6. Check User Context

netclaw: What groups does user john.doe belong to in Zscaler?

Complete visibility across edge and access security—through conversation.

Integration Architecture

Both platforms connect through their official MCP interfaces:

{
  "zscaler-mcp": {
    "url": "mcp://zscaler.com/mcp",
    "env": {
      "ZSCALER_ZIA_API_KEY": "${ZSCALER_ZIA_API_KEY}",
      "ZSCALER_ZPA_CLIENT_ID": "${ZSCALER_ZPA_CLIENT_ID}",
      "ZSCALER_ZPA_CLIENT_SECRET": "${ZSCALER_ZPA_CLIENT_SECRET}"
    }
  },
  "cloudflare-observability": {
    "url": "mcp://observability.mcp.cloudflare.com",
    "env": {
      "CLOUDFLARE_API_TOKEN": "${CLOUDFLARE_API_TOKEN}",
      "CLOUDFLARE_ACCOUNT_ID": "${CLOUDFLARE_ACCOUNT_ID}"
    }
  }
}

Cloudflare uses multiple specialized MCP endpoints for different capabilities (DNS analytics, Radar, CASB, Workers builds).

The Complete Security Stack

With Zscaler and Cloudflare joining Palo Alto and Cisco FMC, NetClaw covers the major security platforms:

Platform	Domain	NetClaw Skills
Palo Alto	Next-gen firewall	Existing
Cisco FMC	Firewall management	Existing
Zscaler	Zero trust access	5 skills
Cloudflare	Edge security	5 skills

Network security engineers can now query across all platforms:

netclaw: Show blocked connections on the Palo Alto firewall,
         check if the source IP is in Zscaler block lists,
         and get threat intel from Cloudflare Radar

Zero Trust Through Conversation

Zero trust means verifying everything, everywhere. That’s a lot of queries across a lot of systems. NetClaw makes this manageable:

Before:

Log into Zscaler admin portal
Navigate to correct policy section
Log into Cloudflare dashboard
Check multiple tabs and filters
Cross-reference manually

After:

netclaw: Verify that user john.doe can access the SAP application 
         through ZPA and show any recent security events

The security perimeter might be everywhere, but your interface to it doesn’t have to be.

NetClaw now supports 68 MCP servers with 124 skills. Zero trust security just became conversational.

Get started at github.com/automateyournetwork/netclaw

April 5, 2026

NetClaw Adds HashiCorp Terraform and Vault: Infrastructure as Code Meets Natural Language

Infrastructure automation through conversation. NetClaw now integrates with HashiCorp Terraform Cloud and Vault, bringing 6 new skills for managing infrastructure as code and secrets. Query workspace state, explore the Terraform Registry, retrieve certificates, and manage secrets—all through natural language.

The HashiCorp Stack

HashiCorp tools are foundational to modern infrastructure:

Terraform defines infrastructure as code, managing everything from cloud resources to network devices
Vault secures secrets, manages certificates, and provides encryption as a service

Network engineers increasingly rely on both. Now NetClaw speaks their language.

Terraform Cloud Integration: 3 Skills

terraform-registry

Explore the Terraform ecosystem:

Search the Terraform Registry for Cisco ACI providers

Show details for the hashicorp/aws provider

What modules exist for network automation?

List versions of the PAN-OS provider

Tools included: search_providers, get_provider, get_provider_versions, search_modules, get_module, get_module_versions

terraform-workspaces

Understand your infrastructure state:

List all Terraform workspaces in my organization

Show the current state of the production-network workspace

What resources are managed in the dmz-firewalls workspace?

Compare state between staging and production workspaces

Tools included: list_workspaces, get_workspace, get_workspace_state, list_state_versions, get_state_version, list_workspace_resources

terraform-operations

Monitor infrastructure changes:

Show recent runs for the network-core workspace

What's the status of the latest plan?

List runs that failed in the last 24 hours

Show the plan output for run-abc123

Tools included: list_runs, get_run, get_plan, list_applies, get_apply, get_run_logs

HashiCorp Vault Integration: 3 Skills

vault-secrets

Secure secrets management:

List secrets in the network-credentials path

Get the SNMP community strings from Vault

What secrets are stored under infrastructure/routers?

Show metadata for the admin-credentials secret

Tools included: list_secrets, get_secret, get_secret_metadata, list_secret_versions

vault-pki

Certificate lifecycle management:

List PKI roles in the network-ca mount

Generate a certificate for core-rtr-01.example.com

Show the CA certificate chain

What certificates are about to expire?

Tools included: list_pki_roles, get_pki_role, issue_certificate, get_ca_chain, list_certificates, get_certificate, revoke_certificate

vault-mounts

Understand your secrets architecture:

List all secrets engines in Vault

Show configuration for the network-kv mount

What auth methods are enabled?

Get details on the PKI secrets engine

Tools included: list_mounts, get_mount, list_auth_methods, get_auth_method

Quick Setup

Terraform Cloud

export TF_CLOUD_TOKEN="your-terraform-cloud-token"
export TF_CLOUD_ORGANIZATION="your-org-name"

Generate a token at app.terraform.io → User Settings → Tokens.

HashiCorp Vault

export VAULT_ADDR="https://vault.example.com:8200"
export VAULT_TOKEN="your-vault-token"
# Or use other auth methods:
export VAULT_ROLE_ID="your-role-id"
export VAULT_SECRET_ID="your-secret-id"

Real-World Workflow: Network Device Provisioning

Here’s how these integrations work together:

1. Find the Right Provider

netclaw: Search Terraform Registry for Juniper Junos providers

2. Check Workspace State

netclaw: Show resources in the juniper-spine-switches workspace

3. Get Credentials Securely

netclaw: Get the Juniper admin credentials from Vault

4. Generate Device Certificates

netclaw: Issue a certificate for spine-sw-01.dc1.example.com from the network-ca

5. Monitor the Deployment

netclaw: Show the status of the latest Terraform run for juniper-spine-switches

6. Verify State

netclaw: List all resources managed in the workspace after the apply

All secure. All audited. All conversational.

Integration Architecture

{
  "terraform-cloud-mcp": {
    "command": "npx",
    "args": ["-y", "@hashicorp/terraform-mcp-server"],
    "env": {
      "TF_CLOUD_TOKEN": "${TF_CLOUD_TOKEN}",
      "TF_CLOUD_ORGANIZATION": "${TF_CLOUD_ORGANIZATION}"
    }
  },
  "vault-mcp": {
    "command": "uvx",
    "args": ["mcp-vault"],
    "env": {
      "VAULT_ADDR": "${VAULT_ADDR}",
      "VAULT_TOKEN": "${VAULT_TOKEN}"
    }
  }
}

Why This Matters for Network Engineers

Modern network infrastructure is increasingly defined in code:

Cisco ACI fabrics managed through Terraform
Palo Alto firewalls configured via providers
Cloud networking (VPCs, subnets, security groups) in HCL
Device credentials secured in Vault
Certificates for mutual TLS between network devices

By integrating Terraform and Vault, NetClaw bridges the gap between network operations and infrastructure as code practices.

Before:

# Check workspace state
terraform login
cd workspace
terraform state list
terraform state show resource.name

# Get credentials
vault login
vault kv get secret/network/credentials

After:

netclaw: List resources in the aci-production workspace 
         and get the APIC credentials from Vault

Security First

These integrations respect the security models of both platforms:

Terraform Cloud: Token-based auth with organization scoping
Vault: Full support for token, AppRole, and other auth methods
Audit: All operations logged through Vault’s audit backend
RBAC: Permissions enforced by the respective platforms

NetClaw never bypasses security—it just makes it more accessible.

The Infrastructure Stack

With Terraform and Vault joining Ansible, NetClaw now covers the major infrastructure automation tools:

Platform	Use Case	NetClaw Skills
Ansible	Configuration management	Existing
Terraform	Infrastructure as code	3 skills
Vault	Secrets management	3 skills

Network engineers have a complete automation toolkit through natural language.

NetClaw now supports 68 MCP servers with 124 skills. Your infrastructure as code just became conversational.

Get started at github.com/automateyournetwork/netclaw

April 5, 2026

NetClaw Adds Splunk and Datadog: Enterprise Observability Through Natural Language

Your logs and metrics, accessible through conversation. NetClaw now integrates with both Splunk and Datadog, bringing enterprise-grade observability to network engineers through natural language. Query terabytes of logs, explore metrics, and investigate issues—all without writing SPL or navigating complex dashboards.

The Observability Gap

Network engineers live in a world of distributed systems. When something breaks, the evidence is scattered across:

Syslog servers
SNMP traps
Flow collectors
Application logs
Infrastructure metrics

Splunk and Datadog are where this data converges. Now NetClaw can query it directly.

Splunk Integration: 3 Skills, Full SPL Power

splunk-search

Run searches and analyze results through conversation:

Search Splunk for "connection refused" errors in the last hour

Find all syslog messages from 10.0.0.0/8 with severity error

Search for BGP state changes across all routers today

Run this SPL: index=network sourcetype=syslog | stats count by host

Capabilities:

Ad-hoc SPL queries
Time-bounded searches
Field extraction and filtering
Result summarization

splunk-indexes

Understand your data landscape:

List all Splunk indexes

Show details for the network-logs index

What's the data volume in the firewall index?

Which indexes contain Cisco syslog data?

splunk-saved

Leverage existing institutional knowledge:

List all saved searches related to network

Run the "Daily BGP Summary" saved search

Show the schedule for the "Firewall Denies Report"

What saved searches exist for security events?

Datadog Integration: Metrics, Monitors, and More

Datadog brings infrastructure metrics, APM traces, and intelligent alerting. NetClaw exposes this through intuitive queries:

Metrics and Dashboards

Show CPU metrics for all network devices

What's the interface utilization on core-rtr-01?

List dashboards tagged with "network"

Show the Network Health dashboard

Monitors and Alerts

List all critical monitors in alert state

Show monitors for the network team

What triggered the "High Latency" alert?

List monitors with "BGP" in the name

Infrastructure and Logs

Search Datadog logs for "authentication failed"

Show all hosts tagged environment:production

List infrastructure metrics for network devices

What events occurred in the last hour?

Quick Setup

Splunk Configuration

# Splunk Enterprise or Cloud
export SPLUNK_HOST="https://your-splunk-instance:8089"
export SPLUNK_TOKEN="your-api-token"

# For Splunk Cloud
export SPLUNK_CLOUD_HOST="your-instance.splunkcloud.com"

Datadog Configuration

export DD_API_KEY="your-api-key"
export DD_APP_KEY="your-app-key"
export DD_SITE="datadoghq.com"  # or datadoghq.eu, etc.

Real-World Investigation

Here’s how a network engineer might investigate an outage:

1. Initial Alert

netclaw: Show me all critical Datadog monitors in alert state

2. Gather Context

netclaw: Search Splunk for errors on core-rtr-01 in the last 30 minutes

3. Correlate Events

netclaw: What BGP state changes occurred in Splunk today?

4. Check Metrics

netclaw: Show interface utilization metrics for core-rtr-01 from Datadog

5. Historical Pattern

netclaw: Run the "Weekly Network Anomalies" saved search in Splunk

All without leaving the terminal. All in natural language.

Integration Architecture

Both integrations use the official MCP servers:

{
  "splunk-mcp": {
    "command": "uvx",
    "args": ["mcp-splunk"],
    "env": {
      "SPLUNK_HOST": "${SPLUNK_HOST}",
      "SPLUNK_TOKEN": "${SPLUNK_TOKEN}"
    }
  },
  "datadog-mcp": {
    "command": "npx",
    "args": ["-y", "@datadog/mcp-server"],
    "env": {
      "DD_API_KEY": "${DD_API_KEY}",
      "DD_APP_KEY": "${DD_APP_KEY}"
    }
  }
}

The Complete Observability Stack

With Splunk and Datadog joining Grafana and Prometheus, NetClaw now covers the major observability platforms:

Platform	Strength	NetClaw Skills
Grafana	Visualization, dashboards	2 skills
Prometheus	Metrics, alerting	2 skills
Datadog	Full-stack observability	3 skills
Splunk	Log analytics, SIEM	3 skills

Network engineers can now query across platforms:

netclaw: Check Prometheus for high CPU alerts, 
         then search Splunk for corresponding syslogs,
         and show me the Datadog dashboard for that device

What This Means

Observability tools are only as good as your ability to query them quickly. By bringing Splunk and Datadog into the NetClaw ecosystem, we’re eliminating the friction between "I need to know" and "I found the answer."

No more:

Learning SPL syntax for one-off queries
Navigating complex Datadog dashboards
Context-switching between tools
Losing investigation threads

Instead:

Ask questions in plain English
Get answers in seconds
Stay in your flow

NetClaw now supports 68 MCP servers with 124 skills. Your observability stack just became conversational.

Get started at github.com/automateyournetwork/netclaw

April 5, 2026

NetClaw Adds PagerDuty Integration: AI-Powered Incident Management for Network Engineers

NetClaw now speaks incident management. We’re excited to announce full PagerDuty integration, bringing 4 new skills backed by 70 tools to the NetClaw ecosystem. Network engineers can now manage incidents, on-call schedules, services, and automation workflows through natural language.

Why PagerDuty?

When a network goes down at 3 AM, the last thing you want is to fumble through multiple dashboards. PagerDuty is the industry standard for incident response, and now NetClaw can:

Query active incidents across your infrastructure
Check who’s on-call for any service or escalation policy
Inspect service configurations and dependencies
Manage Event Orchestration rules and automations

The 4 New Skills

1. pagerduty-incidents

Manage the full incident lifecycle through conversation:

Show me all P1 incidents from the last 24 hours

What's the status of INC-12345?

List incidents affecting the core-network service

Who acknowledged the latest database incident?

Tools included: list_incidents, get_incident, create_incident, update_incident, merge_incidents, snooze_incident, list_incident_notes, create_incident_note, list_incident_alerts, manage_incident_alerts, list_responder_requests, list_notification_subscribers, list_incident_workflows

2. pagerduty-oncall

Never wonder who to contact during an outage:

Who's on-call for the network-operations team right now?

Show the on-call schedule for next week

List all escalation policies for infrastructure services

What's the rotation schedule for the NOC team?

Tools included: list_oncalls, list_schedules, get_schedule, list_schedule_users, list_escalation_policies, get_escalation_policy

3. pagerduty-services

Understand your service topology and health:

List all services in the network domain

Show dependencies for the edge-router service

What integrations does the firewall-alerts service have?

Get details on service SVC-ABC123

Tools included: list_services, get_service, list_service_integrations, list_service_dependencies, list_business_services, get_business_service, get_impacted_business_services, get_service_standards, get_standards_scores

4. pagerduty-orchestration

Automate incident response workflows:

List all Event Orchestration rules

Show the global orchestration configuration

What automation rules trigger for network alerts?

Get details on orchestration ORCH-12345

Tools included: list_event_orchestrations, get_event_orchestration, get_global_orchestration, list_automation_actions, get_automation_action, list_automation_runners

Quick Setup

1. Get Your API Key

Navigate to My Profile → User Settings → Create API User Token in PagerDuty.

2. Configure Environment

export PAGERDUTY_USER_API_KEY="your-api-key"
export PAGERDUTY_API_HOST="https://api.pagerduty.com"  # Optional

3. Start Using

netclaw: Show me all active P1 and P2 incidents

netclaw: Who's on-call for infrastructure right now?

netclaw: Create a P3 incident for "BGP session flapping on core-rtr-01"

Integration Architecture

NetClaw uses the official pagerduty-mcp package with write tools enabled:

{
  "pagerduty-mcp": {
    "command": "uvx",
    "args": ["pagerduty-mcp", "--enable-write-tools"],
    "env": {
      "PAGERDUTY_USER_API_KEY": "${PAGERDUTY_USER_API_KEY}"
    }
  }
}

The --enable-write-tools flag allows NetClaw to create incidents, add notes, and manage alerts—not just read data.

Real-World Workflow

Imagine this scenario:

Detection: Your monitoring detects BGP session drops
Query: "Show me active network incidents"
Context: "Who’s on-call for network-operations?"
Action: "Create a P2 incident for BGP instability on core-rtr-01 and assign to the on-call engineer"
Update: "Add a note to INC-12345: Root cause identified as fiber cut on provider link"
Resolution: "Resolve INC-12345 with resolution note: Provider restored connectivity"

All through natural language. No dashboard switching. No context loss.

What’s Next

This PagerDuty integration is part of a larger wave of observability and incident management capabilities coming to NetClaw. Combined with our existing integrations (Grafana, Prometheus, Datadog), network engineers now have a complete incident lifecycle toolkit at their fingertips.

NetClaw now supports 68 MCP servers with 124 skills. The network operations center is evolving, and natural language is the new CLI.

Ready to try it? Check out the NetClaw GitHub repository for installation instructions.

April 4, 2026April 4, 2026

NetClaw Integrates Palo Alto Networks Prisma SD-WAN: Complete Fabric Visibility Through Natural Language

NetClaw Now Speaks Prisma SD-WAN

We’re excited to announce that NetClaw now integrates with Palo Alto Networks Prisma SD-WAN, bringing complete fabric visibility through natural language queries. This integration adds 4 new skills backed by 16 tools, enabling network engineers to discover topology, monitor health, inspect configurations, and view application definitions without leaving the CLI.

What’s New

The Prisma SD-WAN integration leverages the community MCP server from iamdheerajdubey/prisma-sdwan-mcp, providing read-only access to your SD-WAN fabric through 16 tools organized into 4 purpose-built skills:

prisma-sdwan-topology (4 tools)

Discover your entire SD-WAN fabric through natural language:

get_sites — List all sites with element counts and addresses
get_elements — View ION devices (routers) by site
get_machines — Audit hardware inventory with serial numbers
get_topology — Visualize site-to-site VPN connectivity

Example: "Show me all SD-WAN sites" returns a complete inventory with element counts.

prisma-sdwan-status (4 tools)

Monitor fabric health without clicking through dashboards:

get_element_status — CPU, memory, uptime, online/offline state
get_software_status — Current versions and upgrade availability
get_events — Recent operational events with severity
get_alarms — Active critical and major alarms

Example: "Are there any critical SD-WAN alarms?" instantly surfaces issues requiring attention.

prisma-sdwan-config (7 tools)

Inspect configurations across the fabric:

get_interfaces — LAN/WAN interface configurations per element
get_wan_interfaces — WAN circuit details with bandwidth and BFD
get_bgp_peers — BGP peering configurations and session states
get_static_routes — Static route tables per element
get_policy_sets — Policy set definitions
get_security_zones — Security zone configurations
generate_site_config — Export validated YAML for offline review

Example: "What BGP peers are configured on hq-router-1?" shows peering state instantly.

prisma-sdwan-apps (1 tool)

Understand application-aware policies:

get_app_defs — Application definitions with categories and risk levels

Example: "List high-risk applications" helps identify policy opportunities.

Why This Matters

SD-WAN operations typically require navigating through web consoles, clicking through multiple tabs, and mentally correlating information across screens. With NetClaw’s Prisma SD-WAN integration:

One question, one answer: Ask "which elements are offline?" instead of navigating to device inventory, filtering by status, and scrolling through results.
Cross-domain correlation: Combine SD-WAN queries with other NetClaw skills. Check NetBox for expected device counts, compare with actual Prisma inventory, and flag discrepancies—all in one conversation.
Audit trail: Every query is logged to GAIT, providing a complete record of what was asked and what was found.

Getting Started

Prerequisites

Palo Alto Networks Prisma Access/SASE subscription with SD-WAN enabled
Service account with SD-WAN API permissions

Configuration

Run ./scripts/install.sh to clone the MCP server
Configure your .env file:

PAN_CLIENT_ID=name@tsg.iam.panserviceaccount.com
PAN_CLIENT_SECRET=your-secret-key
PAN_TSG_ID=your-tenant-service-group-id
PAN_REGION=americas  # or europe

Start NetClaw and ask: "List all SD-WAN sites"

Read-Only by Design

This integration is intentionally read-only. All 16 tools query state without making changes, which means:

No ServiceNow Change Request gating required
No risk of accidental configuration changes
Safe for production environments

What’s Next

The Prisma SD-WAN integration is our 45th MCP server integration and brings NetClaw to 106 total skills. We continue to expand multi-vendor coverage while maintaining our core principle: network engineers should be able to ask questions in natural language and get precise, actionable answers.

NetClaw is an open-source CCIE-level digital coworker that brings network automation to the CLI through Model Context Protocol (MCP) integrations. Learn more at github.com/automateyournetwork/netclaw.

April 3, 2026April 3, 2026

The Virtual Network Trifecta: NetClaw Now Supports GNS3, CML, and ContainerLab

Network engineers love choice. Some swear by Cisco Modeling Labs (CML) for its polished Cisco device support. Others prefer ContainerLab’s lightweight, container-based approach. And many have years of experience with GNS3’s flexible, open-source platform.

With the addition of GNS3 MCP server support, NetClaw now speaks all three languages — giving you the freedom to build virtual network labs in whichever framework fits your workflow.

Why Three Platforms?

Each network virtualization platform has its strengths:

Cisco Modeling Labs (CML)

Official Cisco images with full feature parity
Integrated with Cisco DevNet and CML-Personal licenses
Best for Cisco-centric environments

ContainerLab

Lightning-fast container-based nodes
Declarative YAML topology definitions
Ideal for CI/CD pipelines and rapid prototyping

GNS3

Open-source with massive community
Supports QEMU, Docker, VirtualBox, and VMware
Flexible compute server architecture (local or remote)

Now NetClaw can orchestrate labs across all three — using natural language.

What We Built: GNS3 MCP Server

The GNS3 MCP server provides 23 tools organized into 5 skills:

gns3-project-lifecycle

Create, open, close, delete, clone, and export/import GNS3 projects (labs).

gns3-node-operations

Add devices from templates, start/stop/suspend/reload nodes, access consoles, isolate nodes for testing.

gns3-link-management

Connect devices together, list links, delete links, build complete topologies.

gns3-packet-capture

Start and stop packet captures on any link, retrieve PCAP files for analysis.

gns3-snapshot-ops

Save and restore lab state — perfect for training scenarios or risky config changes.

Natural Language Lab Management

With GNS3 skills loaded, you can tell NetClaw:

"Create a new GNS3 lab called bgp-testing"
"Add two Cisco IOSv routers to the lab"
"Connect router1 eth0 to router2 eth0"
"Start all nodes"
"Capture traffic on the link between router1 and router2"
"Create a snapshot called baseline before I break everything"

NetClaw handles the REST API calls, UUID resolution, and error handling — you focus on the network design.

Setting Up GNS3 with NetClaw

Option 1: Fresh Install via install.sh

If you’re setting up NetClaw from scratch, the install script handles everything:

git clone https://github.com/automateyournetwork/netclaw.git
cd netclaw
./install.sh

During setup, provide your GNS3 server details when prompted, or set them in your .env file:

GNS3_URL=http://your-gns3-server:3080
GNS3_USER=admin
GNS3_PASSWORD=your-password

Option 2: Adding to Existing NetClaw

Already running NetClaw? Add GNS3 support in three steps:

Step 1: Add environment variables

Edit your .env file (or export directly):

# GNS3 Configuration
GNS3_URL=http://your-gns3-server:3080
GNS3_USER=admin
GNS3_PASSWORD=your-password

Step 2: Register the MCP server

Add to your config/openclaw.json under the "mcpServers" section:

"gns3": {
  "command": "python",
  "args": ["-m", "mcp_servers.gns3_mcp_server"],
  "env": {
    "GNS3_URL": "${GNS3_URL}",
    "GNS3_USER": "${GNS3_USER}",
    "GNS3_PASSWORD": "${GNS3_PASSWORD}"
  }
}

Step 3: Restart NetClaw

The GNS3 MCP server will connect on startup and verify connectivity.

GNS3 Server Requirements

GNS3 version 2.2.0 or later (REST API v3)
REST API enabled and accessible over the network
Node templates pre-configured (Cisco IOSv, Arista vEOS, etc.)
Compute resources available (local QEMU or remote Docker/VirtualBox/VMware)

Lab-Only Operations

Like CML and ContainerLab skills, GNS3 operations are designated lab-only — no ServiceNow Change Request gating required. This is intentional: virtual labs are isolated environments for testing, training, and proof-of-concept work.

All operations are still recorded in NetClaw’s GAIT audit trail for session traceability.

The Complete Picture

With GNS3 joining CML and ContainerLab, NetClaw now offers:

Capability	CML	ContainerLab	GNS3
Project/Lab Management	Yes	Yes	Yes
Node Operations	Yes	Yes	Yes
Link Management	Yes	Yes	Yes
Packet Capture	Yes	Yes	Yes
Snapshots	Yes	No	Yes
Topology Export	Yes	Yes	Yes

Mix and match based on your needs — or use all three in different scenarios.

What’s Next

The GNS3 MCP server is available now in the netclaw repository on the 012-gns3-mcp-server branch. Pull request incoming to main.

Future enhancements may include:

Cross-platform topology conversion (CML to GNS3 and back)
Unified lab inventory across all three platforms
Template synchronization between environments

This post documents the GNS3 MCP server milestone — completing NetClaw’s virtual network trifecta. Built collaboratively by John Capobianco and Claude.