elasticsearch-audit

Elastic agent skill for executing ES|QL (Elasticsearch Query Language) queries. Use when the user wants to query Elasticsearch data, analyze logs, aggregate metrics, explore data, or build charts and dashboards from ES|QL results.

Create and manage Kibana dashboards and visualizations declaratively via the new Kibana 9.4+ APIs — minimal, diffable payloads suited for GitOps, version control, and LLM-assisted generation.

Authenticate to Elasticsearch across all supported realms — native, file-based, LDAP/AD, SAML, OIDC, Kerberos, JWT, and certificate — plus the full API key lifecycle. Covers credential verification and deployment differences across self-managed, ECH, and Serverless without ever prompting the user for secrets in chat.

Teaches AI agents how to ingest files into Elasticsearch, covering document indexing, file processing pipelines, and data ingestion workflows as part of the official Elastic Agent Skills library.

Skill

Manage Elasticsearch RBAC — native users, custom roles, role mappings, and document- / field-level security — including Kibana feature/space privileges and Mustache-template role assignment from external realms like LDAP, SAML, and PKI. Covers feature differences across self-managed, ECH, and Serverless deployments.

Skill

Teaches AI agents how to create, manage, and configure Kibana alerting rules in the Elastic Stack, part of Elastic's official Agent Skills library for working with Elasticsearch, Kibana, and Elastic Security.

Official Elastic skill for managing Kibana Streams via REST API — list, inspect, enable, disable, and resync streams, including ingest/query settings, queries, significant events, and attachments. Part of the Elastic Agent Skills library built by the Elastic team.

Official Elastic skill for building Vega and Vega-Lite visualizations with ES|QL data sources in Kibana — ideal for custom charts, dashboards, and programmatic panel layouts beyond standard Lens capabilities.