Kibana

Tool to delete an action in kibana. use when you need to remove a specific action by its id, optionally within a specific space.

Tool to delete an alerting rule in kibana. use when you need to remove a specific alerting rule by its id.

Tool to delete a connector in kibana. use when you need to remove an existing connector.

Tool to delete a specific output configuration in kibana fleet. use when you need to remove an existing output by its id.

Tool to delete a specific fleet proxy configuration by its id. use when you need to remove an existing proxy setup.

Deletes a list. use when you want to delete a list by its id.

Tool to delete a saved osquery query by its id. use when you need to remove a specific osquery saved query.

Tool to delete a saved object in kibana. use when you need to remove a specific saved object like a visualization or dashboard.

Tool to find and/or aggregate detection alerts in kibana. use this to retrieve a list of alerts, optionally filtering them with a query and performing aggregations.

Tool to fetch the list of available action types (e.g., '.slack', '.email', '.webhook') in kibana. use this to discover the 'actiontypeid' needed when creating a new action.

Tool to retrieve a list of alerting rules in kibana. use when you need to get a paginated set of rules based on specified conditions.

Tool to retrieve available alert types in kibana. use when you need to get a list of all possible alert types and their metadata.

Tool to retrieve a list of cases in kibana. use when you need to find or list existing security or operational cases, potentially filtering by various attributes like status, assignee, or severity.

Tool to retrieve a list of all connectors in kibana. use this tool when you need to get information about available connectors.

Tool to retrieve a list of data views available in kibana. use when you need to get a list of available data views, optionally filtering by a name pattern.

Retrieves a list of detection engine rules based on specified criteria. use this tool to find detection rules.

Tool to retrieve all items from an endpoint exception list. use when you need to get a list of endpoint exceptions, for example, to check existing exceptions before adding a new one.

Retrieves the list of engines from the entity store.

Tool to list entity records in the entity store with support for paging, sorting, and filtering. use when you need to retrieve a list of entities such as users, hosts, or services.

Tool to retrieve the status of the entity store in kibana. use this to check if the entity store is operational.

Tool to retrieve the available versions for fleet agents. use when you need to get a list of all available elastic agent versions.

Tool to check if the fleet agents are set up. use when you need to verify the fleet agent setup status.

Fetches a list of agent policies in fleet. use when you need to retrieve agent policy configurations.

Tool to check the permissions for the fleet api. use when you need to verify if the current user has the necessary privileges for fleet operations.

Retrieves the list of data streams in fleet.

Tool to retrieve details of a specific enrollment api key by its id. use when you have the id of an enrollment api key and need its details.

Tool to fetch a list of enrollment api keys. use when you need to retrieve existing enrollment tokens for kibana fleet.

Tool to fetch the list of categories in the elastic package manager. use when you need to retrieve available package categories.

Tool to retrieve the list of data streams in the elastic package manager. use when you need to get a list of available data streams, optionally filtering by type, dataset, or categorization.

Tool to fetch the list of available packages in the elastic package manager. use when you need to find available integrations or their details.

Tool to retrieve the list of installed packages in the elastic package manager. use this when you need to check which packages are currently installed in fleet.

Tool to fetch a limited list of packages from the elastic package manager. use when you need to retrieve a list of available epm packages with minimal details.

Tool to fetch details of a specific package and version in the elastic package manager (epm). use when you need to get information about a particular epm package, such as its title, description, or type.

Tool to retrieve a specific file from a package in the elastic package manager. use when you need to inspect the contents of a package file.

Tool to retrieve statistics for a specific package in the elastic package manager. use when you need to get epm package statistics.

Tool to retrieve a list of all package policies (agent & epm), providing their ids and associated details. use when you need to get an overview of existing package policies.

Tool to fetch details of a specific fleet server host by its item id. use when you need to get information about a particular fleet server host.

Tool to retrieve the list of fleet server hosts. use when you need to get information about the available fleet server hosts.

Tool to fetch information about indices managed by kibana's index management feature. it queries the underlying elasticsearch / cat/indices api to retrieve index details. use when you need to list or get details about one or more indices in the cluster.

Tool to retrieve statistics for nodes in an elasticsearch cluster, often visualized in kibana. use when you need to monitor node health, performance, or resource usage. this action calls the elasticsearch nodes stats api.

Tool to retrieve a list of reporting jobs in kibana. use when you need to see pending or completed reports. this uses an internal api endpoint, which might be subject to change without notice.

Tool to retrieve a list of saved objects in kibana based on specified criteria. use when you need to find dashboards, visualizations, index patterns, or other saved entities.

Tool to get the current status of kibana. use when you need to check if kibana is healthy, monitor its state, or get information about the kibana instance including version, uuid, and metrics.

Tool to create a new alerting rule in kibana. use when you need to define a new condition that, when met, triggers an alert and potentially executes predefined actions.

Tool to create a new case in kibana. use when you need to open and track issues, incidents, or investigations. you can assign users, set severity levels, add tags, and configure external connectors for integration with itsm systems.

Tool to create a new connector in kibana. use when you need to integrate kibana with an external service.

Tool to create a new dashboard in kibana. use when you need to create a dashboard to visualize data. dashboards can contain visualizations, saved searches, and other embeddable objects.

Tool to create a new data view (index pattern) in kibana. use when you need to define which elasticsearch indices to query and analyze in kibana. data views determine which fields are available in discover, visualize, and other kibana apps.

Tool to create or update a saved object in kibana. use when you need to programmatically manage kibana dashboards, visualizations, index patterns, etc.