Gene Library Courses Download Pricing Contact Sign in
elastic-agent-builder logo
search Official Website

Elastic MCP Server – Search and Agent Tools

Elastic's official Agent Builder MCP server gives external AI clients access to built-in and custom Agent Builder tools backed by Elasticsearch. Use it for search, retrieval, ES|QL analysis, workflow execution, and other governed agentic operations over Elastic data.

#elasticsearch#enterprise-search#agent-tools

Overview

Elastic's official Agent Builder MCP server exposes Elastic Agent Builder tools
to compatible external AI clients. It provides a standardized interface for
agents to use current Elasticsearch data and approved custom tools without
requiring separate point-to-point integrations for every client.

What the MCP server enables

The server exposes the built-in and custom tools configured in Elastic Agent
Builder. Depending on the tools available in the deployment and the privileges
granted to the authenticated credential, an AI agent can:

  • Search and retrieve documents from authorized Elasticsearch indices.
  • Run ES|QL-based analysis and other built-in Elastic tools.
  • Use custom index-search, workflow, and other Agent Builder tools.
  • Access tools created for organization-specific data and business processes.
  • Filter the returned tool catalog by namespace.
  • Build agentic workflows over Elastic search, observability, security, and
    other indexed data where the configured tools permit it.

When to use it

Use Elastic Agent Builder MCP when an external coding assistant or AI client
needs governed access to live Elasticsearch data and Elastic-native tools.
Typical workflows include investigating logs, retrieving enterprise knowledge,
analyzing metrics, searching security data, running approved workflows, and
exposing organization-specific Agent Builder tools to clients such as Cursor,
VS Code, or Claude Desktop.

Connection and authentication

The endpoint is hosted by the organization's Kibana instance at
${KIBANA_URL}/api/agent_builder/mcp. For a custom Kibana Space, the endpoint
is ${KIBANA_URL}/s/${SPACE_NAME}/api/agent_builder/mcp.

Elastic documents API key authentication with the header
Authorization: ApiKey <key>. The API key must include the required Kibana
Agent Builder application privilege and the Elasticsearch index, cluster, and
action privileges needed by the exposed tools. Kibana's API documentation also
lists basic authentication as supported.

Clients that cannot connect directly to the remote endpoint can use the
documented mcp-remote stdio bridge and pass the same authorization header.

Key considerations

Elastic recommends this server for Elasticsearch 9.2+ deployments and
Serverless projects. Earlier deployments without Agent Builder can use Elastic's
older Elasticsearch MCP server, but that option has a more limited tool set.
Use short-lived API keys, restrict access to specific indices, prefer read-only
index privileges when possible, and grant only the Agent Builder and Actions
permissions required. Without the feature_agentBuilder.read privilege, the
endpoint returns 403 Forbidden.

Supported Transports

streamable_http

URL: ${KIBANA_URL}/api/agent_builder/mcp

stdio

Command: npx

Args:

  • mcp-remote
  • ${KIBANA_URL}/api/agent_builder/mcp
  • --header
  • Authorization:${ELASTIC_AUTH_HEADER}

Frequently Asked Questions

When should an AI agent use the Elastic Agent Builder MCP server?
Use it when an external AI client needs governed access to live Elasticsearch data or approved Agent Builder tools, such as enterprise search, ES|QL analysis, log investigation, security-data retrieval, or workflow execution.
What does the Elastic Agent Builder MCP server add to an AI agent's capabilities?
It gives the agent structured access to built-in and custom Elastic Agent Builder tools, allowing it to query authorized Elasticsearch data and run approved Elastic workflows instead of relying only on static model knowledge or manually pasted results.
What can an AI agent access or manage through Elastic MCP?
Depending on configured tools and credential privileges, the agent can use Elasticsearch search, ES|QL, index-search tools, workflow tools, and custom Agent Builder tools. Access is limited to the indices, actions, and Kibana spaces permitted by the authenticated credential.
How is authentication configured for the Elastic Agent Builder MCP server?
The standard setup uses an Elastic API key in the Authorization header with the ApiKey scheme. The key must include the Agent Builder application privilege and the minimum cluster, index, and action privileges required by the tools. Kibana basic authentication is also supported by the endpoint.
Which transport should be used for the Elastic Agent Builder MCP server?
Use Streamable HTTP directly with the Kibana Agent Builder endpoint when the client supports remote MCP. Use the documented mcp-remote stdio bridge only when the client requires a locally launched process.