diff --git a/explore-analyze/ai-features/agent-builder/built-in-agents.md b/explore-analyze/ai-features/agent-builder/built-in-agents.md new file mode 100644 index 0000000000..2452960902 --- /dev/null +++ b/explore-analyze/ai-features/agent-builder/built-in-agents.md @@ -0,0 +1,69 @@ +--- +navigation_title: "Built-in agents reference" +applies_to: + stack: preview =9.2, ga 9.3 + serverless: preview +products: + - id: kibana + - id: observability + - id: security + - id: cloud-serverless +--- + +# {{agent-builder}} built-in agents reference + +This page lists the built-in agents available in {{agent-builder}}. Built-in agents are pre-configured by Elastic with specific instructions and tools to handle common use cases. + +Unlike custom agents, you cannot modify or delete these agents. However, they serve as excellent examples for [building your own custom agents](agent-builder-agents.md#create-a-new-agent-in-the-gui). + +## Availability and location + +The availability of specific agents depends on your active solution and whether you have enabled {{agent-builder}} in that space. + +## Elastic AI Agent +```{applies_to} +stack: preview =9.2, ga 9.3 +``` + +The **Elastic AI Agent** is the default general-purpose agent for {{es}}. It is designed to help with a wide range of tasks, from writing {{esql}} queries to exploring your data indices. + +**Availability:** +* **All views:** Available in {{es}}, {{observability}}, Security, and Classic views. + +**Assigned Tools:** +* All **Platform core tools** (e.g., `list_indices`, `execute_esql`, `get_document_by_id`) +* `product_documentation` + +## {{observability}} Agent +```{applies_to} +stack: preview =9.3 +``` + +A specialized agent for logs, metrics, and traces. It is designed to assist with infrastructure monitoring and application performance troubleshooting. + +**Availability:** +* **Observability** view +* **Classic** view + +**Assigned Tools:** +* All **{{observability}} tools** (e.g., `observability.get_alerts`, `observability.get_services`, `observability.get_log_change_points`) +* All **Platform core tools** + +## Threat Hunting Agent +```{applies_to} +stack: preview =9.3 +``` + +A specialized agent for security alert analysis tasks, including alert investigation and security documentation. It helps analysts triage alerts and understand complex security events. + +**Availability:** +* **Security** view +* **Classic** view + +**Assigned Tools:** +* All **Security tools** (e.g., `security.alerts`, `security.entity_risk_score`, `security.attack_discovery_search`) +* All **Platform core tools** + +## Related pages + +- [Create a new agent](agent-builder-agents.md#create-a-new-agent-in-the-gui) diff --git a/explore-analyze/toc.yml b/explore-analyze/toc.yml index 22aa9bd33d..2bf48ca460 100644 --- a/explore-analyze/toc.yml +++ b/explore-analyze/toc.yml @@ -178,6 +178,8 @@ toc: children: - hidden: ai-features/agent-builder/standalone-and-flyout-modes.md - file: ai-features/agent-builder/agent-builder-agents.md + children: + - file: ai-features/agent-builder/built-in-agents.md - file: ai-features/agent-builder/tools.md children: - file: ai-features/agent-builder/tools/esql-tools.md