[Search] onboarding agent page context awareness#261404
Closed
wildemat wants to merge 9 commits intoelastic:mainfrom
Closed
[Search] onboarding agent page context awareness#261404wildemat wants to merge 9 commits intoelastic:mainfrom
wildemat wants to merge 9 commits intoelastic:mainfrom
Conversation
Agent Builder knows which Kibana page the user is on. This adds a Page Context section that adapts the conversation based on the current page (Index Management, Dev Tools, Connectors, File Data Visualizer, etc.). When the user is already on Dev Tools, skip conceptual setup and jump straight to generating the API snippets they need. Made-with: Cursor
wildemat
changed the title
wildemat
added
release_note:skip
This was referenced Apr 6, 2026
TattdCodeMonkey
approved these changes
Apr 7, 2026
…est to d0a8719 (main) (elastic#261066) This PR contains the following updates: | Package | Update | Change | |---|---|---| | docker.elastic.co/wolfi/chainguard-base-fips | digest | `87ba360` -> `d0a8719` | --- > [!WARNING] > Some dependencies could not be looked up. Check the Dependency Dashboard for more information. --- ### Configuration 📅 **Schedule**: Branch creation - At any time (no schedule defined), Automerge - At any time (no schedule defined). 🚦 **Automerge**: Disabled by config. Please merge this manually once you are satisfied. ♻ **Rebasing**: Whenever PR becomes conflicted, or you tick the rebase/retry checkbox. 🔕 **Ignore**: Close this PR and you won't be reminded about this update again. --- - [ ] <!-- rebase-check -->If you want to rebase/retry this PR, check this box --- This PR has been generated by [Renovate Bot](https://github.com/renovatebot/renovate). <!--renovate-debug:eyJjcmVhdGVkSW5WZXIiOiIzOS4xMDcuMCIsInVwZGF0ZWRJblZlciI6IjM5LjEwNy4wIiwidGFyZ2V0QnJhbmNoIjoibWFpbiIsImxhYmVscyI6WyJUZWFtOk9wZXJhdGlvbnMiLCJiYWNrcG9ydDpza2lwIiwiY2k6YnVpbGQtZG9ja2VyLWZpcHMiLCJyZWxlYXNlX25vdGU6c2tpcCJdfQ==--> --------- Co-authored-by: elastic-renovate-prod[bot] <174716857+elastic-renovate-prod[bot]@users.noreply.github.com> Co-authored-by: kibanamachine <42973632+kibanamachine@users.noreply.github.com> Co-authored-by: Brad White <Ikuni17@users.noreply.github.com>
…tools flyout (elastic#261876) > [!NOTE] > Most of the changes in this PR are actually just files moved. ## Summary This PR removes the dependency on `useExpandableFlyoutApi` from the code in the `flyout_v2` folder. This should not have been there but it slipped through the cracks. Currently, the `RelatedAttacks` logic in our `Correlations` flyout would not work and the behavior would be broken, trying to open a left expandable flyout next to a new flyout system tools flyout. Additionally, I took the opportunity to do the following cleanup: - move a few hooks and functions to the `correlations` folder, that had been left behind in the old `flyout` folder - slightly changed a UI logic to always show the related attacks, even if there are none. This was missed during code review, and is now more in line with the other correlations items, both in the overview and in the tools flyout Correlations Overview <img width="859" height="998" alt="Screenshot 2026-04-07 at 10 10 55 PM" src="https://github.com/user-attachments/assets/8176742a-b4d0-48fe-88e3-e1291a8fca93" /> Correlations tools flyout <img width="427" height="996" alt="Screenshot 2026-04-07 at 10 11 22 PM" src="https://github.com/user-attachments/assets/e32329fb-9518-4da9-a9c0-99f5492544c8" /> ## How to test To see the new (emtpy) flyout in Security Solution, add this to your `kibana.dev.yml` file: ```xpack.securitySolution.enableExperimental: [ 'newFlyoutSystemEnabled' ]``` Too see the new (emtpy) flyout in Discover, add this to your `kibana.dev.yml` file: ```discover.experimental.enabledProfiles: [ 'enhanced-security-document-profile' ]``` ### Checklist - [x] [Unit or functional tests](https://www.elastic.co/guide/en/kibana/master/development-tests.html) were updated or added to match the most common scenarios - [x] The PR description includes the appropriate Release Notes section, and the correct `release_note:*` label is applied per the [guidelines](https://www.elastic.co/guide/en/kibana/master/contributing.html#kibana-release-notes-process) - [x] Review the [backport guidelines](https://docs.google.com/document/d/1VyN5k91e5OVumlc0Gb9RPa3h1ewuPE705nRtioPiTvY/edit?usp=sharing) and apply applicable `backport:*` labels.
…61593) ### Summary Index threshold rule UI could list indices using the CPS project scope (via `POST .../data/_indices` and `project_routing`), but the chart preview called `POST .../internal/triggers_actions_ui/data/_time_series_query` without `project_routing`. The server-side Elasticsearch client then defaulted to origin-only routing, so preview did not match the picker. This change threads optional `**project_routing**` through the time-series query API and the threshold visualization so preview uses the same CPS scope as index selection. ### Changes - **`triggers_actions_ui`**: Extend `TimeSeriesQuerySchema` with optional `project_routing`; pass it from `timeSeriesQuery` into **`search`** and **`fieldCaps`** (including `fetchDataViewBase` for KQL filter typing). - **`stack_alerts`**: `getThresholdRuleVisualizationData` accepts optional `projectRouting` and sends **`project_routing`** in the JSON body; **`ThresholdVisualization`** reads `cps.cpsManager.getProjectRouting()` and passes it through, with a refetch when routing changes. - **Tests**: Schema validation for `project_routing`; unit tests for API body shape; visualization tests for CPS vs no CPS; `time_series_query` tests assert ES calls include `project_routing` when set. ### How to test 1. On a CPS-enabled serverless deployment, set the project picker to search linked projects (`_alias:*` or equivalent). 2. Create or edit an index threshold rule targeting data outside the origin project. 3. Confirm the preview chart loads data consistent with the selected indices (not empty or scoped only to the origin project). Made with [Cursor](https://cursor.com)
## Summary Part of: elastic/security-team#15982. (Resolves requirement `#4`) This change introduces a dedicated **`StepCategory.KibanaCases`** (`kibana.cases`) so Cases workflow steps are grouped under **Kibana → Cases** in the workflow actions menu instead of sitting in the flat Kibana list. **Actions menu (`workflows_management`)** - Builds a **Cases** subgroup (`id: kibana.cases`) under the Kibana group via **`nestedGroups`**, then merges any non-empty nested group into the parent’s **`options`** so the UI stays a normal tree of groups. - Assigns **`pathIds`** on every group (full path from the root) so choosing a nested group from **search** opens the correct depth (Kibana → Cases → …) instead of only appending the last segment. - **`ActionsMenu`** uses `selectedOption.pathIds ?? [...currentPath, id]` when entering a group. **Shared spec** - Adds **`StepCategory.KibanaCases`** in `@kbn/kbn-workflows` so step definitions and UI routing can target the Cases bucket explicitly. **Cases plugin** - Updates all Cases **common workflow step** definitions to use **`StepCategory.KibanaCases`** instead of **`StepCategory.Kibana`**. **Agent builder** - **`get_step_definitions_tool`**: maps connector types **`cases.*`** → **`KibanaCases`** and keeps **`kibana.*`** → **`Kibana`**. **Tests** - Extends **`get_action_options.test.ts`** for nested Cases, empty Cases group hidden, **`pathIds`**, and ordering expectations. --- ## Demo https://github.com/user-attachments/assets/dc14c35d-f63c-4165-9c23-1590a22edf80 ---
The onboarding agent in [the skills repo](https://github.com/elastic/agent-skills-sandbox/tree/main/skills/elasticsearch/elasticsearch-onboarding) is better suited for guiding a user through end-to-end solution development. Agent Builder is limited with its ability to set up resources for a user and deploy an application. For this reason, the search onboarding agent should be aware of this limitation in how it onboards a user. This change instructs the agent to lean on API snippets the user can leverage to create resources while still in Kibana, and help guide them further if they wish to continue in their IDE. As such, we remove some client/language specific code and language in this change.
botelastic
bot
added
the
Team:One Workflow
Contributor
Author
|
closed, botched merge |
Contributor
Author
Contributor
💔 Build Failed
Failed CI StepsMetrics [docs]Async chunks
Page load bundle
History
|
wildemat
added a commit
that referenced
this pull request
Apr 9, 2026
Re-opened after botched merge on [[Search] onboarding agent page context awareness](#261404 (comment))
wildemat
added a commit
that referenced
this pull request
Apr 9, 2026
> [!NOTE] > This change has some language referencing changes from [[Search] onboarding agent page context awareness](#261404 (comment)) and [[Search] Onboarding agent api snippet context](#261405 (comment)) so merge it after those ## Summary The public onboarding skill is getting an update to consolidate vector solutions: [Consolidate search onboarding vector reference](elastic/agent-skills-sandbox#335 (comment)) That same consolidation should happen for the agent builder chat experience. The goal here is to catch more users seeking any vector db related solutions. We also make sure to prioritize usage of EIS and Jina. We also make sure to call out the agent builder's limitation in write access to the cluster and prioritize suggesting runnable API snippets over client specific code. Updated agent skill whitelist.
wildemat
added a commit
that referenced
this pull request
Apr 9, 2026
## Summary Having merged these changes: [[Search] add use-case-library skill to onboarding agent](#261403 (comment)) [[Search] onboarding agent page context awareness](#261404 (comment)) [[Search] Onboarding agent api snippet context](#261405 (comment)) [[Search] Consolidate vector skill for onboarding agent](#261406 (comment)) This PR adds a couple cleanup items: - Prioritize Jina as the default EIS model - Replace references to keyword/semantic/hybrid search with reference to the consolidated vector-hybrid-search skill
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Sign up for free
to join this conversation on GitHub.
Already have an account?
Sign in to comment
6 participants
Add this suggestion to a batch that can be applied as a single commit.This suggestion is invalid because no changes were made to the code.Suggestions cannot be applied while the pull request is closed.Suggestions cannot be applied while viewing a subset of changes.Only one suggestion per line can be applied in a batch.Add this suggestion to a batch that can be applied as a single commit.Applying suggestions on deleted lines is not supported.You must change the existing code in this line in order to create a valid suggestion.Outdated suggestions cannot be applied.This suggestion has been applied or marked resolved.Suggestions cannot be applied from pending reviews.Suggestions cannot be applied on multi-line comments.Suggestions cannot be applied while the pull request is queued to merge.Suggestion cannot be applied right now. Please check back later.
Summary
Adds a blip to the search onboarding agent's
AGENTS.mdabout using agent builder's page context to enrich the conversation