From ef0e0db924ce062e7d5e24207c41cf93892dce28 Mon Sep 17 00:00:00 2001 From: Kenneth Kreindler Date: Thu, 17 Jul 2025 10:30:44 +0100 Subject: [PATCH 1/8] Include in documentation changes to ES|QL generation in the security AI assistant --- solutions/security/ai/ai-assistant.md | 6 ++++++ 1 file changed, 6 insertions(+) diff --git a/solutions/security/ai/ai-assistant.md b/solutions/security/ai/ai-assistant.md index ac54e723a1..3a14af8800 100644 --- a/solutions/security/ai/ai-assistant.md +++ b/solutions/security/ai/ai-assistant.md @@ -165,6 +165,12 @@ The **Knowledge base** tab of the **Security AI settings** page allows you to en Elastic AI Assistant allows you to take full advantage of the {{elastic-sec}} platform to improve your security operations. It can help you write an {{esql}} query for a particular use case, or answer general questions about how to use the platform. Its ability to assist you depends on the specificity and detail of your questions. The more context and detail you provide, the more tailored and useful its responses will be. +```{applies_to} +serverless: ga +stack: ga 9.1 +``` +The agent has access to index names and field metadata from your cluster. This contextual information is used to improve ES|QL generation, which may result in slightly longer response times. + To maximize its usefulness, consider using more detailed prompts or asking for additional information. For instance, after asking for an {{esql}} query example, you could ask a follow-up question like, “Could you give me some other examples?” You can also ask for clarification or further exposition, for example "Provide comments explaining the query you just gave." In addition to practical advice, AI Assistant can offer conceptual advice, tips, and best practices for enhancing your security measures. You can ask it, for example: From 8175ddc25d6374aa1cec1c18637c9143d126c170 Mon Sep 17 00:00:00 2001 From: Kenneth Kreindler <42113355+KDKHD@users.noreply.github.com> Date: Thu, 17 Jul 2025 10:33:11 +0100 Subject: [PATCH 2/8] Update solutions/security/ai/ai-assistant.md --- solutions/security/ai/ai-assistant.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/solutions/security/ai/ai-assistant.md b/solutions/security/ai/ai-assistant.md index 3a14af8800..0175ab2634 100644 --- a/solutions/security/ai/ai-assistant.md +++ b/solutions/security/ai/ai-assistant.md @@ -169,7 +169,7 @@ Elastic AI Assistant allows you to take full advantage of the {{elastic-sec}} pl serverless: ga stack: ga 9.1 ``` -The agent has access to index names and field metadata from your cluster. This contextual information is used to improve ES|QL generation, which may result in slightly longer response times. +The agent has access to index names and field metadata from your cluster. This contextual information is used to improve ES|QL generation. This change may result in slightly longer response times. To maximize its usefulness, consider using more detailed prompts or asking for additional information. For instance, after asking for an {{esql}} query example, you could ask a follow-up question like, “Could you give me some other examples?” You can also ask for clarification or further exposition, for example "Provide comments explaining the query you just gave." From 928e56c495d667307511bd85fa34cb7416dc000f Mon Sep 17 00:00:00 2001 From: Kenneth Kreindler Date: Thu, 17 Jul 2025 10:42:04 +0100 Subject: [PATCH 3/8] Include in documentation changes to ES|QL generation in the security AI assistant --- solutions/security/ai/ai-assistant.md | 8 +++----- 1 file changed, 3 insertions(+), 5 deletions(-) diff --git a/solutions/security/ai/ai-assistant.md b/solutions/security/ai/ai-assistant.md index 3a14af8800..47469628ac 100644 --- a/solutions/security/ai/ai-assistant.md +++ b/solutions/security/ai/ai-assistant.md @@ -165,11 +165,9 @@ The **Knowledge base** tab of the **Security AI settings** page allows you to en Elastic AI Assistant allows you to take full advantage of the {{elastic-sec}} platform to improve your security operations. It can help you write an {{esql}} query for a particular use case, or answer general questions about how to use the platform. Its ability to assist you depends on the specificity and detail of your questions. The more context and detail you provide, the more tailored and useful its responses will be. -```{applies_to} -serverless: ga -stack: ga 9.1 -``` -The agent has access to index names and field metadata from your cluster. This contextual information is used to improve ES|QL generation, which may result in slightly longer response times. +:::{note} +The agent has access to index names and field metadata from your cluster. This contextual information is used to improve ES|QL generation, which may result in slightly longer response times. {applies_to}`stack: ga 9.1` +::: To maximize its usefulness, consider using more detailed prompts or asking for additional information. For instance, after asking for an {{esql}} query example, you could ask a follow-up question like, “Could you give me some other examples?” You can also ask for clarification or further exposition, for example "Provide comments explaining the query you just gave." From d5ffa197487c47c953ba5db0e674a541238af082 Mon Sep 17 00:00:00 2001 From: Kenneth Kreindler Date: Thu, 17 Jul 2025 10:43:49 +0100 Subject: [PATCH 4/8] Include in documentation changes to ES|QL generation in the security AI assistant --- solutions/security/ai/ai-assistant.md | 4 +--- 1 file changed, 1 insertion(+), 3 deletions(-) diff --git a/solutions/security/ai/ai-assistant.md b/solutions/security/ai/ai-assistant.md index 5d1a159a80..21db001db8 100644 --- a/solutions/security/ai/ai-assistant.md +++ b/solutions/security/ai/ai-assistant.md @@ -165,9 +165,7 @@ The **Knowledge base** tab of the **Security AI settings** page allows you to en Elastic AI Assistant allows you to take full advantage of the {{elastic-sec}} platform to improve your security operations. It can help you write an {{esql}} query for a particular use case, or answer general questions about how to use the platform. Its ability to assist you depends on the specificity and detail of your questions. The more context and detail you provide, the more tailored and useful its responses will be. -:::{note} -The agent has access to index names and field metadata from your cluster. This contextual information is used to improve ES|QL generation. This change may result in slightly longer response times. {applies_to}`stack: ga 9.1` -::: +{applies_to}`stack: ga 9.1` {applies_to}`serverless: ga` The agent has access to index names and field metadata from your cluster. This contextual information is used to improve ES|QL generation, and may result in slightly longer response times. To maximize its usefulness, consider using more detailed prompts or asking for additional information. For instance, after asking for an {{esql}} query example, you could ask a follow-up question like, “Could you give me some other examples?” You can also ask for clarification or further exposition, for example "Provide comments explaining the query you just gave." From 740eeae6a40e1acdf85d35ba6efa8d4010124de8 Mon Sep 17 00:00:00 2001 From: Kenneth Kreindler <42113355+KDKHD@users.noreply.github.com> Date: Thu, 17 Jul 2025 10:49:17 +0100 Subject: [PATCH 5/8] Update solutions/security/ai/ai-assistant.md Co-authored-by: florent-leborgne --- solutions/security/ai/ai-assistant.md | 4 +++- 1 file changed, 3 insertions(+), 1 deletion(-) diff --git a/solutions/security/ai/ai-assistant.md b/solutions/security/ai/ai-assistant.md index 21db001db8..dafd4d644b 100644 --- a/solutions/security/ai/ai-assistant.md +++ b/solutions/security/ai/ai-assistant.md @@ -165,7 +165,9 @@ The **Knowledge base** tab of the **Security AI settings** page allows you to en Elastic AI Assistant allows you to take full advantage of the {{elastic-sec}} platform to improve your security operations. It can help you write an {{esql}} query for a particular use case, or answer general questions about how to use the platform. Its ability to assist you depends on the specificity and detail of your questions. The more context and detail you provide, the more tailored and useful its responses will be. -{applies_to}`stack: ga 9.1` {applies_to}`serverless: ga` The agent has access to index names and field metadata from your cluster. This contextual information is used to improve ES|QL generation, and may result in slightly longer response times. +:::{note} +{applies_to}`stack: ga 9.1` {applies_to}`serverless: ga` The agent has access to index names and field metadata from your cluster. This contextual information is used to improve {{esql}} generation, and may result in slightly longer response times. +::: To maximize its usefulness, consider using more detailed prompts or asking for additional information. For instance, after asking for an {{esql}} query example, you could ask a follow-up question like, “Could you give me some other examples?” You can also ask for clarification or further exposition, for example "Provide comments explaining the query you just gave." From c4fad6344b6fca7a42b77d98d0c1a18a130c9311 Mon Sep 17 00:00:00 2001 From: Kenneth Kreindler Date: Thu, 17 Jul 2025 11:01:37 +0100 Subject: [PATCH 6/8] Include in documentation changes to ES|QL generation in the security AI assistant --- solutions/security/ai/ai-assistant.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/solutions/security/ai/ai-assistant.md b/solutions/security/ai/ai-assistant.md index dafd4d644b..efe46f21dc 100644 --- a/solutions/security/ai/ai-assistant.md +++ b/solutions/security/ai/ai-assistant.md @@ -166,7 +166,7 @@ The **Knowledge base** tab of the **Security AI settings** page allows you to en Elastic AI Assistant allows you to take full advantage of the {{elastic-sec}} platform to improve your security operations. It can help you write an {{esql}} query for a particular use case, or answer general questions about how to use the platform. Its ability to assist you depends on the specificity and detail of your questions. The more context and detail you provide, the more tailored and useful its responses will be. :::{note} -{applies_to}`stack: ga 9.1` {applies_to}`serverless: ga` The agent has access to index names and field metadata from your cluster. This contextual information is used to improve {{esql}} generation, and may result in slightly longer response times. +{applies_to}`stack: ga 9.1` {applies_to}`serverless: ga` The agent has access to index names and field metadata from your cluster. This contextual information helps improve ES|QL generation, though it may slightly increase response times. ::: To maximize its usefulness, consider using more detailed prompts or asking for additional information. For instance, after asking for an {{esql}} query example, you could ask a follow-up question like, “Could you give me some other examples?” You can also ask for clarification or further exposition, for example "Provide comments explaining the query you just gave." From 8e46c10e59b854423e2b54c84e751e23b912fab1 Mon Sep 17 00:00:00 2001 From: Kenneth Kreindler Date: Thu, 17 Jul 2025 11:15:14 +0100 Subject: [PATCH 7/8] Include in documentation changes to ES|QL generation in the security AI assistant --- solutions/security/ai/ai-assistant.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/solutions/security/ai/ai-assistant.md b/solutions/security/ai/ai-assistant.md index efe46f21dc..1deccc429c 100644 --- a/solutions/security/ai/ai-assistant.md +++ b/solutions/security/ai/ai-assistant.md @@ -166,7 +166,7 @@ The **Knowledge base** tab of the **Security AI settings** page allows you to en Elastic AI Assistant allows you to take full advantage of the {{elastic-sec}} platform to improve your security operations. It can help you write an {{esql}} query for a particular use case, or answer general questions about how to use the platform. Its ability to assist you depends on the specificity and detail of your questions. The more context and detail you provide, the more tailored and useful its responses will be. :::{note} -{applies_to}`stack: ga 9.1` {applies_to}`serverless: ga` The agent has access to index names and field metadata from your cluster. This contextual information helps improve ES|QL generation, though it may slightly increase response times. +{applies_to}`stack: ga 9.1` {applies_to}`stack: ga 8.19` {applies_to}`serverless: ga` The agent has access to index names and field metadata from your cluster. This contextual information helps improve ES|QL generation, though it may slightly increase response times. ::: To maximize its usefulness, consider using more detailed prompts or asking for additional information. For instance, after asking for an {{esql}} query example, you could ask a follow-up question like, “Could you give me some other examples?” You can also ask for clarification or further exposition, for example "Provide comments explaining the query you just gave." From 774096fdf3509caa1549f726c5a75ac1128b9b73 Mon Sep 17 00:00:00 2001 From: Kenneth Kreindler <42113355+KDKHD@users.noreply.github.com> Date: Thu, 17 Jul 2025 12:25:01 +0100 Subject: [PATCH 8/8] Update solutions/security/ai/ai-assistant.md Co-authored-by: florent-leborgne --- solutions/security/ai/ai-assistant.md | 2 +- 1 file changed, 1 insertion(+), 1 deletion(-) diff --git a/solutions/security/ai/ai-assistant.md b/solutions/security/ai/ai-assistant.md index 1deccc429c..efe46f21dc 100644 --- a/solutions/security/ai/ai-assistant.md +++ b/solutions/security/ai/ai-assistant.md @@ -166,7 +166,7 @@ The **Knowledge base** tab of the **Security AI settings** page allows you to en Elastic AI Assistant allows you to take full advantage of the {{elastic-sec}} platform to improve your security operations. It can help you write an {{esql}} query for a particular use case, or answer general questions about how to use the platform. Its ability to assist you depends on the specificity and detail of your questions. The more context and detail you provide, the more tailored and useful its responses will be. :::{note} -{applies_to}`stack: ga 9.1` {applies_to}`stack: ga 8.19` {applies_to}`serverless: ga` The agent has access to index names and field metadata from your cluster. This contextual information helps improve ES|QL generation, though it may slightly increase response times. +{applies_to}`stack: ga 9.1` {applies_to}`serverless: ga` The agent has access to index names and field metadata from your cluster. This contextual information helps improve ES|QL generation, though it may slightly increase response times. ::: To maximize its usefulness, consider using more detailed prompts or asking for additional information. For instance, after asking for an {{esql}} query example, you could ask a follow-up question like, “Could you give me some other examples?” You can also ask for clarification or further exposition, for example "Provide comments explaining the query you just gave."