[Agent Builder] Provide tools docs #3441
+149
−13
There are no files selected for viewing
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,60 @@ | ||
| --- | ||
| navigation_title: "ES|QL tools" | ||
| applies_to: | ||
| stack: preview 9.2 | ||
| serverless: | ||
| elasticsearch: preview | ||
| --- | ||
|
|
||
| :::{warning} | ||
| These pages are currently hidden from the docs TOC and have `noindexed` meta headers. | ||
|
|
||
| **Go to the docs [landing page](/solutions/search/elastic-agent-builder.md).** | ||
| ::: | ||
|
|
||
| # {{esql}} tools | ||
|
|
||
| {{esql}} query tools enable you to create parameterized queries that execute directly against your {{es}} data. These custom tools provide precise control over data retrieval through templated {{esql}} statements. | ||
|
|
||
| ## When to use {{esql}} tools | ||
|
|
||
| Use custom **{{esql}} tools** when: | ||
|
|
||
| * You need precise control over the query logic | ||
| * Your use case involves repeatable analytical patterns | ||
| * You want to expose specific, parameterized queries to agents | ||
| * Results should be in a predictable tabular format | ||
| * You have well-defined data retrieval requirements | ||
|
|
||
| ## Key characteristics | ||
|
|
||
| * Execute pre-defined {{esql}} queries with dynamic parameters | ||
| * Support typed parameters | ||
| * Return results in tabular format for structured data analysis | ||
| * Ideal for repeatable analytical queries with variable inputs | ||
|
|
||
| ## Parameter types | ||
|
|
||
| {{esql}} tools support the following parameter types: | ||
|
|
||
| * **String types**: `text`, `keyword` | ||
| * **Numeric types**: `long`, `integer`, `double`, `float` | ||
| * **Other types**: `boolean`, `date`, `object`, `nested` | ||
|
|
||
| ## Parameter options | ||
|
|
||
| Parameters can be configured as: | ||
|
|
||
| * **Required**: Must be provided by the agent when calling the tool | ||
| * **Optional**: Can be omitted; uses `null` if no default is specified | ||
|
|
||
| ## Query syntax | ||
|
|
||
| In your {{esql}} query, reference parameters using the `?parameter_name` syntax. The agent will automatically interpolate parameter values when executing the query. | ||
|
|
||
|
|
||
| ## Best practices | ||
|
|
||
| - **Include LIMIT clauses**: Prevent returning excessive results by setting reasonable limits | ||
| - **Use meaningful parameter names**: Choose names that clearly indicate what the parameter represents (e.g., `start_date` instead of `date1`) | ||
| - **Provide clear descriptions**: Help agents understand when and how to use each parameter | ||
jedrazb marked this conversation as resolved.
Show resolved
Hide resolved
|
||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
| Original file line number | Diff line number | Diff line change |
|---|---|---|
| @@ -0,0 +1,69 @@ | ||
| --- | ||
| navigation_title: "Index search tools" | ||
| applies_to: | ||
| stack: preview 9.2 | ||
| serverless: | ||
| elasticsearch: preview | ||
| --- | ||
|
|
||
| :::{warning} | ||
| These pages are currently hidden from the docs TOC and have `noindexed` meta headers. | ||
|
|
||
| **Go to the docs [landing page](/solutions/search/elastic-agent-builder.md).** | ||
| ::: | ||
|
|
||
| # Index search tools | ||
|
|
||
| Index search tools provide intelligent, natural language-driven search over specified {{es}} resources. Instead of defining explicit queries, you specify a pattern of indices, aliases, or data streams, and the tool uses a combination of built-in capabilities to intelligently interpret and execute search requests. | ||
jedrazb marked this conversation as resolved.
Outdated
Show resolved
Hide resolved
|
||
|
|
||
| ## When to use index search tools | ||
|
|
||
| Use custom **Index search tools** when: | ||
|
|
||
| * You want agents to handle diverse, exploratory queries | ||
| * The search intent varies significantly across requests | ||
| * Users need flexible, ad-hoc search functionality | ||
| * You want to scope general search capabilities to specific indices | ||
|
|
||
| ## Key characteristics | ||
|
|
||
| * Accept natural language queries from the agent | ||
| * Automatically determine optimal search strategy (full-text, semantic) | ||
| * Leverage built-in tools like index exploration, query generation, and semantic search | ||
| * Ideal for flexible, user-driven exploratory searches | ||
| * No need to pre-define query logic | ||
|
|
||
| ## Configuration | ||
|
|
||
| Index search tools require only a single configuration parameter: | ||
|
|
||
| * **`pattern`**: An index pattern string (e.g., `logs-*`, `my-index`, `.alerts-*`) specifying which indices, aliases, or data streams to search | ||
|
|
||
| ## How it works | ||
|
|
||
| When an agent calls an index search tool: | ||
|
|
||
| 1. The agent provides a natural language query (e.g., "find recent errors related to authentication") | ||
| 2. The tool analyzes the query intent and available indices | ||
| 3. It automatically orchestrates built-in tools to: | ||
| - Explore the index structure and mappings | ||
| - Generate appropriate queries ({{esql}} or query DSL) | ||
| - Execute semantic search if relevant | ||
| - Rank and format results | ||
| 4. Returns results in a format the agent can interpret and present | ||
|
|
||
|
|
||
| ## Best practices | ||
|
|
||
| - **Use specific patterns**: Scope tools to relevant index patterns rather than broad wildcards (e.g., `logs-myapp-*` instead of `logs-*`) | ||
| - **Write descriptive tool names**: Help agents select the right tool for the query (e.g., "Search Security Alerts" vs. "Search Tool") | ||
| - **Provide context in descriptions**: Explain what data the indices contain and what types of questions the tool can answer | ||
| - **Create domain-specific tools**: Build separate tools for different data domains (logs, metrics, alerts) rather than one general-purpose tool | ||
|
|
||
|
|
||
| ## Common patterns | ||
|
|
||
| * **Wildcard patterns**: `logs-*`, `metrics-*`, `events-*` | ||
| * **Specific indices**: `products`, `users`, `orders` | ||
| * **System indices**: `.alerts-security-*`, `.ml-anomalies-*` | ||
| * **All resources**: `*` | ||
This file contains hidden or bidirectional Unicode text that may be interpreted or compiled differently than what appears below. To review, open the file in an editor that reveals hidden Unicode characters.
Learn more about bidirectional Unicode characters
Oops, something went wrong.
Add this suggestion to a batch that can be applied as a single commit.
This suggestion is invalid because no changes were made to the code.
Suggestions cannot be applied while the pull request is closed.
Suggestions cannot be applied while viewing a subset of changes.
Only one suggestion per line can be applied in a batch.
Add this suggestion to a batch that can be applied as a single commit.
Applying suggestions on deleted lines is not supported.
You must change the existing code in this line in order to create a valid suggestion.
Outdated suggestions cannot be applied.
This suggestion has been applied or marked resolved.
Suggestions cannot be applied from pending reviews.
Suggestions cannot be applied on multi-line comments.
Suggestions cannot be applied while the pull request is queued to merge.
Suggestion cannot be applied right now. Please check back later.
Uh oh!
There was an error while loading. Please reload this page.