Content
Elastic Agent Builder MCP Server is Elastic's official MCP endpoint for
connecting external AI clients to Elastic Agent Builder tools. Instead of
running a standalone Elasticsearch MCP package, you connect the client to the
Kibana endpoint for the deployment and authenticate with an Elastic API key
scoped to the exact indices, Kibana space, and Agent Builder privileges the
assistant should use.
Use it when Claude needs a governed bridge into Elastic Agent Builder workflows
for logs, metrics, search, observability, security, or document exploration.
The useful part is also the risky part: the assistant sees whatever the API key
and configured Agent Builder tools can access, so the right default is a
short-lived, least-privilege API key tied to a narrow space and index pattern.
Features
- Official Elastic Agent Builder MCP endpoint documented by Elastic.
- Standard endpoint at
{KIBANA_URL}/api/agent_builder/mcp.
- Custom Kibana space endpoint at
{KIBANA_URL}/s/{SPACE_NAME}/api/agent_builder/mcp.
- Setup pattern for MCP clients such as Claude Desktop, Cursor, VS Code, and
similar clients.
- Uses
mcp-remote to bridge local MCP clients to the Kibana HTTP endpoint.
- API key authentication through an
Authorization: ApiKey ... header.
- Kibana application privilege requirements for Elastic Agent Builder.
- Elasticsearch index privilege scoping through role descriptors.
- Support for narrow production API keys that expose only selected index
patterns such as
logs-* or metrics-*.
- Explicit docs guidance to set API key expiration dates and rotate keys.
- Works with the Agent Builder tools configured in the target Elastic
deployment and Kibana space.
Use Cases
- Let Claude inspect approved Elastic logs or metrics indexes during incident
triage without giving it broad cluster access.
- Expose a narrow Agent Builder toolset for support investigations in one
Kibana space.
- Query selected observability indices and summarize recurring errors,
affected services, or recent patterns.
- Use an API key scoped to
logs-* and metrics-* while keeping sensitive
security or customer-data indices out of the assistant's reach.
- Test Agent Builder tools from Claude Desktop, Cursor, or VS Code before
publishing them to a wider team.
- Reproduce a 403 by checking whether the API key includes the required Kibana
Agent Builder application privileges.
Installation
Default Kibana space
Set the Kibana URL and API key:
export KIBANA_URL="https://your-deployment.kb.us-central1.gcp.cloud.es.io"
export API_KEY="your-api-key"
Then configure the MCP client with mcp-remote:
{
"mcpServers": {
"elastic-agent-builder": {
"command": "npx",
"args": [
"mcp-remote",
"${KIBANA_URL}/api/agent_builder/mcp",
"--header",
"Authorization:${AUTH_HEADER}"
],
"env": {
"KIBANA_URL": "${KIBANA_URL}",
"AUTH_HEADER": "ApiKey ${API_KEY}"
}
}
}
}
Custom Kibana space
For a non-default Kibana space, include the space segment:
{
"mcpServers": {
"elastic-agent-builder": {
"command": "npx",
"args": [
"mcp-remote",
"${KIBANA_URL}/s/${SPACE_NAME}/api/agent_builder/mcp",
"--header",
"Authorization:${AUTH_HEADER}"
],
"env": {
"KIBANA_URL": "${KIBANA_URL}",
"SPACE_NAME": "default",
"AUTH_HEADER": "ApiKey ${API_KEY}"
}
}
}
}
API key shape
Elastic's docs show an API key role descriptor with cluster access for
inference monitoring, index-level read and view_index_metadata, and Kibana
application privileges for Agent Builder. For production, restrict index names
to the smallest useful patterns:
{
"indices": [
{
"names": ["logs-*", "metrics-*"],
"privileges": ["read", "view_index_metadata"]
}
],
"applications": [
{
"application": "kibana-.kibana",
"privileges": ["feature_agentBuilder.read", "feature_actions.read"],
"resources": ["space:default"]
}
]
}
Examples
Inspect approved logs
Use Elastic Agent Builder MCP to summarize recurring errors in the approved logs-* indices from the last 30 minutes. Do not change detections, dashboards, or workflows.
Verify MCP permissions
Before querying data, confirm which Kibana space and index patterns this Elastic MCP connection can access.
Debug 403 access
Use the Elastic MCP setup context to explain why the current API key might receive 403 Forbidden when connecting to the Agent Builder endpoint.
Keep scope narrow
Only use Elastic Agent Builder MCP tools that read logs and metrics. Avoid security, customer-data, or broad wildcard index queries.
Source Notes
- Elastic's official docs describe the MCP server as a standardized interface
for external clients to access Elastic Agent Builder tools.
- Elastic documents the endpoint as
{KIBANA_URL}/api/agent_builder/mcp and
the custom-space variant as {KIBANA_URL}/s/{SPACE_NAME}/api/agent_builder/mcp.
- Elastic's client example uses
npx mcp-remote with an API key authorization
header.
- Elastic documents required Kibana application privileges for Agent Builder
and notes that missing
feature_agentBuilder.read causes a 403 Forbidden
connection failure.
- Elastic's best practices recommend API key expiration dates and limiting API
keys to only the indices the tools need to access.
Duplicate Check
Checked current upstream/main, open PR titles, open PR changed files, source
URLs, and content files for Elastic Agent Builder MCP, Elastic MCP,
Elasticsearch MCP, elastic-agent-builder-mcp-server,
/api/agent_builder/mcp, and
elastic.co/docs/explore-analyze/ai-features/agent-builder/mcp-server.
Existing content mentions Elastic only in broad infrastructure, search, or
observability examples; there is no dedicated Elastic Agent Builder MCP Server
entry, source URL duplicate, or open content PR for this server.
Editorial Disclosure
Elastic is a commercial search, observability, and security platform with
open-source components, but this listing is not sponsored, paid,
affiliate-backed, or submitted by Elastic. Use Elastic's current Agent Builder
docs, Kibana space model, API key privileges, and deployment policies as the
source of truth before connecting sensitive indices to any AI client.