AiStrike Documentation

Elastic

Create an API key in Elastic Cloud's Kibana UI with read and monitor access so AiStrike can integrate via API.

Required details

Collect the following from your Elastic Cloud deployment:

  • Elasticsearch Endpoint — click your deployment name in the top nav, choose Manage this deployment, then under Applications click Elasticsearch → Copy Endpoint.

  • Cloud ID — copy it from the same page.

  • API Key — generate it in Kibana (below).

Create an API key in Kibana

  1. Log in to your Elastic Cloud deployment with a user who can manage API keys.

  2. Go to Kibana → Management → Stack Management → Security → API Keys.

  3. Click Create API Key and set a name (e.g. AIStrike_API_Key).

  4. Choose User API Key, toggle Control security privileges, and grant all monitor and read permissions at the cluster level. For indices, set names = * and privileges = read, view_index_metadata, monitor.

  5. Click Create API Key and store it securely.

Sample API key policy

{
  "read-only-role": {
    "cluster": [
      "monitor", "monitor_enrich", "monitor_inference",
      "monitor_ml", "monitor_transform", "read_pipeline", "read_security"
    ],
    "indices": [
      {
        "names": ["*"],
        "privileges": ["read", "view_index_metadata", "monitor"],
        "allow_restricted_indices": false
      }
    ]
  }
}

Provide the Cloud ID, Elasticsearch Endpoint, and API Key to the AiStrike team.

IP traffic filter

If your deployment has IP-based restrictions, allowlist these AiStrike IPs:

3.135.165.25/32     3.148.24.98/32     3.148.93.249/32
3.14.192.137/32     13.201.28.59/32    18.223.178.199/32
52.15.138.222/32    54.246.180.34/32   63.35.37.74/32
54.220.227.162/32

To create a traffic filter: in the Elastic Cloud console go to Security > Traffic filters > Create rule set, choose type IP address, enter the AiStrike prefixes, and save. Then open your deployment > Manage deployment > Manage traffic filters and associate the rule set.