Create an API key in Elastic Cloud's Kibana UI with read and monitor access so AiStrike can integrate via API.
Required details
Collect the following from your Elastic Cloud deployment:
-
Elasticsearch Endpoint — click your deployment name in the top nav, choose Manage this deployment, then under Applications click Elasticsearch → Copy Endpoint.
-
Cloud ID — copy it from the same page.
-
API Key — generate it in Kibana (below).
Create an API key in Kibana
-
Log in to your Elastic Cloud deployment with a user who can manage API keys.
-
Go to Kibana → Management → Stack Management → Security → API Keys.
-
Click Create API Key and set a name (e.g.
AIStrike_API_Key). -
Choose User API Key, toggle Control security privileges, and grant all monitor and read permissions at the cluster level. For indices, set names =
*and privileges =read,view_index_metadata,monitor. -
Click Create API Key and store it securely.
Sample API key policy
{
"read-only-role": {
"cluster": [
"monitor", "monitor_enrich", "monitor_inference",
"monitor_ml", "monitor_transform", "read_pipeline", "read_security"
],
"indices": [
{
"names": ["*"],
"privileges": ["read", "view_index_metadata", "monitor"],
"allow_restricted_indices": false
}
]
}
}
Provide the Cloud ID, Elasticsearch Endpoint, and API Key to the AiStrike team.
IP traffic filter
If your deployment has IP-based restrictions, allowlist these AiStrike IPs:
3.135.165.25/32 3.148.24.98/32 3.148.93.249/32
3.14.192.137/32 13.201.28.59/32 18.223.178.199/32
52.15.138.222/32 54.246.180.34/32 63.35.37.74/32
54.220.227.162/32
To create a traffic filter: in the Elastic Cloud console go to Security > Traffic filters > Create rule set, choose type IP address, enter the AiStrike prefixes, and save. Then open your deployment > Manage deployment > Manage traffic filters and associate the rule set.