Elasticsearch

Overview

Elasticsearch is a distributed, RESTful search and analytics engine capable of addressing a growing number of use cases. It provides real-time search and analytics for all types of data. With the integration in SquadOS, your agents can query indices, list data structures, and check the health of Elasticsearch clusters directly in automation workflows.

• Composio documentation: docs.composio.dev/toolkits/elasticsearch

Authentication

This tool uses API key (API_KEY) or Basic auth (username/password) (BASIC) to connect.

You will need the following fields:

Field	Required	Description
api_key	Yes (for API_KEY)	API key generated in the Elasticsearch dashboard to authenticate requests.
username	Yes (for BASIC)	Elasticsearch account username.
password	Yes (for BASIC)	Elasticsearch account password.

How to get credentials

Using an API key (recommended):

1. Access your Elasticsearch cluster dashboard (Kibana or Elastic Cloud Console).
2. Go to Stack Management → Security → API Keys.
3. Click Create API key.
4. Set a name for the key and configure the required permissions (read/write access to the desired indices).
5. Click Create and copy the generated key — it is only shown once.

Using Basic auth:

1. Use the username and password of an Elasticsearch user with adequate permissions.
2. For Elastic Cloud clusters, find credentials under Security → Users.

Tip

Prefer API keys over username/password in production. Keys can be revoked individually without affecting other integrations and allow fine-grained permission control per index.

How to connect in SquadOS

1. Go to Tools in the side menu (/admin/tools).
2. Open the Available tab and search for Elasticsearch.
3. Click the card to open the details modal and hit Connect.
4. You’re taken to the secure connection page hosted by Composio, where you enter the credentials obtained above.
5. Once done, you’re sent back to SquadOS with the account connected and the tool available for your agents. (Connection-flow details in Organization Tools.)

Available actions

Get Index Schema

ELASTICSEARCH_GET_INDEX_SCHEMA

Tool to get the complete schema/mapping of a specific Elasticsearch index. Use when you need to understand the structure, field types, and mappings of an index.

Input parameters

Name	Type	Required	Description
index_name	string	Yes	The name of the index to get schema information for.

Output

Name	Type	Required	Description
data	string	Yes	Data from the action execution.
error	string	No	Error if any occurred during the execution of the action.
successful	boolean	Yes	Whether or not the action execution was successful.

List Indices

ELASTICSEARCH_LIST_INDICES

Tool to list all available Elasticsearch indices. Use when you need to get a list of indices in your Elasticsearch cluster, optionally filtering by pattern, health status, or other criteria.

Input parameters

Name	Type	Required	Description
index	string	No	A comma-separated string of index names or wildcard expressions to limit the returned information. For example, my-index-*,another-index. If not provided, information for all indices is returned.
health	string	No	The health status to filter indices by (green, yellow, or red).
sort_by	string	No	A comma-separated string of column names to sort by. For example, index,health.
expand_wildcards	string	No	Type of index that wildcard patterns can match. Supports comma-separated values, e.g., open,hidden. all matches all indices by default. Options: open, closed, hidden, none, all.
include_primary_shards_only	boolean	No	If true, only shows information about primary shards.

Output

Name	Type	Required	Description
data	string	Yes	Data from the action execution.
error	string	No	Error if any occurred during the execution of the action.
successful	boolean	Yes	Whether or not the action execution was successful.

Ping Cluster

ELASTICSEARCH_PING_CLUSTER

Tool to ping the Elasticsearch cluster and check if it is running. Use when you need to verify cluster connectivity and health status before performing operations.

Output

Name	Type	Required	Description
data	string	Yes	Data from the action execution.
error	string	No	Error if any occurred during the execution of the action.
successful	boolean	Yes	Whether or not the action execution was successful.

Query Index

ELASTICSEARCH_QUERY_INDEX

Tool to query an Elasticsearch index with various filters, time ranges, and pagination support. Use when you need to search for documents in an index with complex filtering criteria.

Input parameters

Name	Type	Required	Description
from	integer	No	Starting offset for pagination (default: 0).
size	integer	No	Number of results to return (default: 10, max: 1000 to prevent context overload).
sort	array	No	Sort order for results.
query	string	No	Free text search query (uses query_string query).
fields	array	No	Specific fields to return (if not specified, returns all fields).
highlight	boolean	No	Enable highlighting for search terms.
index_name	string	Yes	The name of the index to query. Must be a non-empty string.
time_filter	object	No	Time-based filter for timestamp fields.
term_filters	array	No	Exact term filters for specific field values.
range_filters	array	No	Range filters for numeric or date fields.
include_aggregations	boolean	No	Include aggregations in the response.

Output

Name	Type	Required	Description
data	string	Yes	Data from the action execution.
error	string	No	Error if any occurred during the execution of the action.
successful	boolean	Yes	Whether or not the action execution was successful.