Skip to main content
Login
Start free trialContact Sales

New

Read more
About usPartnersSupport|Login

AI, out-of-the-box!

Elastic's GenAI capabilities are now available by default in Elastic Cloud

By

Amena Siddiqi,

James Spiteri

blog-Elastic_Managed_LLM_Blog.jpg

Elastic AI features in Elastic Security, Observability, and Search are now enabled by default in Elastic Cloud.

Getting started with generative AI (GenAI) shouldn’t be a project in itself. Too often teams encounter organizational friction that slows adoption of AI-based features, from third-party contracts and external API keys, to additional terms of service and billing management. With the Elastic Managed LLM, you can sidestep these blockers and get powerful AI features for automatic ingest, threat detection, problem investigation, root cause analysis, and more, ready to go from day one.

Prefer your own model? We’ve got you covered there, too, with the ability to integrate any popular third-party LLM of your choosing.

AI for security: Faster detection, investigation, and response

AI in security is most effective when it’s frictionless to access and built into existing workflows. With Elastic’s Managed LLM, now preconfigured in Elastic Security, analysts can start detecting threats faster, automate investigations, and streamline response without any setup.

Easily get started with all the AI capabilities across Elastic Security, including:

  • Attack Discovery: Attack Discovery holistically assesses incoming alerts to reveal advancing attacks, guiding analysts to stop them. With support for alert filtering and custom date ranges, you have full control over what gets analyzed, helping Elastic Security surface what matters.
  • AI Assistant for Security: The AI Assistant guides analysts through triage, investigation, and response and helps admins with routine tasks. AI Assistant lets SOC analysts use natural language to ask complex security questions and is grounded in enterprise knowledge through retrieval augmented generation (RAG) to quickly provide context-rich, accurate results, eliminating the need for analysts to craft complex queries. 
  • Automatic Import: Automatic Import extends visibility — and powers detection rules — by onboarding custom data sources in minutes.
  • Automatic Migration: Automatic Migration helps teams move off legacy SIEMs faster by automating the migration of detection rules to Elastic Security. It uses an AI-driven workflow to translate, validate, and map rules — so you can modernize without starting from scratch.
  • Automatic Troubleshooting: Automatic Troubleshooting simplifies endpoint deployment by detecting software conflicts — like antivirus or EDR — before they cause issues. Using generative AI, it identifies installed tools and guides you through resolving conflicts, so Elastic Agent can be deployed smoothly and reliably.
attack discovery

Out-of-the-box AI for SREs: Accelerated problem resolution

All AI features in Elastic Observability are ready to use out of the box — no setup required. Teams can accelerate root cause analysis, streamline incident response, and start getting value from generative AI on day one. For organizations that need more control, connecting a preferred LLM is still fully supported.

The Elastic Managed LLM powers all generative AI capabilities in Elastic Observability, including:

  • AI Assistant for Observability: The AI Assistant combines generative AI with RAG to reduce hallucinations and improve accuracy by grounding responses in your organization’s knowledge, including runbooks, past incidents, trouble tickets, documentation, and GitHub issues. It helps SREs troubleshoot faster by generating queries, dashboards, and visualizations to surface relevant data and enables natural language investigation across logs, metrics, and traces. In addition to conversational guidance, the AI Assistant also delivers embedded contextual insights directly in the UI, explaining log messages and APM errors without requiring a chat session.

  • Automatic Import: By automating the development of bespoke ingest pipelines, the Automatic Import feature extends Elastic’s 400+ out-of-the-box integrations with support for custom use cases. It reduces ingest time required from several days to less than 10 minutes and significantly lowers the learning curve for onboarding unstructured data. It builds a custom ingest pipeline based on sample data that accurately maps raw data into Elastic Common Schema (ECS) and custom fields, populates contextual information, and categorizes events. 

Video thumbnail

AI for developers: Prototype and test GenAI capabilities from day one

With the default Elastic Managed LLM, AI Playground and the Search AI Assistant are ready to use out of the box, without need for additional setup or API keys for an external model. Playground offers a low-code interface for rapidly prototyping RAG workflows with your own data. Now, you can test the latest GenAI capabilities and start building instantly — no model configuration needed. If you prefer your own model, you still have the flexibility to use the open inference API to connect any provider or custom endpoint of your choice.

AI playground

Elastic’s unique approach to AI

Elastic delivers AI where it matters most, natively integrated with your data, workflows, and use cases. With a default managed LLM enabled out of the box, teams can start using AI immediately, without setup or third-party contracts. For more flexibility, developers can also connect to public LLMs using Elastic’s open inference API.

What truly sets Elastic apart is how it combines Search AI capabilities for security and observability:

  • Retrieval augmented generation (RAG) is built in using Elastic’s native vector database with embeddings sourcing relevant context from your environment. AI features can reference your internal knowledge bases (runbooks, incidents, documentation, GitHub issues, etc.) to enable relevant and grounded responses.

  • Unified access to all your data means AI isn’t limited to predefined datasets. With 400+ integrations combined with other organizational knowledge sources, Elastic can enrich AI insights with logs, metrics, traces, runbooks, and more, all indexed and searchable in one place.

  • Search and analytics leverage Elastic’s platform strengths: fast query execution, aggregations, and built-in functions — ensuring AI-driven insights are grounded in real-time data and provide accurate and actionable results.

With the default LLM, you get:

  • A model tested and evaluated by Elastic.

  • Integrated billing and platform governance — linked to your Elastic subscription with no separate accounts, terms of service, or compliance gaps. Data is handled securely and adheres to the privacy and security controls you’ve already put in place.

  • Single-vendor support, so your team isn’t stuck chasing third parties.

  • Zero config in most cases — AI is simply ready when you are.

Whether you need speed, control, or customization, Elastic gives you a flexible, production-ready AI stack designed for how modern teams work.

Get started using AI in Elastic right away

The default Elastic Managed LLM brings AI to life from day one — no setup or extra configuration required. Start applying generative AI to threat investigation, performance troubleshooting, and more across Elastic Security and Observability. Need something more tailored? Elastic also supports connections to public LLMs, giving you flexibility without friction. Whether you use the default model or connect your own, Elastic gets you to AI-powered insights faster. 

The simplest way to get started with Elastic Security, Observability, and Search is on Elastic Cloud Serverless. Try it now.

Refer to the Elastic Managed LLM documentation and AI FAQ for the most up-to-date details.

The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all.

In this blog post, we may have used or referred to third party generative AI tools, which are owned and operated by their respective owners. Elastic does not have any control over the third party tools and we have no responsibility or liability for their content, operation or use, nor for any loss or damage that may arise from your use of such tools. Please exercise caution when using AI tools with personal, sensitive or confidential information. Any data you submit may be used for AI training or other purposes. There is no guarantee that information you provide will be kept secure or confidential. You should familiarize yourself with the privacy practices and terms of use of any generative AI tools prior to use. 

Elastic, Elasticsearch, and associated marks are trademarks, logos, or registered trademarks of Elasticsearch N.V. in the United States and other countries. All other company and product names are trademarks, logos or registered trademarks of their respective owners.

Sign up for Elastic Cloud free trial

Spin up a fully loaded deployment on the cloud provider you choose. As the company behind Elasticsearch, we bring our features and support to your Elastic clusters in the cloud.

Start free trial