Exécutez n'importe quel Skill dans Manus
en un clic

Exécutez n'importe quel Skill dans Manus en un clic

$pwd:

obz-elasticsearch

Name: Obz Elasticsearch
Author: alibaba

// Elasticsearch provider for obz. Supports log search and trace operations using Elasticsearch Query DSL (Lucene-based). Requires --index flag. This skill should be used when the user mentions "Elasticsearch", "obz -p es", or needs to search logs or traces from an Elasticsearch cluster.

Exécuter dans Manus

$ git log --oneline --stat

stars:16

forks:3

updated:29 avril 2026 à 07:18

SKILL.md

readonly

name	obz-elasticsearch
description	Elasticsearch provider for obz. Supports log search and trace operations using Elasticsearch Query DSL (Lucene-based). Requires --index flag. This skill should be used when the user mentions "Elasticsearch", "obz -p es", or needs to search logs or traces from an Elasticsearch cluster.

obz-elasticsearch: Elasticsearch Provider

Quick Reference

Field	Value
Aliases	`es`, `elasticsearch`
Signals	Log, Trace
Query language	Elasticsearch Query DSL (Lucene-based)
Auth	Basic auth, bearer token, or API key (in config.yaml)
Provider flags	`--index` (required at runtime)
Supported cmds	log search, trace search, trace get

Supported Commands

obz log search       # Search log entries in an Elasticsearch index
obz trace search     # Search trace spans in an Elasticsearch index
obz trace get        # Retrieve a trace by ID from Elasticsearch

Provider-Specific Flags

Flag	Type	Required	Description
`--index`	String	Yes	Index name or pattern to query

The --index flag is declared optional at the clap level (so other providers don't error), but Elasticsearch enforces it at runtime.

Authentication

Configure auth in config.yaml under providers.<name>.auth. Priority: API key > bearer token > basic auth.

Basic auth:

# config.yaml
providers:
  es:
    endpoint: https://es.example.com
    index: logs-*
    auth:
      username: elastic
      password: ${env:ES_PASS}

Bearer token:

    auth:
      token: ${env:ES_TOKEN}

API key (Authorization: ApiKey <key>):

    auth:
      api-key: ${env:ES_API_KEY}

Then query with just -p:

obz log search -p es -q 'level:ERROR' --from now-1h

Query Language

Elasticsearch accepts Lucene-based query strings in the -q parameter. The syntax is nearly identical to OpenSearch.

Common Patterns

level:ERROR                          # field match
level:ERROR AND service:api          # boolean AND
status:(404 OR 500)                  # grouped OR
message:"connection refused"         # phrase match
host:web-* AND NOT path:/health      # wildcards and negation
response_time:[500 TO *]             # range query

Tips

Field names are case-sensitive and depend on your index mapping.
Use double quotes for exact phrase matches.
Leading wildcards (*error) are disabled by default for performance.

Elasticsearch vs OpenSearch

Both providers share the same query syntax and flag surface. The main difference is the backend API version and endpoint format.

Aspect	Elasticsearch	OpenSearch
Alias	`es`	`os`
Auth options	Basic + bearer + API key	Basic + bearer
API lineage	Elastic N.V.	AWS fork

If your cluster is OpenSearch, use the os provider instead.

Examples

Search logs by level:

obz log search -p es --index 'logs-*' -q 'level:ERROR' --from now-1h

Search with boolean operators:

obz log search -p es --index 'app-logs' \
  -q 'service:api AND status:500' --from now-6h

Search traces:

obz trace search -p es --index 'traces-*' -q 'service:frontend' --from now-1h

Retrieve a specific trace:

obz trace get -p es --index 'traces-*' abc123def456

related-skills.json

même dépôt

obz-greptimedb.md

from "alibaba/obz-cli"

GreptimeDB provider for obz. Covers PromQL metric query, labels, label-values, and series commands via GreptimeDB's Prometheus-compatible API. Use this skill when the user mentions "GreptimeDB", "Greptime", "obz metric -p greptimedb", or needs to query metrics stored in a GreptimeDB instance.

2026-05-1316

obz-core.md

from "alibaba/obz-cli"

Multi-backend observability CLI for querying metrics, logs, and traces across 12 backends. This skill should be used when the user runs obz commands, constructs metric/log/trace queries, configures providers, parses obz JSON output, or troubleshoots obz errors. Covers all core commands (metric query/list/info/labels/label-values/series, log search, trace search/get), global flags, time formats, output modes, config files, and exit codes.

2026-04-2916

obz-dd.md

from "alibaba/obz-cli"

Datadog provider for obz. Supports metrics (Datadog Query Language), logs (Datadog Log Query), and traces. Requires api-key and app-key configured under auth in config.yaml. Does not support metric labels, label-values, or series commands. This skill should be used when the user mentions "Datadog", "DD", "obz -p dd", Datadog Query Language, or needs to configure Datadog provider instances with regional endpoints.

2026-04-2916

obz-jaeger.md

from "alibaba/obz-cli"

Jaeger provider for obz. Covers trace search, trace retrieval by ID, and extension commands for service and operation discovery. This skill should be used when the user mentions "Jaeger", "obz trace -p jg", or needs to search distributed traces from a Jaeger backend.

2026-04-2916

obz-loki.md

from "alibaba/obz-cli"

Grafana Loki provider for obz. Covers log search using LogQL, a label-based query language for log aggregation. This skill should be used when the user mentions "Loki", "Grafana Loki", "LogQL", "obz log search -p loki", or needs to search logs from a Loki instance.

2026-04-2916

obz-mimir.md

from "alibaba/obz-cli"

Grafana Mimir provider for obz. Covers all 6 metric commands using standard PromQL. Mimir is a horizontally-scalable Prometheus-compatible TSDB. This skill should be used when the user mentions "Mimir", "Grafana Mimir", "obz metric -p mimir", or needs to query metrics from a Mimir cluster.

2026-04-2916

package.json

"author": "alibaba"

"repository": "alibaba/obz-cli"

Ouvrir le dépôt GitHub Voir les dépôts du créateur

$ install --global

$ download --local

Exécuter dans Manus

$ useful --forSOC

Administrateurs de réseaux et de systèmes informatiquesProfessions informatiques et mathématiques15-1244L4

name	obz-elasticsearch
description	Elasticsearch provider for obz. Supports log search and trace operations using Elasticsearch Query DSL (Lucene-based). Requires --index flag. This skill should be used when the user mentions "Elasticsearch", "obz -p es", or needs to search logs or traces from an Elasticsearch cluster.

obz-elasticsearch: Elasticsearch Provider

Quick Reference

Field	Value
Aliases	`es`, `elasticsearch`
Signals	Log, Trace
Query language	Elasticsearch Query DSL (Lucene-based)
Auth	Basic auth, bearer token, or API key (in config.yaml)
Provider flags	`--index` (required at runtime)
Supported cmds	log search, trace search, trace get

Supported Commands

obz log search       # Search log entries in an Elasticsearch index
obz trace search     # Search trace spans in an Elasticsearch index
obz trace get        # Retrieve a trace by ID from Elasticsearch

Provider-Specific Flags

Flag	Type	Required	Description
`--index`	String	Yes	Index name or pattern to query

The --index flag is declared optional at the clap level (so other providers don't error), but Elasticsearch enforces it at runtime.

Authentication

Configure auth in config.yaml under providers.<name>.auth. Priority: API key > bearer token > basic auth.

Basic auth:

# config.yaml
providers:
  es:
    endpoint: https://es.example.com
    index: logs-*
    auth:
      username: elastic
      password: ${env:ES_PASS}

Bearer token:

    auth:
      token: ${env:ES_TOKEN}

API key (Authorization: ApiKey <key>):

    auth:
      api-key: ${env:ES_API_KEY}

Then query with just -p:

obz log search -p es -q 'level:ERROR' --from now-1h

Query Language

Elasticsearch accepts Lucene-based query strings in the -q parameter. The syntax is nearly identical to OpenSearch.

Common Patterns

level:ERROR                          # field match
level:ERROR AND service:api          # boolean AND
status:(404 OR 500)                  # grouped OR
message:"connection refused"         # phrase match
host:web-* AND NOT path:/health      # wildcards and negation
response_time:[500 TO *]             # range query

Tips

Field names are case-sensitive and depend on your index mapping.
Use double quotes for exact phrase matches.
Leading wildcards (*error) are disabled by default for performance.

Elasticsearch vs OpenSearch

Both providers share the same query syntax and flag surface. The main difference is the backend API version and endpoint format.

Aspect	Elasticsearch	OpenSearch
Alias	`es`	`os`
Auth options	Basic + bearer + API key	Basic + bearer
API lineage	Elastic N.V.	AWS fork

If your cluster is OpenSearch, use the os provider instead.

Examples

Search logs by level:

obz log search -p es --index 'logs-*' -q 'level:ERROR' --from now-1h

Search with boolean operators:

obz log search -p es --index 'app-logs' \
  -q 'service:api AND status:500' --from now-6h

Search traces:

obz trace search -p es --index 'traces-*' -q 'service:frontend' --from now-1h

Retrieve a specific trace:

obz trace get -p es --index 'traces-*' abc123def456

obz-elasticsearch

obz-elasticsearch: Elasticsearch Provider

Quick Reference

Supported Commands

Provider-Specific Flags

Authentication

Query Language

Common Patterns

Tips

Elasticsearch vs OpenSearch

Examples

Plus depuis ce dépôt

Plus depuis ce dépôt

obz-elasticsearch: Elasticsearch Provider

Quick Reference

Supported Commands

Provider-Specific Flags

Authentication

Query Language

Common Patterns

Tips

Elasticsearch vs OpenSearch

Examples