Adoption

Agent Skills are supported by leading AI development tools.

VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory VS Code Gemini CLI GitHub Goose Amp Cursor Claude Code Letta OpenCode Claude OpenAI Codex Factory

olion500/searching-kibana

Name: searching-kibana
Author: olion500

skills/searching-kibana/SKILL.md

npx skillsauth add olion500/skills searching-kibana

Clean

TrivyContainer and dependency vulnerability scanner

Clean

SemgrepStatic code analysis for vulnerabilities

Clean

mcp-scan (Snyk)Model Context Protocol security validation

Skipped

Snyk (dep)Open source security scanning

Skipped

Socket.devSupply chain security analysis

Skipped

VirusTotalMulti-engine malware detection

Skipped

CrowdStrikeAdvanced threat intelligence

Skipped

OSV-ScannerOpen Source Vulnerability database check

Skipped

OWASP Dep-Check

Searching Kibana

Search and query Elasticsearch data through Kibana API for cupixworks models.

Script

# Run with --help for all options
npx -y bun ${SKILL_DIR}/scripts/search-kibana.ts -- --help

Before Searching, Ask Yourself

어떤 환경인가? — 인시던트 조사 → production (고객 리전에 따라 us/au/eu). 개발 확인 → dev.
정확한 값인가, 텍스트 검색인가? — ID/상태값 → --term. 이름 부분 검색 → --match.
필드명이 정확한가? — capture.id (O) vs capture_id (X). 모르면 --raw로 한 건 먼저 확인.

NEVER

NEVER --match로 ID나 정확한 값 검색 — --term 써야 함. match는 analyzer를 거쳐 의도와 다른 결과 나옴
NEVER production에서 --size 1000 + 필터 없이 검색 — 성능 영향 가능
NEVER capture_id로 검색 — 올바른 필드명은 capture.id (dot notation)
NEVER index 이름을 추측 — 모르면 --list-indices로 확인

Query Type Decision Tree

무엇을 찾는가?
├─ ID로 정확히 1건 조회
│  → --id 69496
│
├─ 특정 필드의 정확한 값
│  → --term "capture.id:69496"
│  → --term "state:done"
│
├─ 이름/텍스트 부분 검색
│  → --match "name:test project"
│  → --match "email:john"
│
├─ 복합 조건 (AND/OR)
│  → -q '{"bool":{"must":[{"term":{"state":"done"}},{"term":{"facility.id":4308}}]}}'
│
├─ 날짜 범위
│  → --range "created_at:2024-01-01:2024-12-31"
│
└─ 전체 문서 구조 파악
   → --id {아무ID} --raw  (한 건 조회해서 필드 구조 확인)

Environment Selection

| 목적 | 환경 | 명령 | |------|------|------| | 인시던트 조사 (US 고객) | prod | -e prod | | 인시던트 조사 (AU 고객) | prod-au | -e prod-au | | 인시던트 조사 (EU 고객) | prod-eu | -e prod-eu | | 개발 테스트 | dev | -e dev | | QA 검증 | qa | -e qa |

Common Index & Fields

| Model | Index | Key Fields | |-------|-------|------------| | Capture | captures | id, uuid, name, state, facility.id, team.id | | Video | videos | id, capture.id, name, state | | Pano | panos | id, capture.id, cluster.id, name | | Facility | facilities | id, name, key, team.id | | Team | teams | id, name, domain | | User | users | id, email, firstname, lastname |

Key Facts

| Item | Value | |------|-------| | Credentials | KIBANA_USERNAME, KIBANA_PASSWORD (via just claude) | | API Endpoint | {base_url}/internal/search/es | | Field naming | dot notation (capture.id, facility.id) |

Troubleshooting

| 증상 | 원인 | 해결 | |------|------|------| | 401 Unauthorized | 인증 실패 | Claude 재시작하여 .env 리로드 | | 빈 결과 | 잘못된 index 이름 | --list-indices로 확인 | | 빈 결과 | 필드명 오류 | --raw로 실제 문서 구조 확인. capture_id → capture.id | | 스크립트 안 됨 | 환경 문제 | Legacy curl 사용 (아래) |

Legacy curl Fallback

curl -s --user "$KIBANA_USERNAME:$KIBANA_PASSWORD" \
  -H 'kbn-xsrf: true' -H 'Content-Type: application/json' \
  -X POST 'https://kibana.dev.cupix.works/internal/search/es' \
  -d '{"params":{"index":"captures","body":{"query":{"term":{"id":69496}},"size":1}}}'

olion500/searching-kibana

skills/searching-kibana/SKILL.md

Search and query Elasticsearch/Kibana database models using curl API. Use for querying database models, searching Kibana indices, checking Elasticsearch data, investigating data in Kibana, finding records by ID, searching documents. Supports multiple environments (dev, qa, stage, production-us, production-au, production-eu).

development

Updated Jun 5, 2026

$ install --global

skillsauth

npx skillsauth add olion500/skills searching-kibana

Install this skill globally with one command. Works with Claude Code, Cursor, and Windsurf.

Security Scan Results

3 of 9 scanners reported clean

Some scanners were skipped, did not run, or reported a non-clean status. Review each row below.

Scanners Passed

Scanners in report

Clean

TrivyContainer and dependency vulnerability scanner

95%

Clean

SemgrepStatic code analysis for vulnerabilities

95%

Clean

mcp-scan (Snyk)Model Context Protocol security validation

95%

Skipped

Snyk (dep)Open source security scanning

50%

Skipped

Socket.devSupply chain security analysis

50%

Skipped

VirusTotalMulti-engine malware detection

50%

Skipped

CrowdStrikeAdvanced threat intelligence

50%

Skipped

OSV-ScannerOpen Source Vulnerability database check

50%

Skipped

OWASP Dep-Check

50%

Last scanned: Jun 5, 2026, 2:28 AM112.9s2 files scanned

SKILL.md

name:: searching-kibana
description:: Search and query Elasticsearch/Kibana database models using curl API. Use for querying database models, searching Kibana indices, checking Elasticsearch data, investigating data in Kibana, finding records by ID, searching documents. Supports multiple environments (dev, qa, stage, production-us, production-au, production-eu).

Searching Kibana

Search and query Elasticsearch data through Kibana API for cupixworks models.

Script

# Run with --help for all options
npx -y bun ${SKILL_DIR}/scripts/search-kibana.ts -- --help

Before Searching, Ask Yourself

어떤 환경인가? — 인시던트 조사 → production (고객 리전에 따라 us/au/eu). 개발 확인 → dev.
정확한 값인가, 텍스트 검색인가? — ID/상태값 → --term. 이름 부분 검색 → --match.
필드명이 정확한가? — capture.id (O) vs capture_id (X). 모르면 --raw로 한 건 먼저 확인.

NEVER

NEVER --match로 ID나 정확한 값 검색 — --term 써야 함. match는 analyzer를 거쳐 의도와 다른 결과 나옴
NEVER production에서 --size 1000 + 필터 없이 검색 — 성능 영향 가능
NEVER capture_id로 검색 — 올바른 필드명은 capture.id (dot notation)
NEVER index 이름을 추측 — 모르면 --list-indices로 확인

Query Type Decision Tree

무엇을 찾는가?
├─ ID로 정확히 1건 조회
│  → --id 69496
│
├─ 특정 필드의 정확한 값
│  → --term "capture.id:69496"
│  → --term "state:done"
│
├─ 이름/텍스트 부분 검색
│  → --match "name:test project"
│  → --match "email:john"
│
├─ 복합 조건 (AND/OR)
│  → -q '{"bool":{"must":[{"term":{"state":"done"}},{"term":{"facility.id":4308}}]}}'
│
├─ 날짜 범위
│  → --range "created_at:2024-01-01:2024-12-31"
│
└─ 전체 문서 구조 파악
   → --id {아무ID} --raw  (한 건 조회해서 필드 구조 확인)

Environment Selection

Common Index & Fields

Key Facts

Troubleshooting

Legacy curl Fallback

curl -s --user "$KIBANA_USERNAME:$KIBANA_PASSWORD" \
  -H 'kbn-xsrf: true' -H 'Content-Type: application/json' \
  -X POST 'https://kibana.dev.cupix.works/internal/search/es' \
  -d '{"params":{"index":"captures","body":{"query":{"term":{"id":69496}},"size":1}}}'

Related Skills

olion500/searching-datadog-logs

development

VerifiedTrustedCommunity

Search and analyze Datadog logs and metrics using API for cupixworks-api and cupixworks-worker services. Use when debugging errors, investigating issues, searching logs, analyzing worker jobs, checking Sidekiq logs, querying metrics, or finding specific log entries by class/function names. Supports error/warn/info log levels with 14-day retention for logs.

SKILL.mdUpdated Jun 5, 2026

olion500/searching-datadog-logs

olion500/jira

tools

VerifiedTrustedCommunity

Create, update, search, transition, link, and read comments on Jira issues via CLI. MUST use this skill whenever the user pastes or mentions any atlassian.net URL (Jira issues, Confluence pages, focusedCommentId links, board links — anything from *.atlassian.net). Also use for: TSLA-* ticket references, JQL searches, issue status changes, reading comments, creating bugs, updating descriptions. This is the ONLY way to interact with Jira/Atlassian — there is no MCP Atlassian available.

SKILL.mdUpdated Jun 5, 2026

olion500/cupix-watch

development

VerifiedTrustedCommunity

Search Cupix Watch (Kibana/Elasticsearch) application logs at watch.cupix.com. Use when the user asks to search logs, find errors, debug processing issues, or investigate service behavior. Triggers on keywords like "log", "watch", "kibana", "error log", service names (skat, pano, api, worker, vista), or mentions of cupix processing pipelines.

SKILL.mdUpdated Jun 5, 2026

olion500/azure-devops

development

VerifiedTrustedCommunity

Access Azure DevOps resources (PRs, builds, pipelines, releases, variable groups) for the Cupix organization. TRIGGER when: user pastes a dev.azure.com URL; user mentions Azure DevOps, ADO, az pr, az pipeline, build status, release status, or deploy status for Cupix projects; user asks about PR reviews, build logs, pipeline runs, or release progress. SKIP: general git questions not about Azure DevOps; GitHub-only workflows.

SKILL.mdUpdated Jun 5, 2026

olion500/azure-devops

Download

For Claude Desktop. Download once, then upload the file in the app — no terminal needed.

Need help? View full Cowork setup guide →

Install manually

Choose your platform

# Clone the repo
git clone https://github.com/olion500/skills.git

# Copy into Claude Code skills folder (global)
cp -r skills/skills/searching-kibana ~/.claude/skills/

Claude Code Skills — official skills path docs.

Repository

olion500/skills

Compatible with

Claude Code

OpenAI Codex CLI

ChatGPT