Elastic Observability Gives SREs a Head Start on Kubernetes Incident Investigations

Key Terms

kubernetes technical

Kubernetes is an open-source system that automates running and managing many pieces of software across groups of computers, like a conductor coordinating musicians so each piece plays at the right time and place. For investors, it matters because companies that use it can deploy updates faster, scale services up or down automatically, and cut infrastructure costs — factors that influence growth, reliability and operating margins.

observability technical

Observability is a company’s ability to see and understand what its software systems are doing by collecting and analyzing signals like logs, metrics and traces. For investors it matters because strong observability reduces the risk of downtime, hidden bugs or security issues, supports faster fixes and efficient scaling, and therefore can protect revenue, lower costs and signal disciplined operations — like having clear gauges and alarms on a complex machine.

ai agents technical

AI agents are computer programs designed to perform tasks or make decisions automatically, often by learning from data and adapting to new information. They act like virtual assistants or robots that can handle complex activities without human intervention, which can help businesses and individuals save time and improve efficiency. For investors, AI agents matter because they can enhance decision-making and automate processes that influence markets and financial outcomes.

ide technical

An IDE (Investigational Device Exemption) is a regulatory permission that allows a company to test an unapproved medical device in human clinical trials to gather safety and effectiveness data. Think of it as a temporary road permit for a new product: getting the IDE moves a technology from concept toward approval and market access, which can reduce uncertainty and increase value for investors, while delays or denials raise development risk and potential costs.

See more from StockTitan in Google Search and AI answers. Adds StockTitan as a preferred source · opens Google

Add on Google Not now

New Kubernetes investigation workflows and agent skills analyze logs, metrics, anomalies, and cluster events, surfacing root causes and next steps automatically.

SAN FRANCISCO--(BUSINESS WIRE)-- Elastic (NYSE: ESTC), the Search AI Company, today introduced an agentic Kubernetes investigation workflow and MCP-based observability skills that diagnose incidents the moment an alert fires. By the time an SRE opens the alert, the root cause has already been identified, evidence has been assembled, and recommended next steps have been surfaced.

For teams running Kubernetes at scale, the gap between alert and answer costs time, compounds outages, and wears down on-call engineers. Elastic closes that gap by starting the investigation automatically, before anyone is paged.

Elastic Observability builds on Kubernetes dashboards, prebuilt alert templates, and ML-powered anomaly detection to deliver two ways to accelerate from alert to resolution: an agentic investigation workflow that runs diagnostics automatically when alerts fire, and a Kubernetes MCP App with skills that brings the same investigation capabilities into the AI tools and IDEs engineers already use — Claude, Cursor, VS Code, and any MCP-compatible client.

The Elastic Observability MCP App lets SREs investigate Kubernetes environments conversationally, with AI agents querying live data from Elasticsearch and surfacing fully interactive views directly in the tool: cluster health rollups, service dependency graphs, anomaly detail with actual versus typical values, blast radius analysis for node failures, and persistent alert rule management.

Elasticsearch stores all Kubernetes logs and metrics at scale with 2.5x better storage efficiency than other observability vendors, ensuring engineers have access to the full operational context needed to investigate incidents. Whether the agentic workflow delivers a confirmed root cause or a structured starting point for continued investigation, SREs never start from scratch.

“Engineers who get paged at 3 a.m. don’t want to start a new investigation from scratch, they want answers," said Bahaaldine Azarmi, general manager, Observability at Elastic. "With this release, Elastic kicks off the investigation the moment an alert fires, so teams reach resolution faster and with more confidence. And because it runs inside the tools engineers already use, there's no context switch and no new interface to learn.”

Availability

The Elastic Kubernetes integration, including dashboards, alert templates, and ML anomaly detection, is available across Elastic Cloud Hosted, Serverless, and self-managed deployments. The Kubernetes investigation workflow and Elastic Observability MCP App are available in technical preview.

To get started, visit elastic.co or read the Elastic blogs.

• Blog: Kubernetes Observability from alert to root cause: Dashboards, Alerts, and Anomaly Detection with Elastic
• Blog: Agentic Powered Kubernetes Observability with Elastic Observability and MCP

About Elastic

Elastic (NYSE: ESTC), the Search AI Company, integrates its deep expertise in search technology with artificial intelligence to help everyone transform all of their data into answers, actions, and outcomes. Elastic's Search AI Platform — the foundation for its search, observability, and security solutions — is used by thousands of companies, including more than 50% of the Fortune 500. Learn more at elastic.co.

Elastic and associated marks are trademarks or registered trademarks of elasticsearch B.V. and its subsidiaries. All other company and product names may be trademarks of their respective owners.

View source version on businesswire.com: https://www.businesswire.com/news/home/20260608086289/en/

Media Contact
Elastic PR
PR-team@elastic.co

Source: Elastic N.V.