FlexiClaw started from a simple idea: Elastic is powerful, but a lot of operational work still begins with a blank query, a blank dashboard, or a fragmented view of what is actually flowing into the cluster. FlexiClaw adds an intent layer on top of that work.
The current direction is no longer a single generic CLI story. FlexiClaw now has two clear product surfaces. They share the same Elastic focus, but they solve different problems.
FlexiClaw for Elastic
A Codex plugin for Elastic observability. It turns natural questions into evidence-backed investigations, auto-dashboards, alert plans, alert triage, health reports, integration guidance, Case Files, approval-gated RAG and Kibana Lens dashboards only after explicit approval.
Read the plugin post →FlexiClaw Platform
A read-only Elastic Control Tower for ingestion, data streams, backing indices, topology, storage pressure and evidence packs. It shows what is happening without modifying Elasticsearch.
Read the Platform post →01FlexiClaw for Elastic
FlexiClaw for Elastic is the agentic surface. The user describes the operational goal, and AI agents in Codex help investigate Elastic observability data with a safety contract around evidence, previews, approval and verification.
The important part is not that an agent writes a query. The important part is the workflow around the query: inspect first, explain the plan, generate validated ES|QL, show evidence, run SRE checks, preview governed outputs, ask for approval before writes, then verify the result in Elastic before claiming success.
That makes it useful for incident investigation, careful dashboard creation, alert planning, alert triage, daily health reporting, integration advisor checks, Case Files, RAG workflows that run only after approval, and reports that separate facts, hypotheses, unknowns and next actions.
02FlexiClaw Platform
FlexiClaw Platform is the visibility surface. It is designed for teams that want to understand what is entering Elastic, where data streams and backing indices are growing, how ingestion is distributed, and where storage pressure builds.
Platform is deliberately read-only in the current product. It connects for observation and inventory, not remediation. The value is a clear operational surface: data flow, topology, lifecycle state, tiers, shards, nodes and evidence that can be reused in reviews or investigations.
03How they work together
The plugin is where intent becomes action. Platform is where the Elastic estate becomes visible. Together, they create a cleaner operating model: understand the system, investigate with evidence, preview any governed output, approve intentionally and verify what happened.
Kibana remains valuable for native exploration, dashboards and Elastic workflows. FlexiClaw is built around intent-driven workflows and read-only operational visibility around Elastic, not around replacing the tools Elastic already provides.
04What FlexiClaw is not claiming
The current public positioning is intentionally specific. FlexiClaw is not claiming autonomous remediation, complete Elastic coverage, or dashboard publishing without approval. The Platform is not claiming write access or remediation. The Codex plugin is not claiming Elastic Security-specific workflows or cluster settings, ILM, template or data stream modification.
That boundary matters. The product can be ambitious without pretending every future capability already exists.
Where to start
Start with the product page if you want the agentic Elastic workflow from Codex. Open Platform if you want the read-only visibility layer.