Skip to content

Add log analytics and observability skill references#66

Closed
arjunkumargiri wants to merge 4 commits intoopensearch-project:mainfrom
arjunkumargiri:feat/log-analytics-skill
Closed

Add log analytics and observability skill references#66
arjunkumargiri wants to merge 4 commits intoopensearch-project:mainfrom
arjunkumargiri:feat/log-analytics-skill

Conversation

@arjunkumargiri
Copy link
Copy Markdown
Contributor

@arjunkumargiri arjunkumargiri commented Mar 23, 2026

Summary

Adds log analytics and observability capabilities to the opensearch-launchpad skill, based on the requirements from opensearch-project/observability-stack#119 and the sample implementation in opensearch-project/observability-stack#120.

What's included

Updated SKILL.md:

  • Extended description with log analytics and observability trigger keywords (778 chars, within 1024 spec limit)
  • Added observability routing table pointing to 3 focused reference files
  • Added connection defaults, index patterns, and base PPL command for observability
  • Fixed MCP auto-install messaging to ask user to restart IDE

New reference files under references/observability/:

File Lines Description
log-analytics.md ~360 Discovery-first log analytics workflow: discover indices, understand schema, ask clarifying questions, perform analytics with PPL. Supports any log schema (ECS, OTel, syslog, custom JSON). Instructs agent to use opensearch-mcp-server-py for AOS/AOSS with full auto-install flow.
traces.md ~207 OTel trace investigation: agent invocations, tool executions, slow spans, error spans, token usage, service maps, trace tree reconstruction.
ppl-reference.md ~230 PPL language reference: 50+ commands, 14 function categories, observability examples. Instructs agent to search OpenSearch docs when syntax is unclear.

Design decisions

  • Merged into launchpad skill (not a separate skill) so users get observability capabilities without a separate install
  • Discovery-first approach for log analytics: agent discovers indices, inspects mappings, samples documents, and asks clarifying questions before writing queries
  • opensearch-mcp-server-py as preferred connection method for AOS/AOSS (handles SigV4 transparently), with curl as fallback for local clusters
  • Deferred metrics/SLO/correlation: focused on logs and traces for the initial release
  • Follows Agent Skills spec: SKILL.md under 500 lines, description under 1024 chars, reference files loaded on demand

Testing

  • All 215 agent skills tests pass
  • SKILL.md: 214 lines (spec recommends under 500)
  • Description: 778 chars (spec max 1024)

@arjunkumargiri
fix(docs): Correct repo name from opensearch-agent-skills to opensear…
8bd54ed 
…ch-launchpad

Update npx skills install commands and directory structure references
in README.md and DESIGN.md to use the correct repository name
opensearch-project/opensearch-launchpad.

Signed-off-by: Arjun kumar Giri <arjung@amazon.com>
@arjunkumargiri
Add web search capability and docling instructions
584aeef 
Signed-off-by: Arjun kumar Giri <arjung@amazon.com>
@arjunkumargiri
Merge remote-tracking branch 'upstream/main'
b5d43c1
@arjunkumargiri
feat(skill): Add log analytics and observability references
fb31cf0 
Add observability and log analytics capabilities to the opensearch-launchpad
skill. Includes a discovery-first log analytics workflow, OTel trace
investigation guide, and PPL language reference.

Changes:
- Update SKILL.md description with log analytics trigger keywords
- Add observability routing table to SKILL.md
- Add references/observability/log-analytics.md with phased workflow:
  discover indices, understand schema, ask clarifying questions, perform
  analytics with PPL
- Add references/observability/traces.md for OTel trace investigation
- Add references/observability/ppl-reference.md with 50+ commands and
  14 function categories
- Instruct agent to use opensearch-mcp-server-py for AOS/AOSS clusters
  with auto-install flow including endpoint and auth collection
- Fix MCP auto-install messaging to ask user to restart IDE

Refs: opensearch-project/observability-stack#119
Signed-off-by: Arjun kumar Giri <arjung@amazon.com>
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment

Reviewers

@kaituo kaituo Awaiting requested review from kaituo kaituo is a code owner

@fen-qin fen-qin Awaiting requested review from fen-qin fen-qin is a code owner

@saratvemulapalli saratvemulapalli Awaiting requested review from saratvemulapalli saratvemulapalli is a code owner

@owaiskazi19 owaiskazi19 Awaiting requested review from owaiskazi19 owaiskazi19 is a code owner

Assignees

No one assigned

Labels

None yet

Projects

None yet

Milestone

No milestone

Development

Successfully merging this pull request may close these issues.

1 participant

@arjunkumargiri