OpenAI connector and action

Serverless Stack

The OpenAI connector uses axios to send a POST request to an OpenAI provider:

• OpenAI
• Azure OpenAI
• Stack 9.1.0 Other (OpenAI-compatible service).

You can create connectors in Stack Management > Connectors. For example:

×

OpenAI connectors have the following configuration properties:

Serverless Stack 9.1.0

When using the Other provider (for example, to connect a local LLM), you can use PKI (certificate-based) authentication. With PKI, you can also optionally include an API key if your OpenAI-compatible service supports or requires one. The following fields are supported for PKI:

• Certificate data (certificateData): PEM-encoded certificate content, base64-encoded. (Required for PKI)
• Private key data (privateKeyData): PEM-encoded private key content, base64-encoded. (Required for PKI)
• CA data (caData, optional): PEM-encoded CA certificate content, base64-encoded.
• API key (apiKey, optional): The API key for authentication, if required by your service.
• Verification mode (verificationMode): SSL verification mode for PKI authentication. Options:
  • full (default): Verify server's certificate and hostname
  • certificate: Verify only the server's certificate
  • none: Skip verification (not recommended for production)

Note:

• All PKI fields must be PEM-encoded and base64-encoded when sent via API.
• If any PKI field is provided, both certificateData and privateKeyData are required and must be valid PEM.
• With PKI, you may also include an API key if your provider supports or requires it.
• If PKI is not used, apiKey is required for the Other provider.
• For OpenAI and Azure OpenAI, only apiKey is supported for authentication.

You can test connectors as you're creating or editing the connector in Kibana. For example:

×

The OpenAI actions have the following configuration properties.

Body

A JSON payload sent to the OpenAI API URL. For example:

{
  "model": "gpt-3.5-turbo",
  "messages": [
    {
      "role": "user",
      "content": "Hello world"
    }
  ]
}
		

Use the Action configuration settings to customize connector networking configurations, such as proxies, certificates, or TLS settings. You can set configurations that apply to all your connectors or use xpack.actions.customHostSettings to set per-host configurations.

Once you've created a OpenAI connector, you can monitor its token usage using the OpenAI Token Usage dashboard. Select the connector in Stack Management > Connectors to view its details, then click the View OpenAI Usage Dashboard for "<Name>" Connector link to open the dashboard.

You can connect a locally hosted LLM to Elastic using the OpenAI connector. Your local LLM must be compatible with the OpenAI API format.

When selecting a model:

• Download models from trusted sources only
• Consider parameter size, context window, and quantization format based on your requirements
• Prefer "instruct" variants when available, as they are typically better tuned for following instructions

• A local LLM server running with an OpenAI-compatible API endpoint
• For Elastic Cloud: A reverse proxy (such as nginx) to authenticate requests and forward them to your local LLM endpoint
• For self-managed deployments on the same host: Direct localhost access to your LLM server
• Authentication: Either an API key or PKI authentication (certificate-based)

For a concrete example, refer to Connect to your own local LLM in the Elastic Security solution documentation.