Engineering

How to migrate from Swiftype App Search to Elastic Cloud

In this blog post, we identify security software performance issues related to high %CPU usage on macOS, and explain how to fix and avoid them in future.

It can be difficult to use synonyms to define all possible variations of a word. Fortunately, you can easily combine stemmers and multi-word synonyms to take the quality of your search results to the next level...

A new strategic vision for Kibana streamlines the workflow for building and managing dashboards in Kibana. With fewer steps, less clicks, you can spend more time exploring and analyzing your data...

Engineering

Easily ingest data to Elastic via Splunk

The new point-in-time functionality in Elasticsearch allows you to execute consistent search requests by retrieving data from a given point in time, even as data changes. Learn why we recommend using PIT instead of the scroll API...

Set yourself up for success and automate insights for the future by configuring your cluster for full observability, including metric and log collection, troubleshooting view, and alerts to automate APM...

Several common process tampering attacks exploit the gap between process creation and when security products are notified. Elastic Security detects a variety of such techniques, including Doppelgänging, Herpaderping, and a new technique: Ghosting..

Engineering

Adversary emulation with Prelude Operator and Elastic Security

Elastic Cloud on Kubernetes (ECK) makes it easy to get the Elastic Stack running on Kubernetes. In this blog, learn how to set up SAML with auth0 as an identity provider as well as how to configure your deployment for hot-warm-cold architecture...

In this blog post, we walk through our release of a fully trained detection model, anomaly detection configurations, and detection rules that you can use to get your ProblemChild framework up and running in your environment in minutes...

This blog is the first in a two-part series discussing a userland Windows exploit that enables attackers to perform highly privileged actions that typically require a kernel driver...