Editor's Note (September 7, 2018): This post refers to X-Pack. Starting with the 6.3 release, the X-Pack code is now open and fully integrated as features into the Elastic Stack.
May the 4th be with you. 5.4 is, in fact, the release that you have been looking for.
It is, again, a substantive release with features and functionality in nearly all areas of the Elastic Stack. And, as per usual, it is available – right now – on Elastic Cloud.
The headlining feature of this release is the addition of machine learning features (in beta) to X-Pack. Machine learning means many things to many people, but in this initial release, we focused on making it easy to detect anomalies in time series data. For many of our users, it has become impractical to spot infrastructure problems, cyber attacks, or business issues by only eyeballing dashboards or creating rules. X-Pack machine learning features automatically model the normal behavior of your time series data to detect what isn’t.
Note that machine learning is not yet enabled on Elastic Cloud. Stay tuned for updates!
We can’t overstate our excitement about this automated anomaly detection capability in X-Pack..
… but wait, there’s more.
For more detailed information, and many other features, peruse the Elasticsearch detail post.
- Searching data across a large number of shards, perhaps through using Cross Cluster search? You’ll welcome the improved memory management on coordinating nodes through batched reduction of search results.
nestedqueries, and large
termqueries have all shipped with optimizations in this release.
‘Visualize’ all the features, and ‘Discover’ more information in the detail post.
- So many visualization types, so little time. We’ve redesigned the ‘Create Visualization’ wizard with new categories and icons
- Time Series combines pipeline aggregations and a new UI for interacting with, and designing visualizations from, time series data.
- What happened before a log event? What happened after a log event? You’ll love Event Context in Discover.
Hear, hear! The Watcher UI is here! Accessible from Kibana’s Management app, it’s now easy to create, manage and track your watches. Easily acknowledge alerting watches or deactivate them during known service periods. You can even test your watches right in the UI.
Use the new cluster alerts feature in X-Pack monitoring to proactively detect issues in your Elastic Stack. Cluster alerts will display in the top-level view of the Monitoring app in Kibana. If your cluster status is red, for example, you will see a prominent notification and information about the error.
For more information, grok the detail post.
- In 5.1, we said ‘Heya’ to persistent queues. As of 5.4, they are a fully supported feature in Logstash which can enhance data durability and simplify ingest architectures.
We don’t ‘let the beat drop’ but we drop the updates in a detail post.
- Have a Java app? Want JMX metrics? You’ll love Metricbeat 5.4
- Filebeat gets another module with the inclusion of the auditd module for parsing Linux auditd logs
- Parsing authentication logs is now possible by adding the ‘system.auth’ fileset in the Filebeat system module.
ES-Hadoop 5.4.0 has also been released today.