Today, we are pleased to announce the latest iteration of the world’s leading platform for search-powered solutions with the general availability of Elastic 8.2.
Elastic 8.2 enables our customers and community to build seamless search experiences, faster. From “low code” to “full control,” Elastic 8.2 gives users greater flexibility to dial in their own preferred approach to building search-powered solutions.
In addition, Elastic 8.2 further extends visibility into highly distributed, high-volume cloud-native services with tail-based sampling and enriches the security analyst experience with contextualized alerts, streamlined host inspection, new investigation guides, and the general availability of our threat intelligence solution.
Irrespective of how users elect to put their data to work, users who upgrade to Elastic 8.2 can get faster search results and accelerated insights thanks to the new random sampler aggregation, multiple enhancements to Elasticsearch’s vector search capabilities, and the general availability of Discover’s new data exploration tools in Kibana. Whether it’s connecting people and teams with content that matters, optimizing mission-critical applications and infrastructure, or protecting your digital ecosystem from cyber threats, Elastic 8.2 is available to help everyone reach new levels of success.
A common search language, complete interoperability arrives
Elastic 8.2 makes it easy to use Enterprise Search’s time-saving relevance-tuning and analytics tools with existing Elasticsearch indices without the need to migrate or update data structures. Keep everything from data ingestion pipelines to data lifecycle management policies in place, and use Enterprise Search’s pre-configured tooling to quickly bring new search experiences to market. This means faster deployments, more straightforward relevance management, and better visibility into end-user search behavior across your applications, websites, and enterprise.
In addition, Elastic 8.2 delivers a new capability to use Elasticsearch query syntax for any Enterprise Search engine. Perform advanced aggregations, use different query-time analysis chains, and design complex filtering logic against content originally created via Enterprise Search — all without compromising on baseline relevance and analytics collection.
To learn more about how Elastic Enterprise Search is evolving with the Elastic 8.2 release, check out the Elastic Enterprise Search 8.2 blog.
Streamline cloud-native troubleshooting and data ingestion
As organizations move workloads to the cloud and begin to adopt microservices based architectures, application environments continue to become increasingly complex. Given highly distributed, high-volume systems, many application performance monitoring (APM) users have had to decide between “complete visibility” and the performance overhead associated with collecting complete data from their environment.
Collecting traces using the commonly employed head-based decision to sample (or not) at the time a trace is initiated fails to take into account critical factors, including if the transaction completed (or not) and how long it took to execute. With head-based sampling methodologies, should a user need complete visibility — they would also need to capture and store every single trace.
The solution is tail-based sampling. With tail-based sampling the decision to keep or discard a given trace is made after the trace has completed. As such, each trace can be evaluated against a set of rules or policies, and sampling traces can be fine-tuned to the duration or failure status of each transaction. In this way, storing every single trace is not required for complete visibility and easier troubleshooting.
Elastic’s new tail-based sampling methodology gives users finer grained control over sampling conditions. It enables users to selectively configure sampling rates and to efficiently store only the most relevant data for their use cases. By capturing the most important transactions, customers can sleep peacefully knowing that they will always have all the data they need to detect and troubleshoot problematic transactions without the burden of excessive overhead.
In addition, Elastic 8.2 continues to streamline ingestion from AWS data sources — giving customers greater visibility into their cloud-based applications and infrastructure. To learn more about how Elastic 8.2 is helping to maximize visibility via support for AWS Lambda function traces, new Amazon S3 and CloudWatch custom logs integrations, and the new Elastic Serverless Forwarder input sources, check out the Elastic Observability 8.2 blog.
Streamline analyst workflows with context and expertise
Elastic Security 8.2 powers the efficiency and effectiveness of security teams, arming analysts with insights about their organization and the attacks targeting it. Practitioners triaging an alert can now quickly ascertain how many alerts within a given timeframe share a specific attribute, such as an impacted user or host. This context further equips them to accurately identify alerts meriting investigation and spot opportunities to reduce false positives.
This release further helps security teams triage, investigate, and respond to alerts with a new set of investigation guides for nearly 100 prebuilt detection rules. Elastic threat researchers help practitioners decide how to address an alert by developing this rule-specific expertise and surfacing it alongside associated alerts. The guides cover why an alert has fired, whether it’s a true threat or a false positive, which steps to consider taking for investigation and remediation, and more. The investigation guides added in this release primarily buttress rules for detecting threats against Windows systems. With expert advice for defending these ubiquitous systems, they uplevel the contributions of junior analysts and reduce the cognitive load of seasoned practitioners.
Be sure to check out the Elastic Security 8.2 blog for all of the details, including what the general availability of our Threat Intelligence feature means for your team.
Elastic Stack and Elastic Cloud: your platform for faster search results and accelerated insights
As the foundation for each of our search-powered solutions, everybody wins with enhancements to the Elastic Stack and Elastic Cloud.
Let’s start with Elasticsearch, the heart of the Elastic Stack. Elastic 8.2 continues to deliver on speed, scale, relevance, and simplicity with a technical preview of three exciting new features: random sampler aggregation, Hierarchical Navigable Small World (HNSW) multi-layer hierarchy, and support for approximate nearest neighbor (ANN) search with filtering.
The new random sampler aggregation exponentially accelerates aggregations (with only a slight trade off in terms of accuracy) by randomly sampling data for a given query (i.e. only a random subset of documents are used to return search results).
In terms of vector search, the technology powering the newest breed of search experiences (such as image search, generative question answering, and semantic search), it continues on its fast-evolving journey with an improved HNSW search algorithm and the addition of native filtering functionality.
With Elastic 8.2, Elasticsearch uses the same (HNSW) methodology as used in Elastic 8.0, but with multiple map layers which results in even faster query performance.
With Elastic 8.1, Elastic’s take on approximate nearest neighbor (ANN) brought widely improved performance to production workloads. With Elastic 8.2, the addition of a new filtering capability provides a more effective way to query data with increased precision and control — ensuring absolute accuracy for consumers looking for a specific answer, result, or product.
These incremental investments to vector search support a broader way to understand intent, interpret query signals, and deliver a more precise and immersive experience for end users.
Now, let’s talk about Kibana, the tool for visualizing and exploring your data with ease. With Elastic 8.2 comes the general availability of Discover’s new data exploration tools in Kibana. These enhancements help users to get a better understanding of their data from “a bird’s eye view” and then easily zoom in to find anomalies and troubleshoot issues. In addition, Kibana now includes field statistics, in beta. Field statistics enable users to jumpstart their analysis by spotting outliers, understanding the distribution of values, and getting a complete picture of their data landscape in a single view.
And last, but certainly not least, a friendly reminder that Elastic Cloud is the best and most secure place to run your Elastic workloads (by operating in compliance with SOC 2, GDPR, HIPAA, FedRAMP, and more). With Elastic 8.2, Elastic Cloud has achieved Payment Card Industry Data Security Standard (PCI DSS) Certification as a Level 1 Service Provider. With (certified) security controls to process, handle, or store payment card information, Elastic customers can rest assured knowing that their (and their customers’) payment data remains safe and secure.
If you want to learn more about the new random sampler aggregation, how vector search continues to evolve, how Kibana has been localized into French (bonjour!), or which new instance types and regions we’ve added to Elastic Cloud — read the Elastic Stack 8.2 blog!
Your journey awaits
Once again, it's time to begin (or continue) your Elastic journey. Elastic 8.2 is available now on Elastic Cloud — the only hosted Elasticsearch offering to include all of the new features in this latest release.
New to Elastic? Welcome aboard. You can get started today with a free 14-day trial of Elastic Cloud. Or, if the benefits of using a managed service have yet to win you over, you can always download a self-managed version of the Elastic Stack for free.
The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all.