Product release

Elastic Stack 7.0.0 Beta1 Released

7.0.0 Beta 1 is here! This is the third in a series of 7.0.0 preview releases intended to give you an early look at the new features and changes coming in our next major version. And we want your feedback — become an Elastic Pioneer!

Elasticsearch

Faster Search

When it comes to search, query performance is a key feature; some would say the key feature. We have achieved a significant performance improvement in Elasticsearch 7.0 for situations in which the exact hit count is not needed. For example, if your users typically just look at the first page of results and don’t need a precise count of the hits, you may be able to show “more than 10,000 hits” and then provide them with paginated results. This improvement allows us to skip the scoring/ranking process for documents that are so low-ranking that they will not make it into the top 10,000. The number of top results that are scored is configurable, and it’s important to note that this optimization won’t apply to aggregations queries. You can read more about this powerful algorithmic development in our blog post Magic WAND: Faster Retrieval of Top Hits in Elasticsearch.

Improved Query Language

7.0.0 beta-1 brings a number of new queries and improvements.

There are many use cases, like patent or legal search, where users want to find records in which words or phrases are within a certain distance of one another. The new intervals query introduces a simple but powerful syntax for specifying these queries. Compared to the span query, which was historically the only way to meet these needs, the intervals query is easier to define and also use the analyzer, so the terms in the query are analyzed the same way as your documents.

Relevance is one of the key attributes of good search. We are introducing a new way to do custom result scoring — the script_score query. It provides a simpler and more flexible way to generate a ranking score per record. The script_score query is constructed of a set of functions, including arithmetic and distance functions, which the user can mix and match to construct arbitrary function score calculations. The modular structure is simpler to use and will open this important functionality to additional users. Try it out and let us know what you think!

And there is so much more! From a new geotile_grid aggregation (shown in Kibana below), nanosecond precision in timestamps, TLS 1.3, the Java High Level REST Client completion, to further improvements in the cluster coordination layer. Read the details in the Elasticsearch release blog!

Kibana

New Design and Navigation

Since the introduction of the Elastic UI library in 6.2, Kibana has slowly been shifting towards a design revamp. 7.0.0 Beta 1 is the first release to show it off in its final form. The most prominent change is a switch to a new global navigation which introduces a constant header to manage spaces and breadcrumbs. We're also now defaulting the side navigation to a collapsed view so that individual applications have more horizontal space to work with.

Beyond the new design, all the hard work behind the scenes also let us deliver on a much-requested feature: Dark Mode for all of Kibana!


Autocomplete on by default

In Kibana 6.3, we introduced autocomplete features to our query bar along with the Kibana query language. In 7.0.0 Beta 1 that feature is now turned on by default. For users that prefer the Lucene syntax that option is still available and can be toggled on or off as you need in advanced settings.

Maps app for geospatial analysis

In the mobile and distributed world we live in today, geo data is everywhere. Kibana 7.0.0 Beta 1 will include our new Maps application (beta) for geospatial and location based analytics. This new tool will allow you to visualize your geo data, at scale, with speed and in real time. With features like multiple layers and indices in a map, plotting raw documents, dynamic client side styling and the ability to search globally across multiple layers you will truly be able to understand and monitor your data with ease.

With Maps, you will immediately get the complete value of our Elastic Maps Service, providing out of the box vector layers and baselayer maps. If for some reason we don't have what you're looking for, you'll also have the option to add your own custom vector shapes, tile map services or web map services as layers so you can truly customize your map to your liking. In 7.0, the Maps application will also be taking full advantage of the new geotile_grid aggregation for a more precise and seamless experience when interacting with the UI.


And there’s more Kibana goodness! A new more unified query and filter bar, completely new timepicker, changes to the saved object APIs, and more. See all the details in the Kibana release blog!

Beats

New Supported Metric Data Sources!

Demand for turnkey metrics collection using the Elastic Stack continues to grow. To support this, we recently added several new Metricbeat modules, including community-contributed modules for CouchDB (shout out to berfinsari) and NATS (thank you to ChrsMark, skatsaounis, MichaelKatsoulis). We also added support for MariaDB and Percona as part of our MySQL database module. On top of that, 7.0.0 Beta 1 also brings long-requested support for the MS SQL database. and debuts the AWS EC2 module for fetching metrics directly from AWS Cloudwatch via Metricbeat.

We have also improved our existing integration with Prometheus to avoid the need for user defined mappings. Metrics will be stored using fields with the same names that users see in Prometheus, and mappings will be derived automatically. For instance, all metric fields will use the double type, which is the internal store type in Prometheus, and all labels will be stored under prometheus.labels.* and mapped as keyword.

We’re also hard at work to bring many of the existing Metricbeat modules out to general availability. Among these are a number of modules from the Kubernetes ecosystem -- Traefik, etcd, Envoy Proxy -- as well as modules for Windows, RabbitMQ, Couchbase, golang, php_fpm, Memcached, and ceph.

Elastic Common Schema

Going forward, all of our Metricbeat and Filebeat modules will be compatible with Elastic Common Schema (ECS), which defines a common set of fields for ingesting data into Elasticsearch. Having a common schema allows you correlate data from sources like logs and metrics for IT operations analytics and security analytics

Try it Now!

Happy downloading. Go forth, and explore.