Elastic Logs 7.2.0 adds customizable views and improved Kubernetes integrations | Elastic Blog
Releases

Elastic Logs 7.2.0 released

We are pleased to announce a new release of Elastic Logs, version 7.2.0, available on the Elasticsearch Service, or as part of the default distribution of Elastic Stack. The Elastic Logs application gives you a streaming, searchable window to your infrastructure and application logs.

Support for structured logs in the Logs app

Two big features have been added to the Logs App in Kibana, both focused on how you interact with your data.  First up is field pinning, also known as custom columns. This allows you to specify additional fields to show up in the log viewer, alongside the default fields:

image1-2.png

We have also added the ability to quickly filter directly from the log detail flyout-- simply select the entry, expand the row, then select the filter:

image4-2.png

New modules and inputs

With 7.2 we have released two new modules, advancing our Kubernetes and container monitoring capabilities.  

First up is the NATS module for Filebeat. NATS is an open source messaging system, widely used in cloud-native applications.  The NATS module captures and parses the logs from NATS, and ships with several visualizations and a dashboard:

image3-2.png

The new CoreDNS module for Filebeat supports both standalone CoreDNS deployments and CoreDNS deployments in Kubernetes.  It captures details on queries, including information on the request and response, and it too comes with an example dashboard:

image2.png

In addition to container logs in a Docker format, the container input for Filebeat adds support for Open Container Initiative-based Kubernetes Container Runtime Interface (CRI-O) logs.  You can specify the desired format in the Filebeat configuration as docker, cri, or the default, auto, which will automatically detect the format for container logs.

How to get it

You access the Elastic Logs application on the Elasticsearch Service on Elastic Cloud by creating a new cluster, or upgrading an existing cluster the day of release, or you can download it as part of the default distribution of the Elastic Stack.