Elasticsearch version 7.9.2edit

Also see Breaking changes in 7.9.

Known issuesedit

  • SQL: If a WHERE clause contains at least two relational operators joined by AND, of which one is a comparison (<=, <, >=, >) and another one is an inequality (!=, <>), both against literals or foldable expressions, the inequality will be ignored. The workaround is to substitute the inequality with a NOT IN operator.

    We have fixed this issue in Elasticsearch 7.10.1 and later versions. For more details, see #65488.

  • Snapshot and restore: If an index is deleted while the cluster is concurrently taking more than one snapshot then there is a risk that one of the snapshots may never complete and also that some shard data may be lost from the repository, causing future restore operations to fail. To mitigate this problem, set snapshot.max_concurrent_operations: 1 to prevent concurrent snapshot operations:

    PUT _cluster/settings
      "persistent" : {
        "snapshot.max_concurrent_operations" : 1

    This issue is fixed in Elasticsearch versions 7.13.1 and later. It is not possible to repair a repository once it is affected by this issue, so you must restore the repository from a backup, or clear the repository by executing DELETE _snapshot/<repository name>/*, or move to a fresh repository. For more details, see #73456.

  • Parsing a request when the last element in an array is filtered out (for instance using _source_includes) fails. This is due to a bug in Jackson parser. Fixed in Elasticsearch 8.6.1 (#91456)


  • Deprecate xpack.eql.enabled setting and make it a no-op #61375 (issue: #54745)


  • Improve error messages on bad [format] and [null_value] params for date mapper #61932 (issue: #61712)

Bug fixesedit

  • Ensure domain_name setting for AD realm is present #61859
  • Update authc failure headers on license change #61734 (issue: #56318)
  • Ensure authz operation overrides transient authz headers #61621
  • CCR should retry on CircuitBreakingException #62013 (issue: #55633)
  • Create the search request with a list of indices #62005 (issue: #60793)
  • Allow enabling soft-deletes on restore from snapshot #62018 (issue: #61969)
Features/Data streams
  • Always validate that only a create op is allowed in bulk api for data streams #62766 (issue: #62762)
  • Fix NPE when deleting multiple backing indices on a data stream #62274 (issue: #62272)
  • Fix data stream wildcard resolution bug in eql search api. #61904 (issue: #60828)
  • Prohibit the usage of create index api in namespaces managed by data stream templates #62527
  • Fix condition in ILM step that cannot be met #62377
  • Add Missing NamedWritable Registration for ExecuteEnrichPolicyStatus #62364
Features/Java High Level REST Client
  • Drop assertion that rest client response warnings conform to RFC 7234 #61365 (issues: #60889, #61259)
Machine Learning
  • Add null checks for C++ log handler #62238
  • Persist progress when setting data frame analytics task to failed #61782
  • Fix reporting of peak memory usage in memory stats for data frame analytics #1468
  • Fix reporting of peak memory usage in model size stats for anomaly detection #1484
  • Allow empty null values for date and IP field mappers #62487 (issues: #57666, #62363)
  • Take resolution into account when parsing date null value #61994
  • Log alloc description after netty processors set #62741
  • Do not resolve self-referencing aliases #62382 (issue: #62296)
  • Disable optimizations when using scripts in group_by #60724 (issue: #57332)


  • Upgrade the bundled JDK to JDK 15 #62580