Product release

Beats 6.7.0 released

By
Monica Sarbu

We are pleased to announce the Beats 6.7.0 release. This is the latest stable version and it comes with a GA version release for Functionbeat and a migration tool for Beats Central Management.

Functionbeat GA

A few months ago, we were announcing the first version of Functionbeat as beta, a serverless ingestion for Elasticsearch. Functionbeat is a new addition to the Beats product suite that can easily ingest data in a scalable, reliable and cost efficient fashion.

54248571-6647b900-44fa-11e9-8a03-62939c0024d3.png

Besides getting the logs from AWS Cloudwatch and Simple Queue Service (SQS), the GA version also brings support for Kinesis.

Upgrade Beats Central Management (beta) to the 6.7 version

In the 6.7 version of the Beats Central Management, the schema of the configuration documents used by Kibana has changed. As a result of the template changes, enrolled Beats and tags created prior to 6.7 will not work with the new UI until they are moved to the new format. For this, we have created a one time tool to help you migrate your data from 6.6 to 6.7.

Before running the migration tool, you would need to configure your cluster details in the migrate.yml file under the url, username and password along with ssl.* settings. 

 ./migrate-management-beats

Please check the documentation for more details.

New datasets in the Auditbeat system module

The Auditbeat system module, which was introduced in 6.6, got more functionality in this release:

  • A login dataset that collects log in information by reading /var/log/wtmp and /var/log/btmp.
  • A package dataset that collects the installed DEB, RPM, and Homebrew packages. Like most data sets in the Auditbeat system module, it can send the full list of installed packages but also differential updates (packages added or removed).
  • The process dataset is now enhanced with user information, so it's easy to correlate between users and their processes.
  • A new entity_id is added to the various datasets to enable visualising the number of unique processes, sockets, users, etc. See this ticket for how this field is defined.

Feedback

If you want to try the new features added in Beats  6.7.0, please download it, install it, and let us know what you think on Twitter (@elastic) or in our forum. Enjoy!