We are excited to introduce Elastic Maps, a brand new way to map, visualize and query your location data in Kibana.
Whether you're monitoring the source location of a DDoS attack in real time, mapping top cities driving your web traffic or stringing together queries like "How many taxis were available in the Chicago Financial District in the past 5 minutes?", location is an integral component of most search experiences powered by the Elastic Stack. Elastic Maps significantly expands on the existing region maps and coordinate maps visualizations in Kibana, and introduces a tailored solution with a suite of new features for geospatial analysis. Elastic Maps is launching as a beta feature in version 6.7, and ships in the free default distribution of the Elastic Stack.
New features in Elastic Maps
Let's take a quick look at all of the great new geo functionality that ships with Elastic Maps.
Multiple layers, multiple data sources
Add any number of layers to your map from a variety data sources.
Data sources include:
- Documents and grid aggregations from Elasticsearch
- Files and tiles served by the Elastic Maps Service
- Self-hosted or 3rd party hosted vector layers and image services, including custom GeoJSON, tile services, or OGC Web Map Services
Multiple layer types are supported, each bringing its own set of functionality:
- Use vector layers for vector data like GeoJSON, Elasticsearch documents, or grid aggregations. Style features in these layers based on properties of the data and enrich those features with metrics derived from other data sources.
- Use heatmap layers to show densities of your Elasticsearch data at different resolutions.
- Use raster layers for background layers or custom overlays, like weather maps or satellite imagery
Map individual documents
As long as your index pattern has a geo_point or geo_shape field, with Elastic Maps, you can put individual documents as features on a map. These documents are fully filterable with KQL or Lucene queries. Another advantage is that, unlike the region maps visualization, you no longer need to setup external services to deliver contextual map data, like boundary layers. Just index your features into Elasticsearch, and bring them in as a layer.
All properties of the vector features on a map, like lines and fills, can be styled individually. Line and fill colors as well as line and symbol sizes can also be driven by properties of your features. You can map numerical values to a color ramp, in the case of line and fill colors, or to a pixel-size range in the case of line size or symbol size.
Overview first, detail on demand
You can set scale-ranges on the visibility of individual layers. Take this approach to show the correct visual representation of your data at all scales.
A common example is to show a heatmap with density plots when the user is zoomed out at small scales. As the user zooms in, start showing clusters of documents. Then, as the user reaches a level where the clusters get smaller and smaller, start showing the actual individual features. While the user is zooming, they can use the tooltip functionality to read out either the aggregate metrics for a cluster, or, when zoomed in all the way, the field values of the individual documents that make up the cluster.
Mashup your data with your data (or our data, or their data, or...)
As an example, have you ever wanted to create a map of zip codes, on which each zip code is symbolized by aggregated metrics from your business data in Elasticsearch?
That’s easy with Elastic Maps. Just bring in the zip code data as layer, and join them to metrics from another dataset.
Kibana already offers a similar capability in the existing region map visualization, but now you can join your layers to any number of additional data sources. This allows you to style your shapes or icons based on multiple metrics. For example, the size of an icon can be driven by one metric, and the color of that same icon by another metric.
Select which information you would like to see in a tooltip. These include source values of a raw document, aggregation values for grid clusters, label values of layers from the Elastic Maps Service, and joined values from other indices.
Real-time Kibana goodness
Elastic Maps is fully integrated with the existing functionality of Kibana and Elasticsearch. You can filter your data in real time using full text search, and run queries using the KQL and Lucene query languages.
Time-based data works on the map as you would expect. Use the global Kibana time picker to select time-slices of your data, or use the Kibana auto-update settings to view your data update in real time.
Looking towards GA
Elastic Maps is in beta, but we are already looking towards the GA release. The team is actively working on two main features in order to make that milestone happen:
- Full embeddability: Embed maps in a dashboard, and have them behave just like any other visualization on a dashboard. Send filters from the map to the Kibana global filter bar, and have global filters and queries sent from other visualizations apply to your map.
- GeoJSON upload: Ingesting geo-features with the Elastic Stack should be easy, and upload support for a GeoJSON file is the first step in making that happen. Just drag and drop into your map to index those features into Elasticsearch.
Learn more about Maps
We also encourage you to attend the free Elastic Maps for Geospatial Analysis webinar on on April 10th, 2019. If you're reading this after the 10th, don't worry, all webinars are recorded and saved to the same URL as they're presented from.
We look forward to hearing your thoughts and comments on the Elastic Maps beta. Please feel free to submit feature requests and bugs in the Kibana GitHub repo, and talk how-why-what on the Kibana discuss forum.