We are pleased to announce the release of Elastic Logs 7.4.0 — available on the Elasticsearch Service, or as part of the default distribution of Elastic Stack. This release brings a new IBM MQ module, the ability to read logs from Amazon S3, as well as several new improvements in the Logs app.
AWS S3 input and module for server access logs
AWS S3 service can be used for storing different types of logs, such as S3 server access logs, VPC flow logs, ELB access logs, and Cloudwatch logs. We’ve added a dedicated Filebeat input to retrieve raw log lines from S3 objects. We also started down the path of introducing modules to parse common log types stored in S3.
In 7.4 we’ve added a module for S3 server access logs that provides detailed records for the requests that are made to an S3 bucket. These logs are useful to understand how S3 service is used, to support security and access audits, and investigate S3 usage charges.
IBM MQ log analytics
IBM MQ is a family of message-oriented middleware products from IBM that power some of the most important enterprise applications. In 7.4 we’ve added a new module for consuming IBM MQ error logs with Filebeat. We developed this module by collaborating with our community members that run some of the most demanding MQ environments in the world. The module has been tested with IBM MQ v18.104.22.168, but it should be compatible with older versions as well. The module comes with a dashboard for viewing these logs.
Improved navigation between highlighted results
In 7.4, the Logs app builds on top of the “Highlights” feature to introduce additional navigation between highlighted items, via “Previous” and “Next” buttons as well via the minimap display. This allows users to jump between potential areas of interest in massive amounts of logs with ease.
Reorderable column configurations
Finally, we added the ability to reorder columns via drag and drop, a small but meaningful improvement for users investigating structured logs with many different fields in the Logs app.
See it in action!
You access the latest version of the Elastic Logs application on the Elasticsearch Service on Elastic Cloud by creating a new cluster, or upgrading an existing cluster the day of release, or you can download it as part of the default distribution of the Elastic Stack.