Elastic 7.15 addresses the SRE crowd with enhanced isolation and analysis capabilities • DEVCLASS
Elastic, owner of an assortment of research and data analysis tools, has updated its product stack with refined versions of its application performance management correlation feature and web crawler , changing the version number to 7.15.
As in the last two versions, most of the interesting changes are in the new Elastic Observability and Security components. The latter, for example, was equipped with “protection against malicious behavior” – a combination of post-execution analysis and response actions to prevent things like theft of credentials via a dump. memory, process injection via shell code, and advanced persistence techniques.
To help users find out why an alert was triggered, the latest iteration of the Security Alerts table comes with a Reason field and flyout menus with alert summaries are available. If the trigger has anything to do with suspicious behavior in a Linux environment, users can quarantine the machine in question through the user interface, as the host isolation features have been extended to cover Linux as well. than Windows and macOS machines.
Another form of information provides the Elastic APM correlations functionality now generally available. By visualizing the data potentially connected to high latency transactions or failures, the new addition can help SREs find the reason for slow operations. The APM user interface has also been reworked with two new troubleshooting views and features to show external dependencies and their behavior over time.
Teams working in isolated environments might be interested to learn that the Elastic Package Registry is now available as a Docker image, which can be run on any infrastructure. However, this self-managed option is still running and may not yet be used in production settings.
For version 7.15 of the Elastic Elastic Cloud software as a service product, the company primarily focused on ways to improve how deployments work with Google Cloud. Users should now be able to use Google Cloud’s own extract, transform, and load services to ingest data from Cloud Storage, Big Query, and Pub / Sub through the new Google Cloud Dataflow data source integration. While this is intended to increase the speed of operations, the recently added Google Private Service Connect seeks to keep data off the Internet by providing private connectivity from the Google Cloud virtual private cloud to Elastic Cloud deployments.
The Elastic Elasticsearch cornerstone project hasn’t seen too many additions, but there are new APIs for estimating disk usage of index fields and generating vector titles from geospatial data. Enterprise Search, a commercial offering based on Elasticsearch, has been equipped with the final version of the Elastic App Search crawler. After being introduced earlier this year, the tool is no longer in beta and can be used to index and extract web content in application search engines.
Apart from that, Enterprise Search now includes easy branding integration for the search interface and configurable autofilter detection in the Workplace Search component.