Operations | Monitoring | ITSM | DevOps | Cloud

Latest Posts

How to build a malware analysis sandbox with Elastic Security

As a security analyst on Elastic’s InfoSec team, a common scenario we see is users coming to our team and asking: “Is this file safe to open?” Or one user reports a phishing email with an attachment that they didn’t open, but we see from the logs that 10 other users also received that email but didn’t report it and no alerts went off on their systems.

Introducing Elastic License v2, simplified and more permissive; SSPL remains an option

When we announced our license change for Elasticsearch and Kibana, moving the Apache 2.0-licensed source code to be dual licensed under both the Elastic License and SSPL, we also mentioned we would work closely with the community on a simplified and more permissive version of the Elastic License. I am happy to share the results with you. The Elastic License is already widely used.

How we're making date_histogram aggregations faster than ever in Elasticsearch 7.11

Elasticsearch's date_histogram aggregation is the cornerstone of Kibana's Discover. And the Logs Monitoring UI. I use it all the time to investigate trends in build failures, but when it is slow I get cranky. Four seconds to graph all of the failures of some test over the past six months! I don't have time for that! Who is going to give me my four seconds back?! So I spent the past six months speeding it up. On and off.

Elastic powers Shell's flexibility to thrive in the energy sector

Shell International knows that it takes cutting-edge technology to thrive in the competitive, global energy industry. With projects around the world, in both renewable and non-renewable energy, Shell must always have insights into the future. From determining expected output to predicting equipment failures, there's no room for guessing in an industry where downtime is unacceptable.

How to export and import Timelines and templates from Elastic Security

When performing critical security investigations and threat hunts using Elastic Security, the Timeline feature is always by your side as a workspace for investigations and threat hunting. Drilling down into an event is as simple as dragging and dropping to create the query you need to investigate an alert or event.

Personalizing Elastic App Search with results based on search history

With Elastic App Search, you can add scalable, relevant search experiences to all your apps and websites. It offers a host of search result personalization options out of the box, such as weights and boosts and curations. You could also add a these documents might interest you feature, which would surface additional content for users, similar to documents they’ve previously searched for. This post walks you through the process of creating this capability using the robust App Search APIs.

How to map custom boundaries in Kibana with reverse geocoding

Want to create a map of where your users are? With the GeoIP processor, you can easily attach the location of your users to your user metrics. Right out of the box, Kibana can map this traffic immediately by country or country subdivision: Plus, the new User Experience app for Elastic APM automatically creates maps based on monitoring data: But what if you want to take this one step further and create maps with different regions?

Amazon: NOT OK - why we had to change Elastic licensing

We recently announced a license change: Blog, FAQ. We posted some additional guidance on the license change this morning. I wanted to share why we had to make this change. This was an incredibly hard decision, especially with my background and history around Open Source. I take our responsibility very seriously. And to be clear, this change most likely has zero effect on you, our users. It has no effect on our customers that engage with us either in cloud or on premises.

Doubling down on open, Part II

We are moving our Apache 2.0-licensed source code in Elasticsearch and Kibana to be dual licensed under Server Side Public License (SSPL) and the Elastic License, giving users the choice of which license to apply. This license change ensures our community and customers have free and open access to use, modify, redistribute, and collaborate on the code.