In our previous post, we introduced the concept of the Elastic Workplace Search Custom Source API as a means of adding data for which a prebuilt content source integration isn’t available. We used a simple example — a CSV file of contact information — to demonstrate the process along with the use of the associated REST API. In this post, we explore ingesting data from a more complex organizational source: Trello.

With the increasing popularity of Python web frameworks supporting asynchronous I/O like FastAPI, Starlette, and soon in Django 3.1, there has been a growing demand for native async I/O support in the Python Elasticsearch client. Async I/O is exciting because your application can use system resources efficiently compared to a traditional multi-threaded application, which leads to better performance on I/O-heavy workloads, like when serving a web application.

This post is the third in our Kubernetes observability tutorial series, where we explore how you can monitor all aspects of your applications running in Kubernetes, including: We’ll discuss using Elastic Observability to perform application performance monitoring (APM) with the Elastic APM.

Today we are pleased to announce new traffic management features for Elastic Cloud. Now you can configure IP filtering within your Elastic Cloud deployment on Amazon Web Services (AWS), Google Cloud, and Microsoft Azure. We are also announcing integration with AWS PrivateLink. These features help give you greater control over the network security layer of your Elastic workloads.

Detection engineering at Elastic is both a set of reliable principles — or methodologies — and a collection of effective tools. In this series, we’ll share some of the foundational concepts that we’ve discovered over time to deliver resilient detection logic. In this blog post, we will share a concept we call stateful detection and explain why it's important for detection.

This post continues this two-part blog series on further understanding the differences between macOS and Windows on the system level for effective endpoint security analysis. In Part 1, we covered process events. Here in Part 2, we’ll discuss file and network events. As with Part 1, my hope is to help cybersecurity professionals expand and enrich their experiences on a less familiar platform, ultimately helping them to be better prepared to face differences from past experiences.

We recently announced that Elastic Enterprise Search — our combined solution of search products — is now available to deploy as a single solution on Elastic Cloud. While Elastic App Search has been available on Elastic Cloud since early 2020, this is a new and exciting deployment option for Elastic Workplace Search.

Software development and delivery is an ever-changing landscape. Writing software was once an art form all its own, where you could write and deploy machine code with singleness of purpose and no concern for things like connecting to other computers. But as the world and the variety of systems that software supports became more complex, so did the ecosystem supporting software development.

In Part 1 of this blog series, we took a look at how we could use Elastic Stack machine learning to train a supervised classification model to detect malicious domains. In this second part, we will see how we can use the model we trained to enrich network data with classifications at ingest time. This will be useful for anyone who wants to detect potential DGA activity in their packetbeat data.

This post is the second in our Kubernetes observability tutorial series, where we explore how you can monitor all aspects of your applications running in Kubernetes, including: We’ll cover using Elastic Observability to ingest and analyze container metrics in Kibana using the Metrics app and out-of-the-box dashboards.