Elastic on Elastic - Configuring the Security app to use Cross Cluster SearchThe Elastic Infosec Detections and Analytics team is responsible for building, tuning, and maintaining the security detections used to protect all Elastic systems. Within Elastic we call ourselves Customer Zero and we strive to always use the newest versions of our products. In the previous blog posts we gave an overview of our architecture and what data we send to our clusters. In this blog post we will provide i
While developing Elasticsearch, we occasionally come across an important problem with no simple or established approach to solving it. It’s natural to ask “hmm, is there an academic paper that addresses this?” Other times, academic work is a source of inspiration. We’ll encounter a paper proposing a new algorithm or data structure and think “this would be so useful!” Here are just a few examples of how Elasticsearch and Apache Lucene incorporate academic work:HyperLogLog++ for cardinality aggreg
Today we’re excited to announce the latest development in our ongoing partnership with Google Cloud. Now developers, site reliability engineers (SREs), and security analysts can ingest data from Google Pub/Sub to the Elastic Stack with just a few clicks in the Google Cloud Console. By leveraging Google Dataflow templates, Elastic makes it easy to stream events and logs from Google Cloud services like Google Cloud Audit, VPC Flow, or firewall into the Elastic Stack. This allows customers to simpl
We are proud to announce the preview release of the Elastic APM iOS agent! This release is intended to elicit feedback from the community, while providing some initial functionality within the Elastic Observability stack and is not intended for production use. Now is your chance to influence the direction of this new iOS agent and let us know what you think on our discussion forum. If you find an issue, or would like to contribute yourself, visit the GitHub repository. Elastic APM is an Applica
Within the French Ministry of Agriculture and Food (the Ministry), our team of architects in the Methods, Support and Quality office (BMSQ) evaluate and supply software solutions to resolve issues encountered by project teams that affect various disciplines. As data specialists, one area we’ve been involved in includes reconfiguring the traceability of activities for the commercial fishing industry. The aim is to improve the quality, speed and precision of how we collect and analyze large volume
Elastic Security 7.15 further arms the SOC to achieve extended detection and response (XDR). Malicious behavior protection applies behavior analytics to prevent attack techniques often leveraged by named threats by performing dynamic, stateful correlation of on-host events, and then reacting instantly to disrupt attacks before they cause damage. Memory threat protection now safeguards Windows hosts, stopping attacks designed to evade most other defenses. To accelerate response and prevent damag
Elastic Observability 7.15 introduces the general availability of automated correlations, unified views across application service logs and dependencies, and agentless log ingestion from Google Cloud Platform (GCP), accelerating troubleshooting of root causes of application issues and making it even easier to ingest telemetry from cloud services. These new features allow customers to:
Automatically surface attributes of the APM data set that are correlated with high-latency or erroneous