We’re pleased to announce When searching data, “where” is a common and important question. Whether you’re trying to identify whether an outage is a local or global issue, locating adversaries attacking your network, or simply tracking where your food delivery is, Elasticsearch and the Elastic Stack can answer the “where” questions with geospatial data. Elasticsearch 7.14 includes several updates that make the Elastic Stack even more of a geospatial powerhouse. Query geo shapes by height, width, and centroid with runtime fields Normally, geo shape information is not available within the Lucene index, but this is information that can be computed from the geo_shapes. By using the new Painless script support for geo_shape field type in Elasticsearch 7.14, you can generate runtime fields that contain information about the geometric characteristics of geo_shapes and query and aggregate on these fields. Using Painless, you can run queries using runtime fields on information like a shape's height, width, and centroid. Geotile grid aggregation over geo_shape is 15% faster The geoip processor adds information about the geographical location of an IPv4 or IPv6 address. By default, the processor uses the GeoLite2 City, GeoLite2 Country, and GeoLite2 ASN GeoIP2 databases from MaxMind. Elasticsearch can also run custom databases like other city, country, and ASN GeoIP2 databases. In 7.14, you can now update and reload custom databases at runtime. Updating and reloading at runtime gives you the ability to test the custom database and have a fallback to the default databases if there is an issue. Elasticsearch 7.14 introduces a new field type called match_only_text. Match_only_text can be used as a drop-in replacement for the text field type in logging datasets and leads to a 10% reduction of storage requirements. The compromises done to achieve this significant cost reduction are typically irrelevant for logs data: relevance score is calculated by number of matching terms (but who does relevance ranking on logs?), span queries are not supported, and phrase and intervals queries are slower — nothing that logs indices users will miss. Read our dedicated blog post to learn more about this new field type. Since the introduction of data tiers and node roles, there is a need for an API to migrate old node attributes to node roles. In Elasticsearch 7.14 we are introducing a new API to migrate the existing indices, and ILM policies to use node roles (specialized data tiers) for allocation routing. New range aggregation Aggregation performance enhancements Faster performance is always great, but how about lowering the consumption of heap memory? In 7.14 we are improving the heap memory usage of composite aggregation by avoiding global ordinals. Composite aggregations no longer need global ordinals, reducing resource consumption for batch-like jobs such as transform. Elastic’s machine learning transforms help create a data set from converting existing Elasticsearch indices into entity-centric indices that summarize the behavior of data you are interested in. Search enhancements Elasticsearch machine learning Transforms are now able to support the top metric aggregation. This will improve performance when grouping by many fields. If these fields are descriptive and have the same cardinality (for example, customer first and last name describe their customer_id), then using top metrics significantly reduces the work needed to be done by aggregations. It is also a usability improvement if configuring top or last value, which previously would have required a scripted metric. The {ref}/ml-reset-job.html makes it easier to start anomaly detection jobs again from scratch, to put a job back to the state it was in immediately after creation — equivalent to deleting it and recreating it, but without the need to remember the configuration. It also simplifies support, as you will be able to reset their job by a single click. 7.14 is another great release for Elasticsearch, and we couldn't cover all of it within this blog. Be sure to check out more in the release highlights. Ready to get your hands dirty and try some of the new functionalities? Spin up a free 14-day trial of Elastic Cloud or download Elasticsearch today. If you’re new to Elastic Cloud, take a look at our Quick Start guides (bite-sized training videos to get you started quickly) or our free fundamentals training courses. Try it out and be sure to let us know what you think on Twitter (@elastic), in our forum, or on our community slack channel. The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all.
Autentifică-te pentru a adăuga comentarii
Alte posturi din acest grup
Version 7.17.27 of the Elastic Stack was released today. We recommend you upgrade to this latest version. We recommend 7.17.27 over the previous versi
