As another year is coming to an end, let's take time to look at what happened in Lucene land in 2019.

Wow, it's finally here! After 25 fantastic articles we've reached the end of the 2019 Elastic Advent series. We've covered Elasticsearch and Python, Auditbeat, ECS, data transform, jvm options, anomaly detector models, Maps, SSL configuration, Smart query cancellation, data transforms, SLM, the new enrich processor, App Search, and so much more. In the topics we've spoken in German, Greek, English, French, Finish, Spanish and Swedish.

Using percentages when performing data analytics is an essential approach to effective numeric comparison, especially when the data in question demonstrates drastically different sample sizes or totals. Percentages allow for a quick and accurate understanding of how much data sums have changed across a dimensional category like a range of time, geographic regions, product lines, etc.

As attackers continue to evolve and advance their techniques, tactics, and procedures (TTPs), it is crucial for enterprise organizations to deploy necessary countermeasures and defenses to secure their networks. Elastic Security provides an endpoint protection platform (EPP) with some of the most advanced and effective endpoint protections and preventions on the market today.

Tools. As engineers we all love great tools that help our teams work productively, resolve problems faster, be better. But tools can tend to grow in number, require additional maintenance, and most importantly, create silos. Each team has certain responsibilities and is constantly searching for tools that can address specific requirements in the best possible way.

Following the fully featured public beta of the Elasticsearch Service on Microsoft Azure earlier this year, we are pleased to declare it is now generally available! Existing Elasticsearch Service customers can log in and launch deployments on Azure in their existing accounts, and new users can get started with a free 14-day trial of the Elasticsearch Service.

With the addition of new data structures in Lucene 6.0, the Elasticsearch 5.0 release delivered massive indexing and search performance improvements for one-dimension numeric, date, and IP fields, and two-dimension (lat, lon) geo_point fields. Building on this work, the Elasticsearch 6.0 release further improved usability and simplicity of the geo_point API by setting the default indexing structure to the new block k-d tree (BKD) and removing all support for legacy prefix tree encoding.

Software giant Adobe is known the world around for its Photoshop, Illustrator, and Acrobat products, which are rolled into cloud service suites — Creative Cloud, Document Cloud, and Experience Cloud — of other similar software offerings. A number of their products — especially those where image search is critical, such as Adobe Stock — feature slick search capabilities that use Elasticsearch behind the scenes.

We are happy to announce that Elastic Stack 7.5 brings support for the Azure Monitor service in Metricbeat and Azure activity logs and AD (Active Directory) activity reports in Filebeat.

As part of Elasticsearch 7.5.0, a new ingest processor — named enrich processor — was released. This new processor allows ingest node to enrich documents being ingested with additional data from reference data sets. This opens up a new world of possibilities for ingest nodes.

Thousands of customers leverage the official Elasticsearch Service (ESS) on top of Elastic Cloud to get the best experience for running Elasticsearch — including all of Elastic’s exclusive products such as Elastic Logs, Elastic APM, Elastic SIEM, and more.

Hey, there. This is part four of the Elastic SIEM for home and small business blog series. If you haven’t read the first, second, and third blogs, you may want to before going any further. In the Getting started blog, we created our Elasticsearch Service deployment and started collecting data from one of our computers using Winlogbeat. In the Securing cluster access blog, we secured access to our cluster by restricting privileges for users and Beats.

So you want to install Elastic Cloud Enterprise (you know, the orchestration solution for the Elastic Stack that simplifies and standardizes how you deploy, upgrade, resize, configure, and monitor one to many clusters from a single UI/API) Installing ECE on one host isn’t tough. Installing it on two isn’t much harder. However, when you start dealing with 3, 5, 7, 11, etc., the complexity grows, as does the work involved in operating and maintaining (upgrading!) it all.

Within Elastic, the information security team is tasked with security detection and analytics, among many other activities of a typical information security team. To find abnormal and malicious behavior within our environment we leverage Elastic SIEM for investigations and threat hunting. When we find a pattern of behavior we want to be alerted on during an investigation or hunt we take the request JSON behind our investigation and put in to Watcher for alerting.

How do you match health care practitioners to the right job? When The Postgraduate Medical Council of Victoria (PMCV) had to recruit doctors and nurses for the healthcare match system it administers, they needed an efficient solution that would take into account a high number of complex variables while remaining agile and, most importantly, accurate. At UserCentric, we devised a solution that gives PMCV administrators control over the entire recruiting experience.

Last month, the Elastic Security Protections Team prevented an attempted ransomware attack targeting an organization monitored by one of our customers, an IT Managed Service Provider (MSP). We analyzed the alerts that were generated after an adversary’s process injection attempts were prevented by Elastic Endpoint Security on several endpoints. Adversaries often attempt to inject their malicious code into a running process before encrypting and holding the victim’s data to ransom.

We are pleased to announce the general availability of external collection for Elastic Stack Monitoring. With this announcement comes the ability to monitor Elasticsearch, Kibana, Logstash, APM server, and Beats all via Metricbeat modules. Using external collection, users now have the capability to collect and send monitoring data for their Elastic Stack without having to depend on the health of the monitored services.

We’re excited to announce the general availability of version 7.5 of the Elastic Stack. Along with the introduction of Kibana Lens, a fast and intuitive way to craft visualizations, this release offers significant enhancements to our Observability and Security solutions and Elastic Enterprise Search joins the 7.5 release train. Read on to see the highlights and dive into the detailed release posts for all the details.