Cloud API logs are a significant blind spot for many organizations and often factor into large-scale, publicly announced data breaches. They pose several challenges to security teams: For all of these reasons, cloud API logs are resistant to conventional threat detection and hunting techniques.

Cache is king for speedy data retrieval. So if you’re interested in how Elasticsearch leverages various caches to ensure you are retrieving data as fast as possible, buckle up for the next 15 minutes and read through this post. This blog will shed some light on various caching features of Elasticsearch that help you to retrieve data faster after initial data accesses.

Your logs, metrics, security, and trace data are all invaluable to you. They are mission critical for your observability and security needs. As your IT infrastructure grows and keeps generating more and more data, your data volumes and data storage needs go up accordingly. It can quickly become cost-prohibitive to indefinitely store all of it on your hottest machines.

Today, I’m happy to share more about our partnership and commitment to our users that they will have the best possible experience of both Elasticsearch and Grafana, across the full breadth of Elasticsearch functionality, with dedicated engineering from both Grafana Labs and Elastic. Through joint development of the official Grafana Elasticsearch plugin users can combine the benefits of Grafana’s visualization platform with the full capabilities of Elasticsearch.

For the 7.10 release of Elastic Workplace Search, we highlighted some of the new analytics logging capabilities and took you through a short walkthrough of some sample analysis scenarios. With the 7.11 release we introduced analytics fields, which open up new possibilities for exploring query and click data with helpful dashboards and visualizations.

We are excited to bring you a number of updates for using Elastic Cloud (Elasticsearch managed service) in the AWS Marketplace.

We're excited to announce that autoscaling is now available on Elastic Cloud. In our initial release, autoscaling monitors the storage utilization of your Elasticsearch data nodes and the available memory capacity for your machine learning jobs.

It is incredibly useful to be able to identify the most unusual data in your Elasticsearch indices. However, it can be incredibly difficult to manually find unusual content if you are collecting large volumes of data. Fortunately, Elastic machine learning can be used to easily build a model of your data and apply anomaly detection algorithms to detect what is rare/unusual in the data. And with machine learning, the larger the dataset, the better.

Back in our 7.10 release of the Elastic Stack, we announced the beta of our Ruby and Python clients for Elastic Enterprise Search. Now, with 7.11, both the Ruby and Python clients are generally available. We’ve also begun work on a PHP client. All client source code for both enterprise-search-ruby and enterprise-search-python is available on GitHub. Documentation on how to get started with each client is available on elastic.co.

When it comes to your SIEM, your data is only as useful as your ability to ingest and analyze it. To solve complex security problems, your team ideally needs the ability to comprehensively monitor events within your environment with contextual insights from high-volume data sources.