With almost all deployed software systems consisting of multiple moving parts, it’s hard to find arguments against centralized aggregation of log entries. Deployment technologies like lightweight virtualization, Kubernetes, and serverless computing tend to spread out the components of a system across a large number of runtime primitives. Gaining visibility into the state and history of such systems is as important as ever but can also be more difficult than ever.

For several months, the Intelligence & Analytics team at Elastic Security has tracked an ongoing adversary campaign appearing to target Ukranian government officials. Based on our monitoring, we believe Gamaredon Group, a suspected Russia-based threat group, is behind this campaign. Our observations suggest a significant overlap between tactics, techniques, and procedures (TTPs) included within this campaign and public reporting.

We’re pleased to announce that along with the release of the machine learning inference ingest processor, we are releasing language identification in Elasticsearch 7.6. With this release, we wanted to take the opportunity to describe some use cases and strategies for searching in multilingual corpora, and how language identification plays a part. We’ve covered some of these topics in the past, and we’ll build on these in some of the examples that follow.

We are excited to announce that Elastic will offer free, monitored Elastic Endpoint Security to the 2020 US presidential and congressional campaigns in partnership with Defending Digital Campaigns. Defending Digital Campaigns (DDC) is a non-partisan organization that provides low- and no-cost security products and services to federal campaigns to help defend them from cyberattacks and election interference.

We highly recommend that all App Search users keep their deployments up to date with the latest available version to have access to new features, security updates, and performance improvements. This guide is designed to help customers through the upgrade process, to minimize the impact of an upgrade on production environments, and to ensure data safety during an upgrade. Finally, the guide helps App Search users troubleshoot any issues that may occur during an upgrade.

We are excited to announce the general availability of version 7.6 of the Elastic Stack. This release streamlines automated threat detection with the launch of a new SIEM detection engine and a curated set of detection rules aligned to the MITRE ATT&CK™ knowledge base, brings performance improvements to Elasticsearch, makes supervised machine learning more turnkey with inference-on-ingest features, and deepens cloud observability and security with the launch of new data integrations.

When Splunk was first released almost 20 years ago, it helped many organizations realize the power of logs to gain business insights with pricing based on the volume of data ingested per day. Over the last two decades, the volume, variety, and velocity of data generated by systems and users have grown exponentially. The demands of business and operations have quickly moved beyond compliance and basic reporting.

In a previous blog post, we introduced a new method of monitoring the Elastic Stack with Metricbeat. Using Metricbeat to externally collect monitoring information about Elastic Stack products improves the reliability of monitoring those products. It also provides flexibility with how the monitoring data may be routed to the Elasticsearch monitoring cluster.

With Elastic App Search, you can easily add rich, powerful search to your website, applications, or mobile apps. And now you can deploy directly from the Elastic Cloud. App Search is built on top of Elasticsearch, meaning that it’s highly scalable and fast. It comes out of the box with pre-tuned relevance, but gives you plenty of user-friendly options for fine-tuning results to customize the search experience.

We're excited to announce that Elastic App Search is now generally available on Elasticsearch Service. App Search is a ready-to-use, fully complete search solution with user-friendly relevance tuning and analytics built in. And starting today, you can deploy App Search instances with the click of a button right from the Elasticsearch Service dashboard. Now you can get all the tooling needed for a powerfully relevant search experience with the operational flexibility and scale of Elastic Cloud.