Elastic Stack 7.7.0: Major updates for Enterprise Search, Observability, and Security

Elastic, the company behind Elasticsearch and the Elastic Stack, announced major updates across the Elastic solution portfolio with dozens of advances to bring efficiency, flexibility, and integrated workflows to teams of every size and across every use case.

These innovations build on a unified platform powered by the Elastic Stack to make data actionable in real-time and at scale for enterprise search, logging, APM, metrics, security, business analytics, and more. Enhancements across the Elastic Stack include:

Elastic Stack 7.7.0

Alerting – Introduces a new alerting framework to bring native alerting workflows to users of Enterprise Search, Observability, and Security solutions within the Elastic Stack.

• Integrates alerting features across the Elastic Stack via Kibana and available within the APM, Metrics, Uptime and SIEM applications, to bring alerting workflows directly to the user, tailored to their unique context and use case.
• Introduces a full alert management UI and powerful new alert interfaces within Kibana.
• Incorporates the ability to trigger predefined actions with third-party integrations with communication and workflow platforms including PagerDuty, ServiceNow, and Slack.

Asynchronous search – Allows long running queries to execute in the background, opening the door to new use cases that trade off cost and latency while searching massive amounts of data.

• Provides the flexibility to balance the speed of search execution, the amount of data that can be searched, and the cost of the hardware to support any use case.
• Enables teams to manage potentially long-running queries in the background, letting teams track progress and retrieve partial results as they become available.

Elastic Enterprise Search

Workplace Search – Brings a relevant, personalized, and modern unified search experience to organizations of all sizes through the general availability of Workplace Search.

• Creates a centralized source of truth for internal teams that seamlessly connects to the world’s most widely adopted workplace applications to simplify finding the content they need.
• Delivers pre-built integrations with the world’s most widely adopted workplace applications including Confluence, Dropbox, GitHub, G Suite by Google Cloud, Jira, Microsoft 365 (formerly Office 365), OneDrive, Salesforce, ServiceNow, SharePoint Online, Zendesk, and more.
• Provides an easily implemented enterprise search solution with out-of-the-box connectivity to SaaS and cloud-based data sources, indexing content from a modern toolchain.
• Brings the power of modern search experiences to more platforms and more users with open Workplace Search APIs.

Elastic Observability

Service maps – Provides a graphical view of the dependencies between the services powering an application.

• Presents real-time view of live data and system dependencies to speed the troubleshooting of issues in today’s distributed and cloud-native environments.
• Offers an aggregate view of how services interact, along with key summary information about each component, allowing teams to toggle between a 50,000-foot view and a granular view with ease.

Expanded integrations – Adds new, out-of-the-box integrations to collect logs and metrics from many common data sources across the infrastructure ecosystem and simplifies instrumentation across all layers of the technology stack.

• Ensures teams can quickly gather the context they need from a system to investigate and debug new and complex problems within their infrastructure.
• Key integrations include:
• AWS Lambda, Virtual Private Cloud, Amazon Aurora, DynamoDB
• Azure Database accounts, Kubernetes, and container metrics
• Google Cloud Platform Pub/Sub and Load Balancing
• IBM MQ
• Istio
• MQTT
• Pivotal Cloud Foundry
• Prometheus
• Redis Enterprise

Elastic Security

Case management – Introduces case management features built into Elastic Security, along with direct integration into ServiceNow ITSM.

• Provides security operations teams more control over detection and response workflows allowing analysts to open, update, tag, comment on, close, and integrate cases with external systems.
• Integrates case management with ServiceNow ITSM, allowing analysts to forward information from Elastic SIEM to the ServiceNow platform for cross-org ticket tracking and remediation.

Security notifications – Reduces mean time to respond with direct integrations into existing security operation workflows.

• Leverages the new alerting framework in the Elastic Stack to surface key anomalies and threats with instant notifications from Elastic SIEM to third-party systems, including email, Slack, and PagerDuty

“The new Elastic Stack integration with PagerDuty enables our joint customers to trigger customized actions on the PagerDuty platform to proactively respond to operations issues,” said Steve Gross, senior director of strategic ecosystem development, PagerDuty.

“Whether you’re monitoring server health metrics or suspicious login attempts, the enhanced alerting framework in the Elastic Stack enables DevOps engineers and security practitioners to sleep easier.”

“This release highlights the power of building our Enterprise Search, Observability, and Security solutions on top of the Elastic Stack. It allows us to introduce core features like alerting, which benefit all of our users, and also build the tailored user experiences that IT, operations, and security teams need to improve visibility, work more efficiently, and scale as their needs evolve,” said Steve Kearns, vice president, product management at Elastic.