We were @Elastic{ON} Tour

On November 5th, we attented for the first time, the French stop of Elastic{ON] Tour in Paris, to learn more about our favorite search engine.

After an introduction, somewhat romanced from creator Shay Banon himself, in which we learned that his wife is a chef, we assisted in a prestigious venue at a complete review of the new major release (+2500 PR): the 2.0 ! Among the enhancements and new features, here is a focus on what particularly caught our attention.

 

Kibana 4

No need to present Kibana, the little star of the ELK stack. Here, no revolutionary news, but the display interface still underwent a complete overhaul. In addition, it now has a dedicated backend server (in nodejs) that improves among other, many security-related aspects, and the frontend was also completely revised. We can note the integration of D3 library for rendering charts and it is now possible to export the displayed data. Big news, it is also possible to integrate and generate clickable links directly in the interface.

 

Aggregation pipeline

One of the strong elastic search point is of course the aggregation engine. It is an essential building block of the use of the product including analytics. The new version introduces the aggregation “pipelines”, which allow to push the limits encountered by combining the aggregation functions one after the other. Despite very theoretical examples given during the presentation (boring derivative), it’s easy to imagine the power of such a tool. Needless to say, that this feature has obviously been included in the new Kibana!

 

Watcher

A bit like the well known “triggers” implemented in relational databases, this new extension promises to set up an alert system. Few details were given in this presentation on the implementation, and nothing was said about the cost involved. But the use seemed flexible and possibilities powerful since there are almost no limits to their use

 

Shield

Until now, access rights management was one of the recurring needs of elastic but not so well satisfied. Shield, an existing but limited tool has changed a lot for this new version. In addition to offering an LDAP compatibility and encryption of data exchanges, he finally allows to set rules based on the data itself. Victory !

 

Core

Of course, the designers and Climton Gormley in particular, have long insisted on the improvements of the core of elastic itself, which are less sensational announcements but still significant:

  • Decreased network traffic (exchange between shards by differentials)
  • Significant improvement in indexs compression in Lucene 5.0 (up to 30%)
  • Reduction of the use of the JVM Heap (direct access by the system)
  • Time saving restorations
  • Etc

 

So, that’s it for this brief report, which we hope will make you want to discover this new version as much as we do. Elastic search and whole ELK stack remain a very attractive solution, from our point of view still promises a bright future for our applications with an increasing variety of uses.