What’s new in Elastic 8.9
This release provides faster search performance and increased SIEM capabilities along with a tech preview of Reciprocal Rank Fusion for hybrid search. Importantly, the beta release of the Elastic AI Assistant for Security is also included to increase the productivity of security teams using the power of generative AI.
Elastic Security includes the beta release of Elastic AI Assistant for Security, powered by ESRE™ to help accelerate analyst investigations. The 8.9 release also boasts the general availability of several new features, including enhanced rule management and tuning, advanced analytics for Lateral Movement Detection, an upload command for faster remediation response, and augmented onboarding via support for AWS CloudFormation.
Elastic Search (also known as Elastic Enterprise Search) showcases the tech preview of Reciprocal Rank Fusion (part of ESRE) for hybrid search for even more performant search experiences, new ServiceNow and Dropbox connectors, and more.
Elastic Observability contains the tech preview of Elastic AI Assistant for Observability, powered by ESRE, and the potential to achieve up to a 70% reduction in storage through the general availability of integrations leveraging Elastic TSDS.
As you know, all of Elastic’s out-of-the box solutions are built on one platform — the Elasticsearch platform. As a result, all users, regardless of use case, benefit from the following core enhancements:
-
The general availability of performance improvements to cross cluster search, faster search aggregations, and high cardinality aggregations
-
The general availability of semantic search using dense vector embeddings in a single API call or dense vector search acceleration
-
The general availability of ResponseOps (Kibana Alerting) and GAI-enhanced log rate spike explanations
-
Combining different search strategies with new components of ESRE like Elastic’s Learned Sparse Encoder with BM25 text ranking and applying additional relevance using Reciprocal Rank Fusion (RRF), now in Tech Preview
In more details
-
Elasticsearch: Better indexing and search performance under concurrent indexing and search, Add multiple queries for ranking to the search endpoint, Text embedding for kNN search is GA, Asset tracking - geo_line in time-series aggregations
-
Elastic (Enterprise) Search: Get up and running quickly with semantic search powered by Elastic Learned Sparse Encoder, without the need to call third-party APIs or generate your own embeddings, build hybrid search experiences by combining lexical search and semantic search without the need to write custom scoring functions or tweak model parameters, SharePoint Online connector is now GA, Document level security (DLS) is easier for developers to include DLS in their customized connectors, Content extraction for large files (technical preview), connector framework has incremental sync support which makes it easier for developers to speed up and simplify updates for customized connectors, ServiceNow connector client (beta), Dropbox connector client (beta).
-
Observability: Introducing Elastic AI Assistant use cases for Observability - log message, APM errors, log alerts, host processes and profiling (technical preview supporting Azure OpenAI and OpenAI): Provides the ability to use generative AI to look up the meaning of the log message details, to explain an error or stack trace in APM and suggest remediations, to explain what caused the spike in log messages and provide potential root cause and remediation steps, to get details on a process and how to optimize the process for resources like CPU or memory and to explain the most expensive processes/functions and provide details on how to optimize the function, Collect metrics from linked Amazon CloudWatch accounts, Hosts page available in Beta (a metrics-driven view of your infrastructure), Analyze the storage footprint of your APM data with storage explorer - GA, Unlock up to 70% metrics storage savings with TSDS enabled integrations (Kubernetes, Nginx, System, AWS, Azure, RabbitMQ, Redis, and more popular Elastic Observability integrations), Rules as code with the Terraform Elastic Stack provider, Enhancing Service Level Objectives with Multi-window burn rates & custom metrics.
-
Security: Elastic AI Assistant enhancements (centralized UI for configuring settings, anonymization of data sent to/from the AI provider, monitoring of AI provider token usage), Detection rules enhancements (New UI for installing and upgrading prebuilt detection rules, Monitor rule performance with the new Detection rule monitoring dashboard, Automated endpoint response actions for rules, Rule exceptions auto-populated with alert data, Interactive investigation guides are now generally available, Prebuilt rule updates, Manage and filter alert tags), New integrations (Arista Firewall, Google Cloud Security Command Center, Microsoft Defender for Cloud, Okta (Entity Analytics), SentinelOne Cloud Funnel, Zero Networks Firewall), Upload files to an endpoint with new
upload
response action, Cloud Security enhancements (New CloudFormation deployment for Cloud Security Posture Management (CSPM), Discover vulnerabilities with the new Cloud Native Vulnerability Management dashboard), Cases enhancements (category for cases, Lens visualizations in cases from anywhere, case details Alerts tab now displays the number of alerts attached to a case, new improved template for Email notifications)
Deploy / Download / Upgrade now!
Elastic 8.9 is available now on Elastic Cloud — the only hosted Elasticsearch offering to include all of the new features in this latest release.
New to Elastic? Welcome aboard. You can get started today with a free 14-day trial of Elastic Cloud. Or, if the benefits of using a managed service have yet to win you over, you can always download a self-managed version of the Elastic Stack for free.
Release blogs
Learn more with our release blog posts: