🎉 What’s new in Elastic 8.16

Announcements
1

:tada: What’s new in Elastic 8.16

Learn about Elastic 8.16 which includes the first release ever of the Better Binary Quantization (BBQ) within a vector database, an updated Kibana experience, cloud assets protection and more.

8.16
8.161920Ă—1080 162 KB

Better Binary Quantization (BBQ)

Better Binary Quantization (BBQ), a cutting-edge optimization for vector data that achieves up to 32x compression benefits on vector data without compromising on accuracy. Elastic is proud to be the first to provide this capability to users of our distributed and scalable Elasticsearch vector database for the reduction and scale of workloads that depend on large data sets. Want to try it? Create your index this way:

PUT my-byte-quantized-index
{
  "mappings": {
    "properties": {
      "my_vector": {
        "type": "dense_vector",
        "index_options": {
          "type": "bbq_hnsw"
        }
      }
    }
  }
}

Elastic’s open inference API

Elastic’s open inference API is now GA. It enables you to create endpoints and use machine learning models from popular inference providers like Anthropic, Mistral, Cohere. From 8.16, we also provide support for Watsonx.ai Slate embedding models and Alibaba Cloud AI embedding models, reranking capabilities, and completion support for the Qwen LLMs family. These endpoints can be used in semantic_text for easy retrieval with retrievers for semantic queries, kNN queries, and semantic reranking.

New adjustable chunking options for semantic_text

semantic_text now supports new adjustable chunking options, giving users the flexibility to modify our native chunking strategy for vectorized data from word chunking to sentence and to adjust chunking window size. For example, using ELSER with a sentence strategy with a chunk size of 100:

PUT _inference/sparse_embedding/small_chunk_size
{
  "service": "elasticsearch",
  "service_settings": {
    "num_allocations": 1,
    "num_threads": 1
  },
  "chunking_settings": {
    "strategy": "sentence",
    "max_chunk_size": 100,
    "sentence_overlap": 0
  }
}

Recommended ES|QL queries

Creating queries in the ES|QL editor is now easier than ever. Recommended queries help streamline the process, especially for users unfamiliar with syntax or data structures. This feature reduces query creation time and simplifies the learning curve for both new and experienced users. You can now quickly select recommended queries from the ES|QL help menu or use autocomplete to get started faster.

Recommended ES|QL queries
Recommended ES|QL queries1172Ă—606 56.1 KB

Faster sorting by distance in ES|QL

Having exposed the complete geosearch capabilities in ES|QL, we turned our attention to performance optimization — starting from the frequent case of filtering to sorting the results by distance. We got performance improvements of 10x to 100x faster for a range of queries that involve searching for documents within distances and/or sorting documents by distance. This also includes the ability to define the distance function in EVAL commands before using them in WHERE and SORT commands. Our best results — with around 100x faster queries — are the very useful top-N queries, sorting and limiting the results, as presented in our nightly benchmark dashboard:

ES|QL Benchmark
ES|QL Benchmark1898Ă—954 129 KB

Elastic Open Web Crawler is in Beta

The Elastic Open Web Crawler is now in beta. It's managed via CLI for efficient website data ingestion and storing vector data in Elasticsearch.

Elastic AI Assistant for Search

Improve how you use Elasticsearch and Kibana with a built-in Elastic AI Assistant for Search.

Elastic AI Assistant for Search
Elastic AI Assistant for Search1999Ă—1989 361 KB

File uploader PDF support

The file uploader provides an easy way to upload data and start using Elastic in seconds. Now, you can upload data from PDF files and head to Search Playground with one click. Use it for fast time to data and Elastic’s technology.

Amazon Bedrock integration for LLM observability

Amazon Bedrock integration for LLM observability adds comprehensive monitoring capabilities for LLM applications built on Amazon Bedrock. This new integration provides out-of-the-box dashboards and detailed insights into model performance, usage patterns, and costs — enabling SREs and developers to effectively monitor and optimize their generative AI (GenAI) applications built on Amazon Bedrock in addition to existing support for applications that use Azure OpenAI.

Automated OTel Collector lifecycle and application auto-instrumentation with EDOT SDKs

We now use the OpenTelemetry Operator to automate the entire EDOT collector lifecycle, from deployment to scaling and updating. With automatic instrumentation via EDOT SDKs that support multiple languages like Node.js, Java, Python, and more, users can focus on applications instead of observability instrumentation. This three-step flow simplifies the deployment of OpenTelemetry for Kubernetes with Helm:

Automated Kubernetes infrastructure and application monitoring
Automated Kubernetes infrastructure and application monitoring1912Ă—1694 255 KB

Prepackaged OTel Kubernetes

We have bundled all essential OTel components for Kubernetes observability, including receivers and processors. OTel-native Kibana dashboards give you comprehensive observability without manual configuration. By leveraging receivers like the Kubernetes and Kubeletstats Receivers, we now bring you turnkey observability that simplifies the monitoring process across Kubernetes environments.

Direct tracing to Elasticsearch with EDOT Collector

No schema conversions! EDOT Collector eliminates the need for an APM server, allowing trace data to flow directly into Elasticsearch via the Elasticsearch exporter. This reduces infrastructure overhead while maintaining rich, real-time performance insights. By consolidating APM functionality into the EDOT ecosystem, Elastic reduces operational complexity and costs — offering a streamlined, scalable observability solution. This approach ensures we fully preserve OpenTelemetry’s semantic conventions and data structure, including resource attributes, for consistent and reliable observability.

Log analytics

Kibana 8.16 now automatically adjusts data table presentation based on the type of data being explored. This streamlined, context-aware approach boosts productivity by simplifying data exploration and highlighting key log insights without the need for additional configuration. This is just the start of our ongoing effort to make Discover the go-to place for log analysis.

Automatic presentation
Automatic presentation1999Ă—1033 350 KB

Similar improvements are also present for select fields, such as “log.level” and “service.name” when adding them individually as a dedicated column. The log level is highlighted based on the severity, and the service name also has the richer display state and offers direct links to the APM UI.

Richer fields
Richer fields1999Ă—1033 401 KB

MongoDB Atlas integration

We add a new MongoDB Atlas integration to offer comprehensive observability and monitoring of MongoDB Atlas performance and health through the collection and analysis of logs and metrics.

Elastic synthetic monitoring supports MFA

Elastic synthetic monitoring now includes first-class multifactor authentication (MFA) support:

import { journey, step, mfa } from '@elastic/synthetics';

journey ('2FA', ({ page, params }) => {
  step('Login using 2FA', async () => {
    // login using username and pass and go to 2FA in next page
    const token = mfa. totp (params.MFA_TOKEN) ;
    await page getByPlaceholder ("token-input").fill (token)
  });
});

Elastic Security AI Assistant

The Elastic AI Assistant adds support for custom knowledge sources, meaning that you are no longer bound to the knowledge a given LLM is trained on, and you can add knowledge sources beyond what Elastic provides. For example, you can add:

  • an index containing asset information, such as content found in a configuration management database (CMDB)
  • your favorite threat intelligence reports to be used during a conversation
  • documents containing any existing threat hunting playbooks or standard operating procedures
  • historical incident or case information
  • on-call schedules

And we added for you the Elastic Security Labs as one of those knowledge sources!

Improved support for locally hosted models

With 8.16, we’ve made it even easier to use locally hosted LLMs with Elastic AI Assistant and Attack Discovery. The OpenAI connector has been updated to better highlight this capability. We’ve also made significant improvements to the Elastic AI Assistant and Attack Discovery when using locally hosted and open source models.

Agentless CSPM and cloud asset inventory management

Elastic Security introduces agentless integration for both CSPM and a new Cloud Asset Inventory, which is currently released in public beta. This new capability removes the need for agents, allowing users to quickly establish trust between their cloud providers — AWS, Azure, or GCP — and Elastic Cloud, speeding up data ingestion to just minutes.

New Cloud Asset Inventory integration

You can't protect what you don't know. With the new Elastic Security Cloud Asset Inventory integration, you can discover your cloud resources across AWS, GCP, and Microsoft Azure. By simply connecting your cloud accounts with read-only access, this integration automatically finds your cloud services and assets, including S3 buckets, EC2 instances, Azure Virtual Machines, GCP Compute Engine instances, and more.

Start today on cloud or locally

Wanna get started on your machine in minutes with the new start-local feature? It's easy as:

curl -fsSL https://elastic.co/start-local | sh

Or start on the cloud with a free trial. Just click here.

Release blogs

Learn more with our release blog posts:

2 Likes
2

From draft to Announcements