What’s new in Elastic 9.3
Elastic 9.3 builds on the features introduced in 9.2 and focuses largely on making them easier and more predictable to run in production: better automation primitives, faster analytics, more efficient vector workloads, and measurable improvements in Elastic Cloud Serverless. Let's check some of the changes here.
From agentic concepts to operational automation
Elastic 9.2 introduced the idea of agentic workflows: agents that can reason over Elasticsearch data using ES|QL and search.
In 9.3, the focus shifts from introduction to operational use.
- Agent Builder is now generally available.
- Elastic Workflows (technical preview) adds a native orchestration layer that can be triggered by rules, alerts, or agents.
The key change is that agents are no longer just interactive tools; they can now participate in repeatable, automated flows.
Example: defining an ES|QL-backed tool an agent can use during a workflow:
POST kbn://api/agent_builder/tools
{
"id": "recent_errors",
"type": "esql",
"configuration": {
"query": "FROM logs-* | WHERE log.level == \"error\" | SORT @timestamp DESC | LIMIT 10"
}
}
Example: invoking the agent via API and letting it select tools automatically:
POST kbn://api/agent_builder/agents/my-agent/chat
{
"messages": [
{ "role": "user", "content": "Show me recent errors and summarize them" }
]
}
Search & AI: inference and relevance without running your own GPUs
Elastic 9.3 expands the Elastic Inference Service (EIS) in ways that are mostly about operational convenience.
3 Jina models are now generally available through EIS:
- jina-embeddings-v3 for multilingual embeddings
- jina-reranker-v2-base-multilingual for semantic reranking
- jina-reranker-v3 for semantic reranking (new version)
Example: creating an inference endpoint backed by Jina embeddings:
PUT _inference/text_embedding/jina_embeddings
{
"service": "elastic",
"service_settings": {
"model_id": "jina-embeddings-v3"
}
}
Indexing documents with embeddings generated by EIS:
PUT my-index
{
"mappings": {
"properties": {
"title": {
"type": "text"
},
"content": {
"type": "semantic_text",
"inference_id": "jina_embeddings"
}
}
}
}
POST my-index/_doc
{
"title": "Elastic 9.3 overview",
"content": "Elastic 9.3 improves automation, analytics, and vector search."
}
bfloat16 vectors: reducing storage and memory pressure
Elastic 9.3 adds support for storing dense vectors using bfloat16 instead of 32-bit floating point values.
This cuts vector storage roughly in half while preserving enough precision for many semantic search and retrieval workloads.
In practice, bfloat16 is most useful when:
- vector dimensionality is high (e.g. 768, or more)
- recall requirements tolerate small numerical error
- memory pressure or disk footprint is a limiting factor
Example: defining a dense vector field stored as bfloat16:
PUT bf16-vectors
{
"mappings": {
"properties": {
"embedding": {
"type": "dense_vector",
"dims": 768,
"element_type": "bfloat16",
"index": true
}
}
}
}
Indexing documents works the same way as with float vectors:
POST bf16-vectors/_doc
{
"id": "doc-1",
"embedding": [0.0123, -0.9812, 0.4431, "..."]
}
Querying bfloat16 vectors does not require changes to the kNN query syntax; Elasticsearch handles the reduced precision transparently.
bfloat16 is especially effective when combined with disk-based vector indexing and on-disk rescoring, allowing large vector datasets to remain searchable without keeping all vectors resident in memory.
GPU-accelerated vector indexing (technical preview)
Elastic 9.3 introduces GPU-accelerated vector indexing for self-managed deployments, built on NVIDIA GPUs and cuVS.
This affects indexing and maintenance, not query execution.
Reported improvements include:
- up to 12× faster vector indexing
- up to 7× faster force-merge operations
- reduced CPU pressure during heavy vector ingestion
ES|QL: faster metrics queries and better time-series behavior
ES|QL continues to mature as the main analytical interface in Elasticsearch.
In 9.3, most changes focus on performance and stability, especially for metrics workloads:
- Sliding-window aggregations reduce jitter in dashboards
- Exponential histogram support improves distribution analysis
- Metrics queries see up to 5× lower latency (technical preview)
Example: smoothing a request rate using a sliding window:
TS metrics
| WHERE TRANGE(1h)
| STATS avg(rate(requests, 10m)) BY TBUCKET(1m), host
Example: defining an exponential histogram field for OpenTelemetry metrics:
PUT otel-metrics
{
"mappings": {
"properties": {
"latency": {
"type": "exponential_histogram"
}
}
}
}
Querying percentiles from histogram data using ES|QL:
FROM otel-metrics
| STATS p95 = PERCENTILES(latency, 95) BY service.name
Elastic Observability: reducing cost without losing detail
Several 9.3 changes in Observability are about doing less work per byte:
- Pattern-based log compression (
pattern_text, GA) can reduce log message storage by up to 50% - Elastic Streams (technical preview) continues to evolve, using agentic techniques to structure logs directly from message fields
- Amazon Bedrock AgentCore integration (technical preview) adds visibility into agent-based AI applications
Elastic Security: automation over repetition
Security improvements in 9.3 focus on reducing manual work in the SOC:
- Entity AI Summary (GA) provides structured summaries of entity risk
- Automatic rule migration now includes QRadar (technical preview)
- Automatic gap filling (GA) helps backfill missed detections
- Deeper integration with Agent Builder and Elastic Workflows enables more automated investigation paths
Elastic Cloud Serverless: quieter changes, measurable effects
Elastic Cloud Serverless doesn’t introduce new concepts in 9.3, but it does deliver measurable improvements.
- Serverless is now available in 18 regions
- A backend infrastructure upgrade for AWS-backed projects results in:
- up to 35% lower search latency
- 26% higher ingest throughput
These improvements are applied automatically and don't require configuration changes.
For existing Serverless users, this is mostly a "things got faster" release rather than a behavioral change.
Elastic 9.3 is available now on Elastic Cloud and for self-managed deployments.
If you’re upgrading from 9.2, most changes are incremental but practical: faster queries, cheaper storage, fewer manual steps, and better automation hooks. As always, consult the release notes for full details and breaking changes.