Elasticon Tour Amsterdam 2019

Elastic{ON} 2019 through the eyes of our Elastic domain expert.

October 29, Formica was present at Elastic{ON} Tour Amsterdam, at the EYE Film museum, along with 400 other Elastic enthusiasts. It was a very interesting edition. The conference was only one day, but it was packed with all the latest and greatest from Elastic. This year, there was a strong focus on Machine Learning and security, as a result of their recent acquisition of Endpoint.

In addition to the presentations, there was plenty to do throughout the day, such as stopping by the Ask Me Anything booths to get all your questions answered. Live demos were available to show the Elastic Stack in action. There was also the possibility to engage with community members in small group sessions to discuss topics like how to become certified and how to deploy the Elastic Stack on Kubernetes.

Security starts at the Endpoint

The average time it takes to detect if someone is intruding on your network is over 100 days. Often, organizations are not storing the amount of security data needed to analyze this threat. A company called Endgame wanted to overcome this problem of having long term centralized storage. At the same time, Elastic was looking for a way to add rich security data to the stack, as well as providing the capability of responding to security problems. This resulted in Endgame and Elastic joining forces to create Elastic Endpoint Security: a solution that allows organizations to respond to security threats in realtime. 

Elastic Stack Roadmap Deep Dive

Maybe one of the most interesting talks of the day, because who doesn’t get excited when hearing about all the new features implemented in the current Elastic Stack release, and what’s in store for future releases? 

Snapshot lifecycle management

Everyone knows it is of utmost importance to have a backup of your data on production, should things go wrong. Up until now, snapshotting and restoring data had to be done manually or through custom Cron jobs. With the 7.4 release, it’s possible to orchestrate this through Kibana’s management UI.

Elastic Maps and Elastic SIEM

With Elastic SIEM, it is possible to ingest all kinds of security related analytics and metrics to Elasticsearch. In 7.4 this can now be integrated with Elastic Maps, providing the opportunity to create visualizations for all security relevant data, such as cyber-attack maps.

Machine Learning

Elastic keeps on improving its machine learning features. Two new methods were introduced in 7.4; the regression API to make predictions for your data based on relationships between data fields, and outlier detection UI to identify values in your data that differ from the rest, which may expose unusual behavior or errors in your data.

Elasticsearch Common Schema

Organizations all have different naming conventions to store data in Elasticsearch. To provide a more unified way, Elastic defined Elastic Common Schema. This schema provides generic naming for various data fields.

Future releases

There are many more features still in the pipeline for future releases:

  • Add data to Elasticsearch through Kibana modules
  • Beats Fleet: Manage all Beats across your infrastructure from a single place
  • Lens: A new and improved way of creating dashboards in Kibana

Elasticsearch Awards

Between the presentations, some amazing projects were honored through the Elasticsearch Awards. This year, there were three categories: The cause awards, for Elastic projects that make a positive impact on the world; the cluster awards, for doing innovative things with the Elastic Stack and the “you know, for search!” awards, for providing company-wide added value with the help of Elastic Stack solutions. Next year, there will be a fourth category: Elastic certified professional of the year, for certified people who’ve had a positive impact on the community.

Partnership with Elastic

Elastic is a rapid growing company, with new releases every few months. As a partner, Formica is making sure to be ahead of the latest developments and trends from Elastic. It goes without saying that we are very excited to integrate these new features into our infrastructure and implement them at our customers.