Elastic 9.0/8.18: BBQ, EDOT & LLM observability, Attack Discovery, Auto Import, and ES|QL JOIN

Let’s dig in. The 9.0 and 8.18 releases include many high-impact capabilities across our portfolio:

• Better Binary Quantization, now generally available, is 5x faster than OpenSearch. 
• Elastic Distributions of OpenTelemetry (EDOT) is now generally available along with LLM observability providing visibility into the performance, cost, safety, and reliability of GenAI-enabled applications.
• Attack Discovery and Automatic Import are now generally available, advancing AI-driven security analytics.
• We made major enhancements in Elasticsearch Query Language (ES|QL) that add powerful functions to join data in real time, KQL filtering, and expanded semantic search with reduced memory.

Read about the highlights by solution below.

Elasticsearch helps developers build AI-powered search experiences on the industry's most used vector database with out-of-the-box semantic search and generative AI capabilities.

Highlights in 9.0/8.18:

• A cutting edge quantization technique designed at Elastic that was first introduced in 8.16 as a technical preview, Better Binary Quantization (BBQ), is now generally available for large production workloads with an updated algorithm that provides even better performance and relevance gains.

• The general availability of expanded open inference API capabilities allows users to utilize JinaAI embeddings and reranking capabilities in Elasticsearch.

Find more details in the Elasticsearch 9.0/8.18 highlights blog, in the BBQ blog, or in the 9.0/8.18 release notes.

Elastic Observability prevents outages with search-based relevance, no-compromise data retention, improved operational efficiency and cost, and an open and future-proofed investment. 

Highlights in 9.0/8.18: 

• Elastic Distributions of OpenTelemetry (EDOT) is now generally available (for 9.0 only), using OpenTelemetry-native schemas across all signals for enhanced correlation and analysis and enterprise-grade support without proprietary add-ons.

• The general availability of LLM observability provides comprehensive insights into LLM performance, errors, prompts, responses, usage and costs for models hosted in Amazon Bedrock (including Guardrails for Bedrock), Google Vertex AI, as well as Azure OpenAI and OpenAI.

Find more details in the Elastic 9.0/8.18 Observability highlights blog or in the 9.0/8.18 release notes.

Elastic Security future-proofs SecOps with AI-driven security analytics, accelerating threat detection, investigation, and response.

Highlights in 9.0/8.18: 

• Attack Discovery and Automatic Import are now generally available, empowering SecOps teams with AI-driven security analytics.

• The technical preview of Automatic Migration for detection rules streamlines migration from legacy SIEMs by slashing the time and expertise needed to convert detection rules.

• The general availability of customizable prebuilt rules makes it easy to customize and maintain prebuilt detection rules, expediting detection engineering workflows and enabling greater use case coverage.

Find more details in the Elastic Security 9.0/8.18 highlights blog or in the 9.0/8.18 release notes.

The Elastic Search AI Platform combines the precision of search and the intelligence of AI. All users — regardless of use case — can benefit from core enhancements.

Highlights in 9.0/8.18: 

• The technical preview of ES|QL LOOKUP JOIN introduces a join capability in ES|QL that solves many data enrichment use cases common to security analysts and detection engineers who need to gain context from their security data.

• The technical preview of KQL function in ES|QL allows users to employ the familiar KQL query language inside an ES|QL query. Users also benefit from scoring, Match, semantic search, and more.

• With the expansion of Elastic open inference API capabilities now generally available, users can now utilize JinaAI embeddings and reranking capabilities in Elasticsearch.

Find more details in the Elastic Search AI Platform 9.0/8.18 highlights blog, in the ES|QL JOIN blog, or in the 9.0/8.18 release notes.

Ready to get started? Elastic 9.0/8.18 is now available on Elastic Cloud — the hosted Elasticsearch service that includes all of the new features in this latest release.

The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all.

In this blog post, we may have used or referred to third party generative AI tools, which are owned and operated by their respective owners. Elastic does not have any control over the third party tools and we have no responsibility or liability for their content, operation or use, nor for any loss or damage that may arise from your use of such tools. Please exercise caution when using AI tools with personal, sensitive or confidential information. Any data you submit may be used for AI training or other purposes. There is no guarantee that information you provide will be kept secure or confidential. You should familiarize yourself with the privacy practices and terms of use of any generative AI tools prior to use. 

Elastic, Elasticsearch, ESRE, Elasticsearch Relevance Engine and associated marks are trademarks, logos or registered trademarks of Elasticsearch N.V. in the United States and other countries. All other company and product names are trademarks, logos or registered trademarks of their respective owners.