X-Pack advanced features provided in the open source Elasticsearch Platinum edition are developed by the open source Elasticsearch team based on the X-Pack commercial plug-in. The features include security, SQL plug-in, machine learning, alerting, and monitoring. These features enhance the service capabilities of open source Elasticsearch in terms of application development and O&M management. Both Alibaba Cloud Elasticsearch clusters of the Standard Edition and Alibaba Cloud Elasticsearch clusters of the Kernel-enhanced Edition support the advanced features.
Feature description
The X-Pack advanced features provided by Elastic Stack differ in various editions, such as Basic, Gold, and Platinum. Alibaba Cloud subscribes to Elasticsearch of the Platinum edition.
This topic describes only a few commonly used advanced features. For more information about all the X-Pack advanced features, see Elastic Stack subscriptions and X-Pack APIs.
For more information about the comparisons between new features provided in the Basic edition and new features provided in the Platinum edition, see Elastic Stack subscriptions.
Feature | Description |
Security | Manages indexes and fields in a decentralized manner and strictly controls access permissions to improve data security. |
Machine learning | Monitors data in real time, provides the auto alerting feature, and reports alerts. |
Monitoring | Monitors objects, such as clusters, nodes, and indexes, in real time to improve development efficiency and reduce O&M costs. |
SQL plug-in |
Note In the Basic edition, other SQL plug-ins are integrated. For more information, see elasticsearch-sql. |
Some features provided by open source Elasticsearch
Alibaba Cloud Elasticsearch clusters support the following open source Elasticsearch features. For more information about the features, see Elastic Stack features. Due to the rapid iteration of open source Elasticsearch versions, the features supported by each version are constantly updated. For more information about the features supported by each version, see Open source version features.
Category | Subcategory | Feature |
Management and operations | Scalability and resiliency | Clustering and high availability |
Automatic node recovery | ||
Automatic data rebalancing | ||
Horizontal scalability | ||
Rack awareness | ||
Cross-cluster replication | ||
Cross-data center replication | ||
Monitoring | Full stack monitoring | |
Multi-stack monitoring | ||
Configurable retention policy | ||
Automatic alerts on stack issues | ||
Management | Index lifecycle management | |
Data tiers | ||
Frozen indexes | ||
Snapshot creation and data restoration | ||
Searchable snapshots | ||
Source-only snapshots | ||
Snapshot lifecycle management | ||
Data rollup | ||
Data streams | ||
CLI tools | ||
Upgrade assistant UI | ||
Upgrade assistant APIs | ||
User and role management | ||
Transforms | ||
Alerting | Highly available, scalable alerting | |
Notifications | ||
Alerting UI | ||
Stack security | Security settings | |
Encrypted communications | ||
Support for encryption at rest | ||
Role-based access control (RBAC) | ||
Field- and document-level security | ||
Audit logging | ||
IP address filtering | ||
Security realms | ||
Single sign-on (SSO) | ||
Third-party security integration | ||
Clients | RESTful APIs | |
Language clients | ||
Console | ||
DSL | ||
SQL plug-in | ||
Event query language (EQL) | ||
JDBC client | ||
ODBC client | ||
Data collection and enrichment | Data sources | Operating systems |
Web servers and proxies | ||
Data repositories and queues | ||
Cloud services | ||
Containers | ||
Network data | ||
Security data | ||
Running status data | ||
File import | ||
Data enrichment | Processors | |
Analyzers | ||
Tokenizers | ||
Filters | ||
Language analyzers | ||
Grok | ||
Field transformation | ||
External lookups | ||
Match enrich processor | ||
Geo-match enrich processor | ||
Modules and integrations | Clients and APIs | |
Beats | ||
Community shippers | ||
Logstash | ||
ES-Hadoop | ||
Plug-ins and integrations | ||
Data storage | Flexibility | Data types |
Full-text searches | ||
Document databases | ||
Time series and analysis | ||
Geospatial | ||
Security | Support for encryption at rest | |
Field-level security | ||
Management | Clustered indexes | |
Snapshot creation and data restoration | ||
Index rollup | ||
Search and analysis | Full-text searches | Inverse indexes |
Cross-cluster searches | ||
Relevance scoring | ||
Query DSL | ||
Asynchronous searches | ||
Highlighters | ||
Automatic completion | ||
Spelling checks and corrections | ||
Suggesters | ||
Percolators | ||
Query optimizer | ||
Permissions-based search results | ||
Query cancellation | ||
Analytics | Aggregations | |
Graph searches | ||
Threshold-based alerting | ||
Machine learning | Inference | |
Forecasting on time series | ||
Anomaly detection on time series | ||
Alerting on anomalies | ||
APM | APM server | |
APM agents | ||
APM applications | ||
Distributed tracing | ||
Alerting | ||
Service maps | ||
Visualization | Dashboards | |
Canvas | ||
Kibana Lens | ||
Time Series Visual Builder (TSVB) | ||
Graph analysis | ||
Geospatial analysis | ||
Container monitoring | ||
Kibana plug-ins | ||
Data import tutorial | ||
Maps | Map layers | |
Custom area maps | ||
GeoJSON upload | ||
Elastic logs | Log shipper | |
Log dashboards | ||
Detection on log rate anomalies | ||
Elastic metrics | Metric shipper | |
Metric dashboards | ||
Alerting | ||
Uptime | Uptime monitoring | |
Uptime dashboards | ||
Alerting | ||
Certificate monitoring | ||
Synthetic monitoring | ||
Security analysis | Common schema | |
Security analysis | ||
Timeline events | ||
Case management | ||
Anomaly detection |