X-Pack advanced features are the commercial features developed by the open source Elasticsearch team based on the X-Pack commercial plug-in. The features include security, SQL plug-in, machine learning, alerting, and monitoring. These features enhance the service capabilities of open source Elasticsearch in terms of application development and O&M management. Alibaba Cloud Elasticsearch provides editions that support the advanced features. You can purchase the features when you create a cluster. This topic describes the detailed information of these features.
Purchase guideline
Log on to the Alibaba Cloud Elasticsearch console and click Create on the Elasticsearch Clusters page. For more information, see Create an Alibaba Cloud Elasticsearch cluster.
Only Alibaba Cloud Elasticsearch clusters of the Standard Edition support the advanced features. The following table lists the related information of the Standard Edition.
| Item | Standard Edition |
|---|---|
| Whether X-Pack is included | Yes |
| Whether all X-Pack features are provided | Yes |
Feature description
This section describes only a few commonly used advanced features. For more information about all the X-Pack advanced features, see Elastic Stack subscriptions and X-Pack APIs.
| Feature | Description |
|---|---|
| Security | Manages indexes and fields in a decentralized manner and strictly controls access permissions to improve data security. |
| Machine learning | Monitors data in real time, provides the auto alerting feature, and reports alerts. |
| Monitoring | Monitors objects, such as clusters, nodes, and indexes, in real time to improve development efficiency and reduce O&M costs. |
| SQL plug-in |
Note In the FREE AND OPEN edition, other SQL plug-ins are integrated. For more information,
see elasticsearch-sql.
|
Some features provided by open source Elasticsearch
Alibaba Cloud Elasticsearch clusters of the Standard Edition support the following open source Elasticsearch features. For more information about the features, see Elastic Stack features. Due to the rapid iteration of open source Elasticsearch versions, the features supported by each version are constantly updated. For more information about the features supported by each version, see Version comparisons.
| Category | Subcategory | Feature |
|---|---|---|
| Management and operations | Scalability and resiliency | Clustering and high availability |
| Automatic node recovery | ||
| Automatic data rebalancing | ||
| Horizontal scalability | ||
| Rack awareness | ||
| Cross-cluster replication | ||
| Cross-data center replication | ||
| Monitoring | Full stack monitoring | |
| Multi-stack monitoring | ||
| Configurable retention policy | ||
| Automatic alerts on stack issues | ||
| Management | Index lifecycle management | |
| Data tiers | ||
| Frozen indexes | ||
| Snapshot creation and data restoration | ||
| Searchable snapshots | ||
| Source-only snapshots | ||
| Snapshot lifecycle management | ||
| Data rollup | ||
| Data streams | ||
| CLI tools | ||
| Upgrade assistant UI | ||
| Upgrade assistant APIs | ||
| User and role management | ||
| Transforms | ||
| Alerting | Highly available, scalable alerting | |
| Notifications | ||
| Alerting UI | ||
| Stack security | Security settings | |
| Encrypted communications | ||
| Support for encryption at rest | ||
| Role-based access control (RBAC) | ||
| Field- and document-level security | ||
| Audit logging | ||
| IP address filtering | ||
| Security realms | ||
| Single sign-on (SSO) | ||
| Third-party security integration | ||
| Clients | RESTful APIs | |
| Language clients | ||
| Console | ||
| DSL | ||
| SQL plug-in | ||
| Event query language (EQL) | ||
| JDBC client | ||
| ODBC client | ||
| Data collection and enrichment | Data sources | Operating systems |
| Web servers and proxies | ||
| Data repositories and queues | ||
| Cloud services | ||
| Containers | ||
| Network data | ||
| Security data | ||
| Running status data | ||
| File import | ||
| Data enrichment | Processors | |
| Analyzers | ||
| Tokenizers | ||
| Filters | ||
| Language analyzers | ||
| Grok | ||
| Field transformation | ||
| External lookups | ||
| Match enrich processor | ||
| Geo-match enrich processor | ||
| Modules and integrations | Clients and APIs | |
| Beats | ||
| Community shippers | ||
| Logstash | ||
| Elasticsearch-Hadoop | ||
| Plug-ins and integrations | ||
| Data storage | Flexibility | Data types |
| Full-text searches | ||
| Document databases | ||
| Time series and analysis | ||
| Geospatial | ||
| Security | Support for encryption at rest | |
| Field-level security | ||
| Management | Clustered indexes | |
| Snapshot creation and data restoration | ||
| Index rollup | ||
| Search and analysis | Full-text searches | Inverse indexes |
| Cross-cluster searches | ||
| Relevance scoring | ||
| Query DSL | ||
| Asynchronous searches | ||
| Highlighters | ||
| Automatic completion | ||
| Spelling checks and corrections | ||
| Suggesters | ||
| Percolators | ||
| Query optimizer | ||
| Permissions-based search results | ||
| Query cancellation | ||
| Analytics | Aggregations | |
| Graph searches | ||
| Threshold-based alerting | ||
| Machine learning | Inference | |
| Forecasting on time series | ||
| Anomaly detection on time series | ||
| Alerting on anomalies | ||
| APM | APM server | |
| APM agents | ||
| APM applications | ||
| Distributed tracing | ||
| Alerting | ||
| Service maps | ||
| Visualization | Dashboards | |
| Canvas | ||
| Kibana Lens | ||
| Time Series Visual Builder (TSVB) | ||
| Graph analysis | ||
| Geospatial analysis | ||
| Container monitoring | ||
| Kibana plug-ins | ||
| Data import tutorial | ||
| Maps | Map layers | |
| Custom area maps | ||
| GeoJSON upload | ||
| Elastic logs | Log shipper | |
| Log dashboards | ||
| Detection on log rate anomalies | ||
| Elastic metrics | Metric shipper | |
| Metric dashboards | ||
| Alerting | ||
| Uptime | Uptime monitoring | |
| Uptime dashboards | ||
| Alerting | ||
| Certificate monitoring | ||
| Synthetic monitoring | ||
| Security analysis | Common schema | |
| Security analysis | ||
| Timeline events | ||
| Case management | ||
| Anomaly detection |