X-Pack advanced features provided in the open source Elasticsearch Platinum edition are developed by the open source Elasticsearch team based on the X-Pack commercial plug-in. The features include security, SQL plug-in, machine learning, alerting, and monitoring. These features enhance the service capabilities of open source Elasticsearch for both application development and operations management. Both Alibaba Cloud Elasticsearch Standard Edition and Kernel-enhanced Edition clusters support these advanced features.
X-Pack Platinum features
Elastic Stack distributes X-Pack features across three subscription tiers: Basic, Gold, and Platinum. Alibaba Cloud subscribes to the Platinum edition.
-
This topic covers a selection of commonly used advanced features. For the complete list of X-Pack advanced features, see Elastic Stack subscriptions and X-Pack APIs.
-
For a comparison of features between the Basic and Platinum editions, see Elastic Stack subscriptions.
|
Feature |
Description |
| Security | Manages indexes and fields in a decentralized manner and strictly controls access permissions to improve data security, using role-based access control (RBAC), field- and document-level security, audit logging, single sign-on (SSO), and IP filtering. |
| Machine learning | Monitors data in real time, provides the auto alerting feature, and reports alerts. |
| Monitoring | Tracks the health and performance of clusters, nodes, and indexes in real time, helping you improve development efficiency, identify issues early, and reduce operations costs. |
| SQL plug-in | Run full-text searches and statistical analysis on Elasticsearch data based on traditional SQL databases. Supports CLI and REST access. The Platinum edition also adds Java Database Connectivity (JDBC) support. Seamlessly integrates with existing business systems, reducing the costs for learning new techniques. For the Basic edition, see elasticsearch-sql. |
Open source Elasticsearch features
Alibaba Cloud Elasticsearch clusters also support a broad set of open source Elasticsearch features. For the full feature list, see Elastic Stack features. Because open source Elasticsearch iterates quickly, the features available in each version are updated regularly. For version-specific details, see Open source version features.
|
Category |
Subcategory |
Feature |
|
Management and operations |
Scalability and resiliency |
Clustering and high availability |
|
Automatic node recovery |
||
|
Automatic data rebalancing |
||
|
Horizontal scalability |
||
|
Rack awareness |
||
|
Cross-cluster replication |
||
|
Cross-data center replication |
||
|
Monitoring |
Full stack monitoring |
|
|
Multi-stack monitoring |
||
|
Configurable retention policy |
||
|
Automatic alerts on stack issues |
||
|
Management |
Index lifecycle management |
|
|
Data tiers |
||
|
Frozen indexes |
||
|
Snapshot creation and data restoration |
||
|
Searchable snapshots |
||
|
Source-only snapshots |
||
|
Snapshot lifecycle management |
||
|
Data rollup |
||
|
Data streams |
||
|
CLI tools |
||
|
Upgrade assistant UI |
||
|
Upgrade assistant APIs |
||
|
User and role management |
||
|
Transforms |
||
|
Alerting |
Highly available, scalable alerting |
|
|
Notifications |
||
|
Alerting UI |
||
|
Stack security |
Security settings |
|
|
Encrypted communications |
||
|
Support for encryption at rest |
||
|
Role-based access control (RBAC) |
||
|
Field- and document-level security |
||
|
Audit logging |
||
|
IP address filtering |
||
|
Security realms |
||
|
Single sign-on (SSO) |
||
|
Third-party security integration |
||
|
Clients |
RESTful APIs |
|
|
Language clients |
||
|
Console |
||
|
DSL |
||
|
SQL plug-in |
||
|
Event query language (EQL) |
||
|
JDBC client |
||
|
ODBC client |
||
|
Data collection and enrichment |
Data sources |
Operating systems |
|
Web servers and proxies |
||
|
Data repositories and queues |
||
|
Cloud services |
||
|
Containers |
||
|
Network data |
||
|
Security data |
||
|
Running status data |
||
|
File import |
||
|
Data enrichment |
Processors |
|
|
Analyzers |
||
|
Tokenizers |
||
|
Filters |
||
|
Language analyzers |
||
|
Grok |
||
|
Field transformation |
||
|
External lookups |
||
|
Match enrich processor |
||
|
Geo-match enrich processor |
||
|
Modules and integrations |
Clients and APIs |
|
|
Beats |
||
|
Community shippers |
||
|
Logstash |
||
|
ES-Hadoop |
||
|
Plug-ins and integrations |
||
|
Data storage |
Flexibility |
Data types |
|
Full-text searches |
||
|
Document databases |
||
|
Time series and analysis |
||
|
Geospatial |
||
|
Security |
Support for encryption at rest |
|
|
Field-level security |
||
|
Management |
Clustered indexes |
|
|
Snapshot creation and data restoration |
||
|
Index rollup |
||
|
Search and analysis |
Full-text searches |
Inverse indexes |
|
Cross-cluster searches |
||
|
Relevance scoring |
||
|
Query DSL |
||
|
Asynchronous searches |
||
|
Highlighters |
||
|
Automatic completion |
||
|
Spelling checks and corrections |
||
|
Suggesters |
||
|
Percolators |
||
|
Query optimizer |
||
|
Permissions-based search results |
||
|
Query cancellation |
||
|
Analytics |
Aggregations |
|
|
Graph searches |
||
|
Threshold-based alerting |
||
|
Machine learning |
Inference |
|
|
Forecasting on time series |
||
|
Anomaly detection on time series |
||
|
Alerting on anomalies |
||
|
APM |
APM server |
|
|
APM agents |
||
|
APM applications |
||
|
Distributed tracing |
||
|
Alerting |
||
|
Service maps |
||
|
Visualization |
Dashboards |
|
|
Canvas |
||
|
Kibana Lens |
||
|
Time Series Visual Builder (TSVB) |
||
|
Graph analysis |
||
|
Geospatial analysis |
||
|
Container monitoring |
||
|
Kibana plug-ins |
||
|
Data import tutorial |
||
|
Maps |
Map layers |
|
|
Custom area maps |
||
|
GeoJSON upload |
||
|
Elastic logs |
Log shipper |
|
|
Log dashboards |
||
|
Detection on log rate anomalies |
||
|
Elastic metrics |
Metric shipper |
|
|
Metric dashboards |
||
|
Alerting |
||
|
Uptime |
Uptime monitoring |
|
|
Uptime dashboards |
||
|
Alerting |
||
|
Certificate monitoring |
||
|
Synthetic monitoring |
||
|
Security analysis |
Common schema |
|
|
Security analysis |
||
|
Timeline events |
||
|
Case management |
||
|
Anomaly detection |