What's New in ELK Stack? - ElasticSearch, LogStash & Kibana

ELK Stack, or Elastic Stack as it has just been rebranded to, has just received a long-awaited update to version 5. But before we take a look at some of the major improvements in this new version, it might be best just to reiterate on exactly what Elastic Stack is.Elastic Stack is a platform for enabling real-time analytics of large repositories of unstructured date (Big Data). It consists of three separate technologies: Elasticsearch, Logstash, and Kibana. Hence the original name of ELK Stack.Elasticsearch is the actual analytics engine, Logstash is a tool for managing log data and Kibana is an application for visually representing analytics results.What’s New in Elasticsearch?First and foremost, the most significant improvement in the version 5 release of Elasticsearch, is the massive jump in performance. This is a major improvement, with the overall indexing performance of Elasticsearch having increased by approximately 80%.Elasticsearch also ships with a brand new migration tool in version 5. This is intended to help developers migrate their applications from the older version of Elasticsearch. This is a great new additional to Elastic Stack, as many developers were sticking to some very old releases such as version 2.3 and 2.4 because migration was so tricky.The default scripting language has also changed in version 5. The interestingly named Painless scripting language is now the default. Groovy, JavaScript, and Python have all now been depreciated.What’s New in Logstash?Version 5 of Logstash doesn’t really add anything completely new. What it does do, is improve some of the existing features quite considerably. The configuration of logging is now much more granular, all the way down to component level. This is great news for developers, as it makes the concept of debugging applications much simpler, as there is now more control on just what gets logged.Log rotation has also been improved. Administrators can now set up rules such as log size, age or timed events to rotate logs. The final change is the ability to update logging levels on the fly, without actually restarting Logstash.What’s New in Kibana?The major change that has been introduced in the version 5 release of Kibana, is that Timelion is no longer an external plugin. It has now been incorporated into Kibana core functions. Timelion has long been the preferred plugin for analyzing time driven datasets with Elastic Stack, so this is a smart move to bring it in-house.With the changes to scripting language explained in the Elasticsearch section above, Kibana now allows developers to choose the scripting they would like to use when creating a scripted field.Finally, the entire sharing UI has been redesigned, to allow the easy sharing of any data visualization that has been created using Kibana. This is something the development community has been requesting for a long time so that ad-hoc visualizations can be shared with end users more simply. This is possibly the best of the functional changes to Kibana in version 5.

Conclusion

Let's Talk
Lets Talk

Our Latest Blogs

With Zymr you can