Get a DemoStart Free TrialSign In


3 min read is pleased to introduce the latest version of OpenSearch onto the platform, with an OpenTelemetry-compliant data schema that unlocks a host of future analytics and observability capabilities. Also included in this release are improvements in threat detection for security analytics workloads, visualization tools, and machine learning (ML) models.


New OpenSearch Simple Schema

OpenSearch continues to add functionality to power analytics and observability use cases and is working towards creating a standard method for accessing metrics, traces, and unstructured data, such as logs, from different sources. This is addressed by the latest version of OpenSearch, which introduces Simple Schema for Observability, a common, unified data schema.

In accordance with OpenTelemetry standards, the schema defines a structured definition for major analytics and observability signals, including logs, traces, and metrics.

The updated schema also enables users to develop predefined dashboards and configurations based on common standards and formats across the data pipeline. The move is a significant step toward enabling a range of capabilities for ingestion, extraction, and aggregation of telemetry data, as well as driving discoveries from monitored systems.

Analyze Jaeger Trace data

OpenSearch Dashboards now also supports the analysis of trace data collected by the widely-used Jaeger open-source tools. With OpenSearch Dashboards Observability, you can analyze traces using Jaeger data stored in OpenSearch, and easily switch between Data Prepper and Jaeger as the source of your trace data from the same user interface.

If your Jaeger trace data is stored in OpenSearch, you can leverage the Trace Analytics feature to analyze error rates and latencies, as well as filter traces and examine span details to identify any service issues. To learn more about how to analyze Jaeger trace data in OpenSearch, refer to the documentation.

Enhanced Security Analytics

OpenSearch users are increasingly using the platform to support new use cases, including security event log analysis to detect and investigate potential threats. To meet this demand, OpenSearch now offers a new security analytics plugin for both OpenSearch and OpenSearch Dashboards. The plugin provides a suite of tools to help you identify attack signatures, create alerts from security findings, and visualize threat patterns using dashboards.

Security Analytics for OpenSearch and OpenSearch Dashboards, which was initially introduced as an experimental feature in the 2.4.0 release, is now generally available and ready for production workloads. This tool provides a variety of features to assist in monitoring and detecting potential security threats before they can disrupt operations. With over 2,000 prepackaged Sigma security rules and support for multiple log sources such as Windows, Netflow, DNS, AWS CloudTrail, and others, Security Analytics offers a comprehensive set of tools.

Additionally, many detector types now come with dashboards that visualize the logs they monitor right out of the box. A security finding can now be viewed in context with surrounding documents with just one click. View The Status Of Machine Learning Models

You can now view the location and status of ML models within a cluster with a new ML model health dashboard included in the newest edition of OpenSearch. To simplify the administration of semantic search deployments and other machine learning workloads, the ML Commons UI will be further developed in future releases.

Adding Maps To Dashboards

Users can now input and visualize geographical data more easily with OpenSearch's recently added enhancements. OpenSearch Dashboards now support adding maps to dashboard panels. In the past, maps could only be created and displayed within the Maps plugin; now you can visualize and analyze maps within Dashboards.

Generate Reports Directly

The OpenSearch Reporting CLI was launched separately from the project's release cycle in this latest version of OpenSearch. This CLI provides a programmatic way to generate and download OpenSearch Dashboard reports. With the Reporting CLI, you can create reports in PDF, PNG, or CSV formats and distribute them to downstream messaging systems.

As we continuously work to improve the key features of the platform we want you to know that our support team is always here to answer any questions you may have about the latest version of OpenSearch. Feel free to get in touch via live chat, at [email protected] or visit our help centre for more documentation.

If you enjoyed this update then why not read about OpenSearch vs Elasticsearch or Grafana dashboards next?

Get the latest elastic Stack & logging resources when you subscribe

© 2024 Ltd, All rights reserved.