Open Distro for Elasticsearch

New Features Coming Soon

Anomaly Detection

Our new anomaly detection feature identifies data patterns during ingestion and detect outliers in real-time using the Random Cut Forest (RCF) algorithm. RCF is an unsupervised machine learning algorithm that computes an anomaly score for each incoming data point. The final anomaly score is an average of scores from all data points and used to differentiate an anomaly from normal variations. You can monitor multiple data points in an index, also called features, by configuring detectors. A detector can discover anomalies across one or more features. Anomaly detection is integrated with our Alerting plugin to trigger a notification whenever a detector identifies an anomaly. Learn more or contribute at:

Security integration with alerting

We are building an integration between the security and alerting plugins to secure your alerting configuration. With this integration, we will provide new pre-built roles, making it easier for you to enable who can create and view monitors, alerts, and destinations. The security and alerting integration will ensure that users can create monitors using only the data they have access to. You will also be able to set a role on a monitor so that the monitor can only access the data you want it to. Learn more or contribute at:

SQL Kibana plugin

We are adding a dedicated Kibana plugin for SQL, making it easier for you to run SQL queries and explore your data. This plugin will support SQL syntax highlighting and output results in the familiar tabular format. The SQL Kibana UI will support nested documents allowing you to expand columns with these documents and drill-down into the nested data. The SQL Kibana plugin will also allow you to translate your SQL query to the Elasticsearch DSL with a single-click and support downloading results of the query as a CSV file.

Join our community of developers to start contributing to Open Distro for Elasticsearch