Security and observability teams now benefit from reduced storage expenses and longer log retention to support their threat hunting, incident response, and compliance requirements

SAN FRANCISCO--(BUSINESS WIRE)--Elastic (NYSE: ESTC), the Search AI Company, announced the general availability of Elasticsearch logsdb index mode. This latest innovation in log management reduces the storage footprint of log data by up to 65% compared to recent versions of Elasticsearch without logsdb index mode. Now, security and observability teams have increased visibility while keeping all data immediately accessible for analysis.

"Logs are critical for detection and remediation, but the growing log volume generated by infrastructure and applications is driving up costs and forcing compromises that hinder analysis," said Ken Exner, chief product officer at Elastic. "Logsdb index mode reduces the disk footprint and overall cost of storing log data with features including smart index sorting, synthetic source and advanced compression."

Logsdb index mode optimizes data ordering, eliminates duplication by reconstructing non-stored field values with synthetic _source, and improves compression with advanced algorithms and codecs. Key benefits include:

• Reduced costs: enables organizations to reduce storage expenses while retaining more data, saving costs across all storage tiers.
• Preservation of valuable data: retains all log data using features like synthetic _source, improving operational efficiency without relying on extra tools or filters.
• Expanded visibility: provides access to all data on one platform without separate silos for various data, accelerating problem resolution, investigation, and remediation for site reliability engineers (SREs) and security operations center (SOC) teams.
• Streamlined access to data: retains actionable data efficiently, enabling troubleshooting, trending and analysis for SRE teams, and allows SOC teams to swiftly search all of their data for investigation and threat hunting.

Availability

Logsdb index mode is generally available for Cloud Hosted and Self-Managed customers starting in version 8.17 and is enabled by default for logs in Elastic Cloud Serverless.

Basic logsdb index mode capabilities are available to organizations with Standard, Gold, and Platinum licenses. Complete logsdb index mode capabilities are available to Serverless customers as well as organizations with an Enterprise license.

Read the blog to learn how to get started, or start your free trial now.

About Elastic

Elastic (NYSE: ESTC), the Search AI Company, enables everyone to find the answers they need in real-time using all their data, at scale. Elastic's solutions for search, observability, and security are built on the Elastic Search AI Platform, the development platform used by thousands of companies, including more than 50% of the Fortune 500. Learn more at elastic.co.

Elastic and associated marks are trademarks or registered trademarks of Elastic N.V. and its subsidiaries. All other company and product names may be trademarks of their respective owners.

Media Contact
Elastic PR
PR-team@elastic.co