Elastic (@elastic) / X

Elastic

10.4K posts

Elastic

@elastic

Where developers learn, build, and share. Your source for hands-on demos, cheat sheets, explainers and more.

Global

Joined October 2009

Elastic
@elastic
23h
0.89 recall at k=10 and zero cross-tenant leaks on a persistent agent memory layer. Built on Elasticsearch with 3 indices mapped to cognitive science: episodic events, semantic facts, procedural playbooks. Each has its own write rate, aging rules, and update logic. Episodic
1.2K
Elastic
@elastic
23h
Blog and full implementation: go.es.io/4oFWhYy GitHub repo: go.es.io/4uKA8tl
Agent memory on Elasticsearch: hybrid retrieval and DLS - Elasticsearch Labs
From elastic.co
531
Elastic reposted
Elastic Security Labs
@elasticseclabs
Jun 17
Live now!
REPLAY
Elastic Security Labs
@elasticseclabs
Put agentic AI to work: Real-world defense against threats
900
Elastic
@elastic
Jun 17
🧵 We've reworked stored-vector kNN search to cut latency by up to 3x with a single API change. Here's why 2 round trips was always unnecessary, how the speedup works, and what the benchmark numbers show.
1.4K
Elastic
@elastic
Jun 17
Replying to @elastic
3/ In 9.4, this collapses into a single request: Elasticsearch fetches the stored vector internally and uses it directly. One request. No client-side plumbing.
412
Elastic
@elastic
Jun 17
4/ We ran this on 2M documents across 2 nodes in the same GCP zone. Same data center. Same availability zone. Still: p50: 10.4ms → 3.1ms (3.3x faster) p90: 25.4ms → 5.9ms (4.3x faster) p99: 27.7ms → 8.1ms (3.4x faster) Even when nodes are physically close,
Up to 3x faster stored-vector queries in Elasticsearch - Elasticsearch Labs
From elastic.co
354
Elastic
@elastic
Jun 16
300+ Claude audit events now land in Elastic Security. Elastic's Anthropic integration pulls from Claude's Compliance API. Everything maps to ECS. Sign-ins, SSO changes, role updates, API key lifecycle, MCP server connections, data exports. Searchable the moment they land.
00:00
1.7K
Elastic
@elastic
Jun 16
Blog and integration docs:
Monitor Claude activity in Elastic Security
From elastic.co
568
Elastic reposted
Elastic Security Labs
@elasticseclabs
Jun 8
Your SOC tools don't talk to your dev tools. Your detection engineers write rules in one place and investigate in another. Live on June 17, we're demoing autonomous investigation workflows and security operations running inside Claude, Cursor, and Copilot. One week to go.
00:00
1.4K
Elastic reposted
Elastic Security Labs
@elasticseclabs
Jun 15
Attackers are using AI to cut attack timelines to minutes. @andythevariable , @jamesspi and @DanielMiessler get into what that means for your SOC, live on June 17.
Andrew Pease
@andythevariable
Jun 13
On June 17, I'm going live with @jamesspi and @DanielMiessler to cover the Obsidian and Axios supply chain attacks, and how AI agents can speed response. Humans don't leave the loop; they're moved to the top of it. 10am PT / 1pm ET @elasticseclabs elastic.co/lp/agentic-ai-…
00:00
1.9K
Elastic
@elastic
Jun 12
3 types of mappings in Elasticsearch Dynamic: Elasticsearch detects field types as documents arrive. Explicit: you define every field upfront. Recommended for production. Runtime: schema-on-read, no reindexing needed. Each trades setup speed for indexing control.
1.8M
Elastic
@elastic
Jun 12
Learn more:
elastic.co
Mapping | Elastic Docs
Mapping is the process of defining how a document and the fields it contains are stored and indexed. Each document is a collection of fields, which each...
1.2K
Elastic
@elastic
Jun 11
Stop building dummy data to test Elasticsearch. Kibana ships three production-quality sample datasets. One click to install, dashboards included: - Sample eCommerce orders: customer transactions, product categories, revenue by region - Sample flight data: airline routes, ticket
00:00
2.3K
Elastic
@elastic
Jun 11
Sample data:
elastic.co
Sample data | Elastic Docs
Using sample data is a great way to start exploring the system and learn your way around. There are a few ways to easily ingest sample data into Elasticsearch...
746
Elastic
@elastic
Jun 10
🧵 Your PromQL doesn't have to be rewritten to move to Elastic Observability. 9.4 added native Prometheus support. Ship metrics straight to ES, run your existing PromQL in Kibana. Same queries. Same dashboards. rate(http_requests_total{job="api"}[5m]) That runs in Kibana now.
1.6K
Elastic
@elastic
Jun 10
When you want one language across logs, metrics, and traces, ES|QL's TS command is the direct equivalent. TS metrics-* | STATS SUM(RATE(http_requests_total, 5m)) BY job, TBUCKET(5m) RATE(metric, 5m) maps to PromQL's rate(metric[5m]). TS groups by time series first and handles
elastic.co
30x faster than Prometheus: How we rebuilt Elasticsearch as a leading columnar metrics datastore -...
Elasticsearch now stores OTel metrics at 3.75 bytes per data point and queries them up to 30x faster than Prometheus. Here's how we rebuilt TSDS and ES|QL.
712
Elastic
@elastic
Jun 9
Learn how to cut Elasticsearch log storage by up to 76% with LogsDB: 1. Create a LogsDB index with "index.mode": "logsdb" 2. Reindex your logs into both a standard and LogsDB index 3. Force merge both indices with _forcemerge?max_num_segments=1 4. Measure the difference with the
9.7M
Elastic
@elastic
Jun 9
Already on Elasticsearch 9.2+? Any logs-* data stream uses LogsDB by default. Run GET /.ds-logs-*/_settings?filter_path=*.settings.index.mode to verify.
2.8K
Elastic
@elastic
Jun 9
Follow along in the full tutorial:
How to cut Elasticsearch log storage costs with LogsDB — Elastic Observability Labs
From elastic.co
1.6K