diff --git a/docs/user/images/dashboard-star.png b/docs/user/images/dashboard-star.png new file mode 100644 index 000000000000..25219d8866c0 Binary files /dev/null and b/docs/user/images/dashboard-star.png differ diff --git a/docs/user/images/dashboard-usage.png b/docs/user/images/dashboard-usage.png new file mode 100644 index 000000000000..e18843511e21 Binary files /dev/null and b/docs/user/images/dashboard-usage.png differ diff --git a/docs/user/images/discover-log-level.png b/docs/user/images/discover-log-level.png new file mode 100644 index 000000000000..a6de92c0ae02 Binary files /dev/null and b/docs/user/images/discover-log-level.png differ diff --git a/docs/user/images/esql-autocomplete-suggestions.png b/docs/user/images/esql-autocomplete-suggestions.png new file mode 100644 index 000000000000..bd78201b0d12 Binary files /dev/null and b/docs/user/images/esql-autocomplete-suggestions.png differ diff --git a/docs/user/images/esql-suggestions.png b/docs/user/images/esql-suggestions.png new file mode 100644 index 000000000000..234f0339003a Binary files /dev/null and b/docs/user/images/esql-suggestions.png differ diff --git a/docs/user/images/ip-location-processor.png b/docs/user/images/ip-location-processor.png new file mode 100644 index 000000000000..b1de4a540f52 Binary files /dev/null and b/docs/user/images/ip-location-processor.png differ diff --git a/docs/user/images/metric-customization.png b/docs/user/images/metric-customization.png new file mode 100644 index 000000000000..238df1aee82a Binary files /dev/null and b/docs/user/images/metric-customization.png differ diff --git a/docs/user/images/monaco-console.png b/docs/user/images/monaco-console.png new file mode 100644 index 000000000000..3bdd4be4eb49 Binary files /dev/null and b/docs/user/images/monaco-console.png differ diff --git a/docs/user/images/solution-view-obs.png b/docs/user/images/solution-view-obs.png new file mode 100644 index 000000000000..4ae5942dbae3 Binary files /dev/null and b/docs/user/images/solution-view-obs.png differ diff --git a/docs/user/images/space-settings.png b/docs/user/images/space-settings.png new file mode 100644 index 000000000000..a3a38c1ca88c Binary files /dev/null and b/docs/user/images/space-settings.png differ diff --git a/docs/user/images/table-coloring.png b/docs/user/images/table-coloring.png new file mode 100644 index 000000000000..6c96daf38116 Binary files /dev/null and b/docs/user/images/table-coloring.png differ diff --git a/docs/user/whats-new.asciidoc b/docs/user/whats-new.asciidoc index 2a726ba3dc4f..25568518ad2e 100644 --- a/docs/user/whats-new.asciidoc +++ b/docs/user/whats-new.asciidoc @@ -1,175 +1,144 @@ [[whats-new]] -== What's new in 8.15 +== What's new in 8.16 -Here are the highlights of what's new and improved in 8.15. +Here are the highlights of what's new and improved in 8.16. For detailed information about this release, check the <>. -Previous versions: {kibana-ref-all}/8.14/whats-new.html[8.14] | {kibana-ref-all}/8.13/whats-new.html[8.13] | {kibana-ref-all}/8.12/whats-new.html[8.12] | {kibana-ref-all}/8.11/whats-new.html[8.11] | {kibana-ref-all}/8.10/whats-new.html[8.10] | {kibana-ref-all}/8.9/whats-new.html[8.9] | {kibana-ref-all}/8.8/whats-new.html[8.8] | {kibana-ref-all}/8.7/whats-new.html[8.7] | {kibana-ref-all}/8.6/whats-new.html[8.6] | {kibana-ref-all}/8.5/whats-new.html[8.5] | {kibana-ref-all}/8.4/whats-new.html[8.4] | {kibana-ref-all}/8.3/whats-new.html[8.3] | {kibana-ref-all}/8.2/whats-new.html[8.2] | {kibana-ref-all}/8.1/whats-new.html[8.1] | {kibana-ref-all}/8.0/whats-new.html[8.0] +Previous versions: {kibana-ref-all}/8.15/whats-new.html[8.15] | {kibana-ref-all}/8.14/whats-new.html[8.14] | {kibana-ref-all}/8.13/whats-new.html[8.13] | {kibana-ref-all}/8.12/whats-new.html[8.12] | {kibana-ref-all}/8.11/whats-new.html[8.11] | {kibana-ref-all}/8.10/whats-new.html[8.10] | {kibana-ref-all}/8.9/whats-new.html[8.9] | {kibana-ref-all}/8.8/whats-new.html[8.8] | {kibana-ref-all}/8.7/whats-new.html[8.7] | {kibana-ref-all}/8.6/whats-new.html[8.6] | {kibana-ref-all}/8.5/whats-new.html[8.5] | {kibana-ref-all}/8.4/whats-new.html[8.4] | {kibana-ref-all}/8.3/whats-new.html[8.3] | {kibana-ref-all}/8.2/whats-new.html[8.2] | {kibana-ref-all}/8.1/whats-new.html[8.1] | {kibana-ref-all}/8.0/whats-new.html[8.0] [discrete] -=== ES|QL +=== Solution-oriented navigation +On Elastic Cloud Hosted deployments running on version 8.16, you can now navigate Kibana using a lighter, solution-oriented left navigation menu, called **Solution view**. -[discrete] -==== Filter UX improvements in ES|QL +There are four selectable solution views: Search, Observability, Security, and Classic. Search, Observability, and Security are the new navigation menus. Each of those brings simplicity by focusing the left navigation menu on a relevant subset of features, scoped to its associated use cases, and offers a dedicated home page. Classic has the same navigation menu as 8.15 and before. -We're thrilled to unveil a complete overhaul of filtering in the ES|QL UX. Now, you can seamlessly filter data by browsing a time series chart, allowing for quick and intuitive time-based filtering. Interactive chart filtering lets you refine your data directly by clicking on any chart, while creating WHERE clause filters from the Discover table or sidebar has never been easier. These enhancements streamline data exploration and analysis, making your ES|QL experience more efficient and user-friendly than ever. +Each space has its own solution view setting which determines the navigation experience for all users of that space. -*Filter by clicking a chart:* +When creating a new deployment, you will now be asked to choose between one of the 3 new solution views for your default space. If you prefer to stick with the classic, multi-layered navigation, you can do so once the deployment is created by navigating to your space settings. -image::https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blt965a5190f246f7c8/669a7d41e5f7c84793b031cb/filter-by-clicking-chart.gif[Filter by clicking a chart] +Deployments upgrading from a previous version to 8.16 keep the classic navigation. Admins can enable one of the new solution views from the space settings. -*Filter by browsing a time series chart:* +image::images/solution-view-obs.png[Example of observability solution view] +_The Observability solution view and its Home page._ -image::https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blta20c9a93dded707c/669a7d40843f93a02fe51013/filter-by-brushing-time-series.gif[Filter by browsing a time series chart] +[discrete] +=== Discover and ES|QL -*Create WHERE clause filters from Discover table or sidebar:* +[discrete] +==== Contextual Data presentation -image::https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blt50ac35ab3af29ff8/669a7d4006a6fafe4c7cb39d/create-where-clause-filters-from-sidebar.gif[Create WHERE clause filters from Discover table or sidebar] +In this release, Discover introduces enhanced contextual data presentation. Previously, you needed to manually select relevant fields and set up your workspace before diving into data exploration. Now, Discover automatically tailors the user experience based on the data being explored, powered by a scalable contextual architecture. For example, when analyzing logs, you'll see a *log.level* field rendered directly in the table, a custom Logs overview in the document viewer, and log.level indicators on individual rows. +image::images/discover-log-level.png[Log level badge displaying in the Discover grid] [discrete] -==== Field statistics in ES|QL +==== Recommended ES|QL queries -Field statistics are now available in ES|QL. This feature is designed to provide comprehensive insights for each data field. With this enhancement, you can access detailed statistics such as distributions, averages, and other key metrics, helping you quickly understand your data. This makes data exploration and quality assessment more efficient, providing deeper insights and streamlining the analysis of field-level data in ES|QL. +Writing ES|QL queries just got easier. Many users face challenges when authoring queries, and even more so when unfamiliar with the syntax or data structure. This can lead to inefficiencies in data analysis and visualization. We want to reduce the time it takes to create queries and to lower the learning curve for both new and existing users by suggesting recommended queries within the ES|QL Help menu and from the auto-complete. -image::images/field-statistics-esql.png[Field statistics in ES|QL] +image::images/esql-suggestions.png[A list of suggestions to get started with an ES|QL query, width=30%] +_Recommended ES|QL queries from the ES|QL help menu_ -[discrete] -==== Integrations support in the ES|QL editor when using FROM command. +image::images/esql-autocomplete-suggestions.png[A list of suggestions in the autocomplete menu of an ES|QL query, width=50%] +_Recommended ES|QL queries from auto-complete suggestions_ -We're excited to announce enhanced support for integrations in the ES|QL editor with the *FROM* command. Previously, you could only access indices, but now you can also view a list of installed integrations directly within the editor. This improvement streamlines your workflow, making it easier to manage and utilize various integrations while working with your data. - -image::images/integrations-in-esql.png[Accessing an integration from ES|QL] [discrete] === Dashboards [discrete] -==== Field statistics in Dashboards - -It's now easier than ever to include your field statistics view from **Discover** into **Dashboards**. While running investigations, it is very common that you need to see some field information, such as unique values and their distribution, to make sense of the data. Select the fields that you want with your ES|QL query and get the document count, values, and distribution in your dashboard so you don't have to navigate back and forth to **Discover** to see this information. +==== Manage dashboards more easily and efficiently +As part of a series of improvements to help you find and manage your dashboards https://www.elastic.co/guide/en/kibana/8.15/whats-new.html#_view_dashboard_creator_and_last_editor[started in version 8.15], the new default way to sort your dashboards is by recently viewed, and we are adding an option to star your favorite dashboards, as well as some statistics to monitor the usage of your dashboards. -image::https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blt9bc52ff7851acc52/669a4f6a490fbc64fa22f279/field-statistics.gif[Showing field statistics panel in Dashboards] +You can find your favorite dashboards in the new **Starred** tab. -[discrete] -==== Statistics in legends +image::images/dashboard-star.png[Viewing starred dashboards] -Accelerate time to insights by summarizing the values of your charts using average, minimum, maximum, median, and variance, among many others. You can add these statistics for **Lens** and ES|QL visualizations. It is important to note that these statistics are computed using the data points from the chart considering the aggregation used and not the raw data. In the following example, the chart shows the median memory per host, so the Max = 15.3KB for the first series (artifacts.elastic.co) is the maximum value of the median memory per host. +By opening a dashboard's details using the “info” icon from the dashboard list view, you can now get a sense of the popularity of that dashboard with a histogram showing how many times the dashboard was viewed in the last 90 days. -image::images/statistics-in-legends.png[Statistics in legends] +image::images/dashboard-usage.png[Dashboard usage chart] -You can find the option to select statistics for your legends along with an explanation for each calculation when editing your visualization, as shown in the following image. +[discrete] +==== Log Pattern Analysis dashboard panels +Log Pattern Analysis panels are now available for you to add to your dashboards, making AIOps even more embedded in your workflows and where you need it. When filtering patterns, the dashboard’s data adjusts accordingly. You can also choose the filtering to transition you into Discover for further exploration. -image::images/statistics-in-legends2.png[Select statistics in legends] +image:https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blt8288e01386b5830c/67222fb0d2da223e27bc1e67/log_analysis_panel.gif[Log pattern analysis panel in dashboards] [discrete] -==== View dashboard creator and last editor +==== Color text values in tables +Previously, you could only decide to color numeric values in tables. We're adding the ability to also color your string values. You can decide whether you want to color the whole cell, or only the text. -You can now see who created and who last updated a dashboard. +image::images/table-coloring.png[Coloring table cells with string values] -You can find the creator information right from the dashboard list. -image::images/dashboard-creator.png[Dashboard creator column in dashboard list] +[discrete] +==== Formatting options for your metrics +We've received a lot of feedback asking for more flexibility to customize the appearance of your metrics. In this version, we are adding the ability to customize the title and value alignment, as well as the font size. Selecting the *Fit* option will adjust the font size and make the metric value occupy the entire panel. -Quickly find all dashboards created by the same user with a simple filter. +image::images/metric-customization.png[Customization options for a metric panel] -image::images/dashboard-creator-filter.png[Filtering dashboards by creator] -Note that the creator information will be visible only for dashboards created on or after version 8.14. -You can also see who last updated a dashboard by clicking the dashboard information icon from the dashboard list. The creator is also visible next to it. This information is immutable and cannot be changed. +//[discrete] +//=== Alerting, cases, and connectors -image::images/dashboard-last-editor.png[Dashboard details panel with the name of the last editor] [discrete] -=== Discover +=== Managing {kib} and data [discrete] -==== Push flyout for Discover document viewer +==== Edit space access from the space settings +As an admin, you can now assign roles to and edit role permissions on a given space directly from the settings of that space. -You can now seamlessly view document details and the main table simultaneously in **Discover** with the new _push_ flyout. You can adjust the width of the flyout to suit your needs and explore your data much more easily. - -image::https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/bltb40a408acf4ab688/669a58ea9fecd85219d58ed2/discover-push-flyout.gif[Resizable push flyout in Discover] +Prior to 8.16, you could only do this from the role settings, which was counterintuitive. +image::space-settings.png[Editing space settings with new options] [discrete] -=== Alerting, cases, and connectors +==== New IP Location processor +Enhancing location information based on IP addresses just got easier with the new IP Location processor. In addition to the existing free GeoLite offerings from MaxMind, we have integrated with MaxMind’s premium GeoIP databases for users who have licensed MaxMind’s products. If you're an Enterprise Elastic customer, you now have an additional third-party product, IP Info, available for use as well. These additional data sources provide improved options for enriching data with location information associated with IP addresses to improve telemetry and insights. To utilize these features beyond the free MaxMind GeoIP database, you will need to have licensed premium MaxMind products and/or the IP Info database. -[discrete] -==== Case templates - -{kib} cases offer a new powerful capability to enhance the efficiency of your analyst teams with <>. -You can manage multiple templates, each of which can be used to auto-populate values in a case with pre-defined knowledge. -This streamlines the investigative process and significantly reduces time to resolution. +image::images/ip-location-processor.png[The IP Location processor] [discrete] -==== Case custom fields are GA +==== File uploader PDF support +The file uploader provides a quick way to upload data and start using Elastic. In 8.16, we are improving it to allow you to upload data from PDF files. -In 8.11, <> were added to cases and they are now moving from technical preview to general availability. -You can set custom field values in your templates to enhance consistency across cases. +image:https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blte8f0b295330b7e68/67222fb0ca492a5044b51bd8/file_uploader_pdf.gif[File uploader with PDF support] [discrete] -==== {sn} additional fields +=== Developer Tools Console redesign +We're excited to introduce a number of improvements to the overall user experience on one of our most popular features: **Console**. If you're new to Console, you will be welcomed by an onboarding tour that will help you get started quickly with your first requests. And if you're already a regular Console user, you will notice a variety of new features, including the ability to copy outputs to the clipboard, import and export request files, enjoy improved responsiveness, and other quality of life improvements. -You can now create enriched {sn} tickets based on detected alerts with a more comprehensive structure that matches the {sn} ticket scheme. -A new JSON field is now available as part of the {sn} action, which enables you to send any field from {kib} alerts to {sn} tickets. - -[discrete] -==== {webhook-cm} SSL auth support - -It's common for organizations to integrate with third parties using secured authentication. -Currently, most of the available case connectors use basic authentication (user and passwords or tokens), which might not be sufficient to meet organization security policies. -With this release, the <> now supports client certification, which enables you to leverage the connector for secured integration with third parties. - -The {webhook-cm} connector also moves from technical preview to general availability in this release. +image::images/monaco-console.png[Console's redesign featuring the Monaco editor] [discrete] === Machine Learning [discrete] -==== Improved UX for Log Pattern Analysis in Discover +==== The Inference API is now Generally Available -Analyze large volumes of logs efficiently, in very short times with Log Pattern Analysis in **Discover**. In 8.15, we redesigned the Log Pattern Analysis user flow in **Discover** to make it easier to use. Discover log patterns with one click for the message field (and other applicable text fields) and easily filter in and out logs to drastically reduce MTTR. - -image::https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blt7e63d7e764ab183e/669a807bd316c7015db35458/ml-log-pattern-analysis.gif[New log pattern analysis interface] +Starting in 8.16, the {ref}/inference-apis.html[Inference API] is now GA, offering production-level stability, robustness and performance. Elastic’s Inference API integrates the state-of-the-art in AI inference, including ELSER, your Elastic hosted models and {ref}/put-inference-api.html#put-inference-api-desc[an increasing array of external models and tasks] in a unified, lean syntax. Used with {ref}/semantic-text.html[semantic_text] or the vector fields supported by the Elastic vector database, you can perform AI search, reranking, and completion with simplicity. In 8.16, we're also adding streamed completions for improved flows and real time interactions and GenAI experiences. [discrete] -==== Log Rate Analysis contextual insights in serverless Observability +==== ELSER and trained models adaptive resources and chunking strategies -You can now see insights in natural language, for example for the root cause of a log rate change or threshold alert, in Log Rate Analysis. This feature is currently only available for Observability serverless projects. +From 8.16, ELSER and the other AI search and NLP models you use in Elastic automatically adapt resource consumption according to the inference load, providing the performance you need during peak times and reducing the cost during slow periods, all the way down to zero cost during idle times. -image::images/obs-log-rate-analysis-insigths.png[Log Rate Analysis contextual insights in serverless Observability] +We're also improving the UX through which you deploy your models. You can provision search-optimized and ingest-optimized model deployments with a one-click selection. An optimized configuration is created without the need to specify parameters such as threads and allocations. Combined with the flexibility of ML auto-scaling on Elastic Cloud and the incredible elasticity of Elastic Cloud Serverless, you are in full control of both performance and cost. -[discrete] -==== Inference API improvements +image::https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blt429790e1de1b4f93/67222fb048ec8c73255ef4eb/trained_models.gif[Trained models and ELSER] -The inference API provides a seamless, intuitive interface to perform inference and other tasks against proprietary, hosted, and integrated external services. In 8.15, we're extending it with the following capabilities: +In addition, from 8.16 you can choose between a word or sequence-based chunking strategy to use with your trained models, and you can also customize the maximum size and overlap parameters. A suitable chunking strategy can result in gains depending on the model you use, the length and nature of the texts and the length and complexity of the search queries. -* Support for Anthropic's chat completion API. -* Ability to host cross encoder models and perform the reranking task. - - -[discrete] -=== Managing {kib} users and objects [discrete] -==== Sharing improvements +==== Support for Daylight Saving Time changes in Anomaly Detection -You can now share a dashboard, search, or Lens object in one click. When sharing an object, the most common actions are directly presented to you, and a short link is automatically generated, making it simpler than ever to share your work. +In 8.16, we are introducing support for DST changes in Anomaly Detection. Set up a DST calendar by selecting the right timezone and apply it to your anomaly detection jobs individually or in groups. This feature eliminates any false positives that you may have experienced previously due to Daylight Saving Time changes, and works without the need for your intervention for many years ahead. -image::images/share-modal.png[New object share modal, width=50%] - -[discrete] -==== Quick API key creation - -Many API keys don’t require custom settings, so we made it simple to generate a standard key. From the **Endpoints & API keys** top menu in Search, you can create a key in seconds. - -image::images/create-simple-api-key.png[Shortcut to create an API key, width=60%] - -[discrete] -==== Filtering by User in Kibana Audit Logs +image::https://images.contentstack.io/v3/assets/bltefdd0b53724fa2ce/blt5fb82f18cde26710/67222fb086339971144a31e5/daylight_savings.gif[DST support in Anomaly Detection] -We are pleased to share that ignoring events by user in Kibana audit logs is now possible. This enhancement will give you more flexibility to reduce the overall number of events logged by the Kibana audit logs service and to control the volume of data being generated in audit logs. While we currently offer a number of ways to do this using the `xpack.security.audit.ignore_filters.[]` configuration setting, there wasn't an easy option to filter by user. With this addition, you can configure Kibana audit logs to ignore events based on values from the following fields: users, spaces, outcomes, categories, types and actions. \ No newline at end of file