An observability solution for today’s “always-on” world

Market-leading AIOps 

Elastic, with its 10 years of development in machine learning, allows you to not only bring your own models, but it’s truly built to do the work for you. Here are several examples of Elastic Observability’s out-of-the-box capabilities using built-in machine learning models, including data frame analytics, and natural language processing (NLP):

• Anomaly detection – Elastic helps you find patterns in your data out of the box, without having to build or modify any machine learning models. Use time series modeling to detect anomalies in single or multiple time series, population data, and forecast trends based on historical data. You can also detect anomalies in logs by grouping messages, and uncover root causes by reviewing anomaly influencers or fields correlated with deviations from baselines.
• Log spike analysis and built in log categorization – Elastic continuously scans and analyzes logs to help you understand when a log spike is a significant deviation from the normal baseline and understand groupings (categorization) of logs to help you analyze issues through simplifying your log analytics.
• Automatic error and latency correlation for trace distributions in APM – The Elastic APM correlation capability automatically surfaces attributes of the APM data set that are correlated with high-latency or erroneous transactions and have the most significant impact on overall service performance.

These features are all prebuilt, one-click capabilities without the need to know ML because the modeling, data frame analytics, and NLP we have in our ML capabilities help support these ML based features. These ML based features support log analytics, APM, and infrastructure telemetry data, by reducing your time to find root cause analysis.

The combination of Elastic Observability’s data in context features and AIOps features will help you, as an SRE, improve predictability and reduce MTTx (whether it’s mean time to repair, response, or failure). As an SRE, your ultimate goal is to focus on improving your business and productivity, and these two key capabilities will aid you in achieving this.

Obtaining insights with open data and analytics

With a deep history in open source, not only is Elastic continuously increasing its support for open source projects, but Elastic also innovates to enable you to bring in your own data and analyze it as needed within our open platform.

Ongoing open source support:
Elastic continuing support for open source now includes (but not limited to):

• Native Open Telemetry support
• Istio support for Elastic Agent
• Prometheus support for Elastic Agent

Elastic Common Schema:
Elastic provides the ability to bring in your data models through Elastic Common Schema (ECS). ECS is an open source specification that defines a common set of document fields for data ingested into Elasticsearch. ECS gives you the flexibility to collect, store, and visualize any data. This includes metrics, logs, traces, content, and events from your apps and infrastructure.

ECS is designed to support uniform data modeling, enabling you to centrally analyze data from diverse sources with both interactive and automated techniques. ECS offers both the predictability of a purpose-built taxonomy and the versatility of an inclusive spec that adapts for custom use cases. ECS allows you to normalize event data, so that you can better analyze, visualize, and correlate the data represented in Elastic. 

This ECS helps minimize the need to modify or ETL your data in order to ingest it into Elastic. This significantly minimizes your need to modify your process and existing tools versus simply just sending data into Elastic.

We believe this continued support for open source projects and custom data and models support enables Elastic Observability to integrate smoothly into your operations processes without modifying it to fit what a vendor provides.

Custom machine learning models:
Elastic Observability’s machine learning, in addition to the prebuilt out-of-the-box capabilities discussed earlier in this blog, provides:

• Prebuilt unsupervised learning and preconfigured models that identify observability and security issues (anomaly and outlier detections) without having to worry about how to train an AI model
• Prebuilt data frame analysis, which uses supervised models to help aid in classification and regression analysis
• Natural language models to help analyze information that is ingested and identify patterns such as PII data identification, which when coupled with scripts, redact this sensitive information
• An ability to bring in your own models to help analyze and visualize data the way you want

By supporting the most popular and commonly used open source ML frameworks, Elastic Observability is the platform of choice for organizations with advanced machine learning teams in-house. These organizations have invested significant time and money developing their own models to help analyze data and develop customized insights for their needs and daily operations. With Elastic’s machine learning, you can easily add these custom models into Elastic Observability. 

Here are two examples of using publicly available models:

Conclusion

While the need for observability is readily apparent, the bigger challenge is to find the right platform for both today and tomorrow. While out-of-the-box observability capabilities are important, the ability to customize and build a platform that will serve your organization in the long-run is sometimes overlooked. Given the unique digital footprint organizations typically have for their on-premises and cloud environment, the flexibility to adapt and evolve over time is crucial for any enterprise observability solution.

At the core, observability is about unifying your observability data and then deriving both real-time and historical insights into the performance of your applications and systems, with the overarching goal of establishing operational excellence, which leads to a stronger and more robust customer experience. 

Elastic Observability is well-positioned for your future by delivering advanced AIOps and machine learning on top of a platform built for open data and lightning-quick analytics. The complex, distributed nature of modern applications today that need to be always-on (and are generating terabytes of telemetry data), demands observability that provides the flexibility and power for your future.  

As we’ve shown above, the power and flexibility of Elastic allows you to get a complete picture from application to infrastructure while also helping them manage business performance. Hopefully you’ve seen how Elastic can help:

• Improve your operational efficiency by combining both production and business data while managing SLOs
• Improve team productivity with better features and the use of machine learning to increase your time on design and improving the business
• Integrate into your day-to-day SRE operational processes without change through our open approach through open source adoption and the ability to bring your own data and analysis models

What are you waiting for? Try out Elastic Cloud and sign up for an account, and see how easy and simple Elastic Observability is to use and integrate.