IMPORTANT: No additional bug fixes or documentation updates
will be released for this version. For the latest information, see the
current release documentation.
6.4.0 release highlights
edit6.4.0 release highlights
editSee also Elasticsearch 6.4.0 release notes.
Analysis
edit-
Option to index phrases on text fields - A new
index_phrases
option has been added totext
fields. When enabled this option will index 2-shingles of the field in a separate Lucene field to allow faster, more efficient, phrase searches on that field with the trade-off of consuming more disk space in the index. For more information, see text field type. -
Korean analysis tools - A new plugin has been added which provides analysis tools for the Korean language. The new
nori
analyzer can be used to analyze Korean text "out of the box" and custom analyzers can use a tokenizer, part of speech token filter and a Hanja reading form token filter. For more information, see Nori Plugin. - Add multiplexing token filter - This new token filter allows you to run tokens through multiple different tokenfilters and stack the results. For example, you can now easily index the original form of a token, its lowercase form and a stemmed form all at the same position, allowing you to search for stemmed and unstemmed tokens in the same field. For more information, see Multiplexer token filter.
Machine learning
edit- Improve your machine learning results with custom rules. If you want to fine tune your machine learning results (for example, to skip anomalies related to certain servers), you can now create custom rules in Kibana and by using machine learning APIs. Custom rules instruct anomaly detectors to change their behavior based on domain-specific knowledge that you provide. See Customizing detectors with custom rules
- The machine learning analytics can now detect specific change points in a time series, such as step changes, linear scaling, and time shifts (for example, related to daylight savings). There is also a new probability model that can predict when step changes might occur. As a result, the machine learning results are more robust and can make more accurate predictions when these types of changes are present in your data.
Mappings
edit-
alias
field type - A new field type can now be added in the mappings. Analias
field allows a field to be defined in the mappings which is an alias of another field meaning that the alias name can be used when referring to the field. For example the mapping in an index may have ahostname
field and the mapping might define a alias fieldhost_name
so that when a user searches using thee fieldhost_name
it actually searches thehostname
field. This can be useful for helping migrate between schemas where field names have been changed an for searching across multiple indexes which may have different field names for the same information. For more information, see Alias field type -
_ignored
meta field - A new meta field has been added to documents. The_ignored
field will contain the field names of any fields that were ignored at index time due to theignore_malformed
option. This means that malformed documents can be more easily discovered by usingexists
orterm
queries on this new meta field. For more information, see _ignored field.
Rank Eval API
edit- Expected Reciprocal Rank metric for Rank Eval API - The Expected Reciprocal Rank has been added to the available metrics in the Rank Eval API. ERR is an extension of the classical reciprocal rank which in order to determine the usefulness of a document at position K in the results, it uses the degree of relevance of the document at positions less than K as well. For more information see Rank Evaluation API
Search
edit-
Cross-cluster search will no longer use dedicated master nodes as gateway nodes - Previously the gateway node on a remote cluster used by cross-cluster search was selected based only on the node’s version and node attributes set in the
search.remote.node.attr
setting. This meant that unless carefully configured any node in the cluster could potentially be used as a gateway node for a cross-cluster search. This may cause problems when running with dedicated master nodes as it is undesirable for master eligible nodes to be used for any search activity. Starting from 6.4.0 cross-cluster search will no longer consider dedicated master eligible nodes as potential gateway nodes providing a better out of the box default for running cross cluster searches. -
Format option for doc_value fields -
doc_value
fields in the Search API can now specify aformat
field to control the format of the value in the response. For more information, see doc_value fields. - Support second level of field collapse - This extends the field collapsing feature to allow the top item for two fields to be retrieved. For example retrieving top scored tweets by country, and for each country, top scored tweets for each user. This can be an alternative to using multiple levels of terms aggregations along with top hits. For more information, see Field Collapsing.
Security
edit- Kerberos authentication support is now available. For more information, see configuring a Kerberos realm.
- Elasticsearch now offers a FIPS 140-2 compliant mode. For more information, see FIPS 140-2 compliance.
Snapshot and Restore
edit6.4.0 has seen a great amount of small improvements to the Snapshot and Restore. No less than 53 S&R related changes went into this release. The changes ranges include improving testing infra structure, tightening up calls to Cloud providers API and upgrading underlying 3rd party libraries.
Specifically we want to highlight the added support for AWS session tokens to both the EC2 discovery plugin and the S3 repository plugins. This allows Elasticsearch to use AWS devices protected by multi factor authentication.