What’s new in 7.13
editWhat’s new in 7.13
editHere are the highlights of what’s new and improved in Elasticsearch 7.13!
For detailed information about this release, see the Release notes and Migration guide.
Other versions: 7.12 | 7.11 | 7.10 | 7.9 | 7.8 | 7.7 | 7.6 | 7.5 | 7.4 | 7.3 | 7.2 | 7.1 | 7.0
Frozen tier is now GA
editThe frozen tier and partially mounted indices, formerly known as shared cache searchable snapshots, are now generally available. We these features as technical previews in 7.12. See the 7.12 announcement.
Index runtime fields
editRuntime fields let you dynamically create fields from other fields and document properties at query time. These query-time runtime fields optimize for flexibility over speed, letting you change them at any time.
With 7.13, you can now also create index-time runtime fields, trading flexibility for better query performance. See Index a runtime field.
Match IPv4 and IPv6 addresses against CIDR ranges in Painless
editPainless expressions can now match IPv4 and IPv6 addresses against CIDR ranges. This is useful for classifying and grouping IP addresses in security and monitoring use cases. This feature is available in all contexts, including runtime fields, ingest, search, and aggregations.
For example:
CIDR myCidrRange = new CIDR('10.1.1.0/25');
myCidrRange.contains('10.1.1.127'); // true
myCidrRange.contains('10.1.1.129'); // false
myCidrRange = new CIDR('2001:0db8:85a3::/64');
myCidrRange.contains('2001:0db8:85a3:0000:0000:8a2e:0370:7334'); // true
myCidrRange.contains('2001:0db8:85a3:0001:0000:8a2e:0370:7334'); // false
New combined_fields query type
edit7.13 introduces the combined_fields query, a new DSL query type for
searching multiple text fields as a combined field. You can use the
combined_fields query as a simpler alternative to the multi_match query’s
cross_fields type option. See the
combined_fields query
documentation.
Faster terms aggregations
editWe’ve significantly improved the speed of the terms aggregation when:
- It has no parent or child aggregations.
- Target indices have no deleted documents or were recently merged.
- You don’t use document-level security.
- There’s no top-level query.
-
The field has global ordinals, such as a
keywordoripfield. - There are fewer than a thousand distinct terms.
Many time series use cases are likely to meet these criteria, particularly for data in the cold or frozen tier.
Data frame analytics and inference are generally available
editThe ability to train outlier detection, regression, and classification models and then use those models to infer against incoming data becomes generally available in 7.13.
Trained model aliases
editTo simplify the deployment and upgrade of trained models, the concept of model
aliases is introduced in 7.13. When using a model_alias in an ingest pipeline,
it is now possible to make changes to the underlying referenced model without
having to update the pipeline. The underlying referenced model changes in place
for all ingest pipelines automatically when the new model is loaded into cache.