X-Pack is a single enhancement plug-in that fully integrates across the entire Elastic Stack. All of the features of X-Pack are built and maintained by Elastic engineers, so that you don’t have to. The complete pack is part of an Elastic subscription service and can be added to your existing Elastic deployment. X-Pack contains the following components:
Security (formerly Shield)
X-Pack security features give the right access to the right people, delivering access to the right users at the right time. X-Pack fully integrates with authentication systems like Active Directory and LDAP, custom created realms with home-grown identity management systems and built-in native authentication. X-Pack Security grants your Elastic Stack the power to manage users and roles, delivering specific access to the right users. Multitenancy support grants users access to specific Elasticsearch indices. SSL/TLS encryption can be used to secure node-to-node, HTTP and transport client traffic across your Elastic Stack. Protect access to your cluster from unapproved hosts with IP Filtering. Auditing logs let you maintain a complete record of all system and user activity.
Alerting (formerly Watcher)
Get notified so that you don’t miss a thing. Alerting features in X-Pack gives you the full power of the Elasticsearch query language to identify changes in your data that are interesting to you or your infrastructure team. In other words, if you can query something in Elasticsearch, you can build an alert on it. Get alerts in your preferred communications, like Slack, email and HipChat, and features webhook outputs to integrate with your existing monitoring infrastructure. A complete alerting history is kept for easy visualisation in Kibana.
Common examples of alerts could be:
- Same user logs in from multiple locations
- Your product is trending on social media
- A component of a system is nearing the end of life
- Credit card numbers are visible on your application logs
- Elasticsearch indexing rate has plummeted
Monitoring (formerly Marvel)
The X-Pack monitoring features helps you to keep a pulse on your Elastic Stack and how it’s performing to make sure that you’re getting the most out of it. Its collection of dashboards help you to assess their status at various levels, providing you with all the information that you need to keep your Elastic Stack optimized. Analyze the performance of your current cluster against historical data, to help with future capacity planning. Multicluster monitoring support helps you to simplify your workflow.
Quickly generates reports of any Kibana visualization or dashboard, on demand, scheduled for later, trigger by conditions. All these reports are also easily shareable to stakeholders, and can be scheduled to be delivered at specific times. The Reporting feature can handle large volumes of reporting requests, scaling along with your enterprise’s needs.
Graph offers a relationship orientated approach that lets you explore the connections in your data using the relevance capabilities of Elasticsearch. Use graph to distinguish between popularity and relevance, and explore the Elasticsearch indices to uncover hidden relationships.
Complex, fast-moving datasets make it nearly impossible to spot infrastructure problems, intruders, or business issues as they happen using rules or humans looking at dashboards. X-Pack machine learning features automatically model the behavior of your Elasticsearch data — trends, periodicity, and more — in real time to identify issues faster, streamline root cause analysis, and reduce false positives.
With X-Pack, your Elastic Stack experience can be infinitely enriched. Here’s how:
- Secure it: Activate authentication for your cluster and define roles and permissions
- Monitor it: Maintain a pulse on your Elastic Stack to keep it firing on all cylinders
- Report it: Easily generate and share reports of your Kibana visualizations