According to a new press release, “Elastic N.V., the company behind Elasticsearch and the Elastic Stack, announced the general availability of version 1.0 of the Elastic Common Schema (ECS), an open source specification developed with support from the Elastic user community that provides a consistent and customizable way for users to structure their event data in Elasticsearch. ECS facilitates the unified analysis of data from diverse sources so that content such as dashboards and machine learning jobs can be applied more broadly, searches can be crafted more efficiently, and field names can be recalled by analysts more easily.”
Shay Banon, founder and CEO of Elastic, noted, “As our users continue to store new and more diverse data in Elasticsearch, such as logs, metrics, and security events from cloud resources, hosts, services, and network devices, the ability to ask questions that span across these sources becomes even more important… The Elastic Common Schema provides a shared language for our community of users to understand their data, collaborate to develop resources across the Stack, and more quickly drill down to identify a potential attacker or determine the root cause of an operational issue.”
The release goes on, “Implementing ECS simplifies the analysis of disparate data sources, supporting a wide range of use cases, including logging, security analytics, and application performance monitoring. When fully adopted, ECS helps users to more easily visualize, search, drill down, and pivot through their data. ECS also streamlines the implementation of automated analysis methods, including machine learning-based anomaly detection and alerting.”
Read more at Business Wire.
Image used under license from Shutterstock.com