Elastic tackles containers and APM in the new 6.5 release

In its latest release, the company now called Elastic is now aiming higher up the stack, treading on the turf of application performance management vendors (APM), and tackling the realities of container-based deployment.


The company now known as Elastic is releasing today the 6.5 version of its stack that facilitates monitoring log data at the container level and escalates rivalry with APM vendors. The new features further differentiate the company's product stack from the pure open source implementations offered by many third parties.

For enterprises, container abstraction for log monitoring for the moment will be a checkbox feature, in that most adoption of containers is under hood -- they are the basic for native application and data services offered by cloud platform providers. But on the horizon, we expect enterprise development teams will start getting the hands dirty as they build their own cloud-native architectures either inside the firewall or as part of their use of cloud infrastructure-as-a-service.

The 6.5 release allows system admins and DevOps practitioners to introspect log-based metrics in any host, pod, or container for cloud-native deployment. And while we're talking cloud-native deployment, the 6.5 release adds new capabilities for monitoring serverless environments like AWS Lambda with the initial release of Functionbeat. It collects data from sources like Amazon CloudWatch logs and Simple Queue Service.

As Elastic adds capabilities for supporting the new forms of deployments, largely cloud-native, involving containers and serverless infrastructure, another theme of the new release is going higher up the stack and ramping up competition with, as opposed to complementing, APM vendors. The new release of Elastic APM allows users to correlate data on application performance with infrastructure logs, server metrics, and security events to identify bottlenecks.

In itself, this capability overlaps those of APM vendors. APM vendors have built their IP over the years understanding how to abstract low level log readings from the standpoint of application processes making their way through IT infrastructure. A major difference form Elastic is that the APM crowd built their expertise in the walled gardens of data center deployments. By contrast, Elastic was not necessarily engineered for the cloud, but its scale-out, big data architecture made it a natural for the cloud.

The competition between Elastic and NewRelic, AppDynamics, and Dynatrace and the rest of the APM crowd is over the question of who becomes the trusted source for pinpointing bottlenecks. Is it the APM tool that collates Elastic results or vice versa? The new release makes that more of an open question.

Other enhancements are more incremental. Kibana adds some new visualization features aimed at streamlining collaboration. The Canvas visualization feature now allows live data presentations that are more interactive. Cross-cluster replication scales Elasticsearch indexes, as they can now become available on multiple clusters. As with database replication, this feature is useful, both for faster local searching and for high-availability scenarios. What's now needed is an automated failover capability that would leverage the new replication support.

In all, these enhancements are yet another step for the recently IPO'd company that takes more steps getting beyond its search index and open source Splunk alternative roots. As my Big on Data bro George Anadiotis wrote almost exactly a year ago, the company is now "about a lot more than search." The 6.5 release takes Elastic more in the direction of an APM solution that is also becoming container-aware.