Open Distro for Elasticsearch is a 100% open-source distribution of Elasticsearch, the popular search and analytics engine. In this session, we explore its many new advanced features—previously available only in commercial software—including encryption in transit, role-based access control (RBAC), event monitoring and alerting, SQL support, cluster diagnostics, and more. We also show you how you can join the Open Distro for Elasticsearch community to accelerate open innovation for Elasticsearch.

1. © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.S U M M I T
Open Distro for Elasticsearch
Darin Briskman
Developer Evangelist
AWS
A D B 2 0 1

2. S U M M I T
What is Elasticsearch?
Sometimes referred to as the
“ELK Stack”—Elasticsearch,
Logstash, and Kibana
Distributed search and analytics engine
built on Apache Lucene
Easy ingestion and visualization
Other partner solutions: Splunk, Sumo
Logic, Logz.io, and Loggly
Source: DB-Engines.com, April 2019

3. S U M M I T
Machine data driving Elasticsearch growth
Machine-generated data is growing 10x faster vs. business data… logs, logs, and more logs
Source: insideBIGDATA—The Exponential Growth of Data, February 16, 2017
IT and DevOps:
Databases, servers,
storage, networking
Increase in IoT and
mobile devices: Gaming,
sensors, web content
Cloud-based
architectures
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.

4. S U M M I T
How do we think about OSS licensing and distribution?
Base OSS free of
proprietary code
Keep commercial
software on top
of OSS separate
Allow anyone to
innovate on OSS
Don’t change
licensing or
distribution
midstream

5. S U M M I T
An Apache 2.0-licensed
distribution of Elasticsearch enhanced
with enterprise-grade security,
alerting, SQL, and more

6. S U M M I T
Enterprise-grade
Delivering security
and advanced capabilities such
as alerting, SQL,
and cluster diagnostics
100% open source
Providing you the
freedoms, so you can
freely view, use, change,
and distribute the code
Community-driven
Providing individuals
and organizations the freedom
to easily contribute changes to
the distro
Benefits of Open Distro for Elasticsearch

7. S U M M I T
Open Distro for Elasticsearch: Features
Security
Achieve encryption
in flight, role-based
access control, audit
logging, and compliance
Alerting
Monitor your data
and send automatic
alerts on any changes
in your data
SQL
Easily interact with your
Elasticsearch cluster and
extract insights using the
familiar SQL query syntax
SQL
Performance
Analyzer
Get deep visibility into
system bottlenecks even
when your Elasticsearch
cluster
is under duress

8. S U M M I T
Security
Encryption
Keep your data secure when in transit
Authentication
Leverage your existing
authentication infrastructure
RBAC
Granular access control to control
the user actions on your cluster
Audit logging
Track and record all user actions
and meet HIPAA, PCI compliance
Keep your data secure

9. S U M M I T
Alerting
Create monitors
Query the data you want to
and receive alerts on it
Customize alert conditions
Define alerting threshold and severity
for multiple trigger conditions
View alerts
All alert executions are indexed
for easy tracking and visualization
Get notifications
Built-in integrations for webhook and Slack
to get notified on the channels you use
Receive alerts on your data

10. S U M M I T
SQL support
Comprehensive SQL support
Supports more than 40 functions, data types,
and commands including join support
Translate SQL to JSON
Create JSON using SQL to configure
sophisticated access control policies
Use existing tools
Provides a JDBC driver so you
can use various types of business
intelligence, analytics, and ETL tools
Query data with SQL

11. S U M M I T
Performance Analyzer
Identify bottlenecks across the stack
Provides a powerful REST API for
querying Elasticsearch metrics to
diagnose issues across the stack
Runs independent of your cluster
Perform diagnostics even if
the cluster is under duress
Analyze hundreds of data points
Supports more than 60 metrics across
10 dimensions for instrumentation
of your cluster health
Get deep diagnostic insights into your cluster

12. S U M M I T
PerfTop CLI
Provides pre-configured
dashboards for analyzing
cluster, node, and shared
performance
Custom JSON templates to
create the dashboards to
diagnose your cluster
performance

13. S U M M I T
Flexible deployment options
RPM DebianDocker

14. S U M M I T
Simple to get started
Visit the website
Download the Elasticsearch
and Kibana packages
Load and query data
2
1
3

15. S U M M I T
Community and contributions
The success of Open Distro for Elasticsearch is driven by the community’s
participation in, contributions to, and innovation with respect to the project.
You can follow project
discussions, engage
with fellow community
members, contribute
PRs,
file bugs, or request
a feature at:
Discussion forums
https://discuss.opendistrocommunity.dev/
Community
https://github.com/opendistro-for-
elasticsearch/community/issuesPhoto by Perry Grone on Unsplash

16. S U M M I T
Useful links
Project website and technical documentation
https://opendistro.github.io/for-elasticsearch/
Source code
https://github.com/opendistro-for-elasticsearch
© 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.

17. S U M M I T
Thank you!
S U M M I T © 2019, Amazon Web Services, Inc. or its affiliates. All rights reserved.
Darin Briskman
briskman@amazon.com