We’re happy to announce that we just released Search Guard v43.0.0, compatible with Elasticsearch 7.8.0 and above.
This release fixes several issues in Search Guard and the Kibana plugin, and also adds a bunch of new features, for example:
Hot-Reload TLS certificates
You can now reload the TLS certificates on any Elasticsearch nodes without restarting the node. This includes the node certificates, HTTP certificates and, if required, even the root certificates. This makes it easier to exchange certificates that are about to expire and basically removes the necessity to perform a rolling restart.
Documentation: TLS Hot Reload
Search Guard supports certificate revocation by using Certificate Revocation Lists (CRL) or the Online Certificate Status Protocol (OCSP). If your PKI supports this feature, you can easily revoke certificates that have been compromised. In combination with the ability to hot-reload certificates, this gives you a powerful feature set to control the lifetime of your certifcates.
Support for async search
Search Guard now fully supports Elasticsearch async searches and protects the search results by applying our battle-proven role based access control.
Signals: Improved UI for blocks mode
We have re-worked the UI for the Signals Alerting blocks mode, making it simpler than ever to create inputs, checks, conditions and calculations. We reduced the amount of actual JSON code you have to write to the bare minimum.
You can find the full change logs of Search Guard v43 here:
You can find all versions here: