29 results found
-
OpenSearch Dashboards custom branding
As an OpenSearch customer,
I want to change the branding from "OpenSearch" to my own branding,
In order to allow my end-customer to have access to the same OpenSearch Dashboard that I have9 votes -
Offer support for Learning To Rank Opensearch plugin
As an AI engineers, developer using OpenSearch for ML applications,
I want to incorporating machine learning in relevance ranking
So that I can better improve my application with proper ranking-> recommendation8 votes -
Opensearch mTLS authentication
As developer
I want to connect to Opensearch using mTLS connection
so that I can rely on a trusted connection instead only on IP filtering or other mechanisms.5 votes -
Make index snapshots possible for faster data restoration
As a SRE or operations engineer
I want to be able to create index snapshots manually or with a policy
so that I can easily and quickly restore partial data after an unintentional index corruption.
In addition, I understand this would require a shared storage between cluster nodes which means additional storage so it would make sense to make it a paid feature and/or include it in the tiered storage project.4 votesThanks for posting the idea, the idea is reasonable. I will update the status once we know more about plan with this idea
-
Make OpenSearch Dashboards session timeout configurable
As a developer
I would like to have the following configuration options exposed:opensearch_security.cookie.ttl
opensearch_security.session.ttl
opensearch_security.session.keepaliveso that I can lengthen the dashboard session timeout for my users.
3 votes -
Inability to extract fields upon search
As a database admin
I want to define field patterns at search
so that I can effectively work with new field pattern3 votes -
Internal data table/lookup functionality
As a database admin
I want to have queries run upon a schedule and populate internal data tables
so that I can enrich the search and alerting functionality3 votes -
One-click visualisation creation from Discover in OpenSearch
As a security analyst,
I want to create a visualisation from a search, which can then be added to an existing or new dashboard, so that I can save time creating dashboard elements and create dashboard elements in a much easier manner than is currently possible.
2 votes -
Compliance dashboards for OpenSearch
As a security operator,
I want to have a view of our compliance status across various data sources, in a 'continual assurance' manner. e.g. PCI, SOC2, ISO27001, or frameworks such as NIST CSF. So that I can get a continual view of degredations as they occur.
so that I can [describe the benefit or a problem you want to solve]
In addition, [share any additional context or why this idea is important to you]2 votes -
API integration for cloud event sources
As a security analyst,
I want to collect events directly from cloud resources (XaaS, eg AWS, Azure, Okta, Github, GCP...) without having to run an intermediary host such as Logstash, so that I can lower my infrastructure cost, lower external hosting complexity and lower our maintenance overhead.
2 votes -
Correlation between indexes in OpenSearch Dashboards
As a security analyst,
I want to be able to search across more than one index within Discover (and Dashboards queries), so that I can enrich data between sources.
For example, Okta logs contain an organisations user logins, along with their IP addresses. We may also have SSHd logs, and between the two we could correlate IP address to provide user details into a search of SSH logs. Many examples could be found.
In addition, [share any additional context or why this idea is important to you]2 votes -
A unified search, alarm & dashboarding experience in OpenSearch
As a security analyst,
I want to have a unified alerting, dashboarding and search experience in my SIEM, so that our capabilities are not spread across multiple plugins with differing query languages.
Currently between Dashboards/Discover, Security Analytics, Observability there is not a unified experience, it is extremely confusing and difficult to use, and to make this harder each component has a different set of upstream repositories and seemingly little co-ordination between them in features, documentation and bug fixes, making the experience very confusing and difficult.
2 votes -
Search a string as another data type in OpenSearch
As a security or data analyst,
I want to be able to treat a string as another data type at search, for example searching the string "1" as an integer upon search, so that I can search data appropriately without having to update the mapping and reindex all data.
2 votes -
OpenSearch Dashboards range pickers in Visualisations
As a security analyst,
I want to utilise 'range' in visualisations without having to Edit Query as DSL,
so that I can save time and also have people without extensive DSL knowledge create visualisations.2 votes -
Keep OpenSearch Security Plugin SIGMA rules up to date.
As a security analyst and operator,
I want to utilise up-to-date SIGMA rules in the OpenSearch Security Plugin, so that I can utilise current contributions from the opensource community.
For example - at the time of writing this - the Okta rules in Security Plugin repo (main branch) have not been updated since February 2023 - with 13 rules available , while the SIGMA repo (master branch) Okta rules were last updated in December 2023 - with 21 rules available, notably including rules based on the high-profile Okta breach in 2023.
This can be observed across many rule categories, with…
2 votes -
View the underlying data of a visualisations in OpenSearch Dashboard
As an OpenSearch user
I want to view the data underneath the visualisation
so that I can quickly identify root cause of some abnormal behaviour of my system2 votes -
Support externally hosted models in OpenSearch
As developer
I want to configure OpenSearch to generate embeddings using remote models on OpenAI, Cohere, Sagemaker, etc.
so that I can use the best available models on the market and simplify my codebase by letting OpenSearch generate these embeddingshttps://opensearch.org/docs/latest/ml-commons-plugin/remote-models/index/
1 vote -
Simplified Data Visualization Dashboard
As a Data Analyst, I propose developing a user-friendly data visualization dashboard tailored for non-technical users. The goal is to make data insights accessible without requiring advanced analytics skills. This dashboard would feature drag and drop functionality, allowing users to easily customize charts and graphs. Pre-built templates for common metrics could help streamline the process, and real-time data updates would ensure users always see the most current information.
Incorporating interactive elements like clickable filters and tooltips would enhance usability, enabling users to explore data without feeling overwhelmed. By focusing on intuitive design and ease of use, this dashboard could empower…
1 vote -
Enable all cross cluster replication APIs
As an OpenSearch operator
I want to be able to pause, stop, and start cross cluster replication
so that I can use this feature to support failover in a disaster recovery scenario.Typically in Elasticsearch or Opensearch, CCR can be used to support a DR deployment by placing two clusters (a leader and follower) in separate regions. When the leader cluster becomes unavailable, applications/clients can failover to the follower cluster by stopping replication on the following cluster which makes it a regular index.
https://opensearch.org/docs/latest/tuning-your-cluster/replication-plugin/api/
1 voteCurrently we are controlling this process of start/pause etc so we can control replication process during the entire cluster's lifecycle (through all the node recycling, upgrading etc.) to ensure the stability of our services.
I put this to Gather interest, I am also aware of the failover capability mentioned in the ideas as well (we have different ideas ticket for that), this is something we can have a look and see if we need to expose all APIs if the main usecase is failover
-
OpenSearch compute-optimized and storage-optimized clusters
As an architect
I want to create right-sized clusters for my use case
so that I can get the most value.Currently, all the OpenSearch clusters have a 1:4 CPU:RAM ratio. High throughput application search use cases often have small data sets and can benefit from more relative CPU than RAM or disk (e.g. 1:2 CPU:RAM ratio). Logging use cases with large volumes of data may benefit from storage optimized instances with 1:8 CPU:RAM ratio with more disk.
1 vote
- Don't see your idea?