Популярные статьи
Реклама
Обратная связь
Яндекс Апдейт
Сервис не доступен
Оцените работу движка
Кто онлайн
Гость RosalinaMacandie Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Yandex Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Гость Всего: 46
У нас искали
Binary Options Trading System Upto 90 Accuracy
trading system upto 90 accuracy.
Tue, 08 Feb 2022 09:20:06 GMT.
Mon, 07 Feb 2022 14:00:00 GMT.
index: true and specify the similarity metric we’re using to compare them:
PUT index >>>PUT index/_doc ,Then, after adding vectors, we can search for the k nearest neighbors to a query vector:GET index/_knn_search >,The new _knn_search endpoint uses HNSW graphs to efficiently retrieve similar vectors. Unlike exact kNN, which performs a full scan of the data, it scales well to large datasets. Here’s an example that compares _knn_search to the exact approach based on script_score queries on a dataset of 1 million image vectors with 128 dimensions, averaging over 10,000 different queries: Approach Queries Per Second Recall (k=10) script_score 5.257 1.000 _knn_search 849.286 0.945,
In this example, ANN search is orders of magnitude faster than the exact approach. Its recall is around 95%, so on average, it finds over 9 out of the 10 true nearest neighbors.
You can check on the performance of kNN search in the Elasticsearch nightly benchmarks. These benchmarks are powered by es-rally, a tool for Elasticsearch benchmarking, specifically the new dense_vector Rally track. We plan to extend Rally to report recall in addition to latency, as it’s also important to track the accuracy of the algorithm. Currently these benchmarks test a dataset of a couple million vectors, but ANN search can certainly scale beyond this with a greater index time or the addition of hardware resources.
Powered by Apache Lucene.
Many of Elasticsearch’s core search capabilities are powered by the Lucene library, an open source project governed by the Apache Software Foundation. Elasticsearch ANN is no exception, and is built on an exciting new Lucene feature for storing and searching numeric vectors. This feature is the result of a great collaboration involving several developers across different organizations. Starting as a bold proposal, it quickly progressed to a working (and fast) implementation. Then came the challenge of designing the API and rounding out the feature.
Since then, the Lucene community has continued to collaborate to push the feature forward. Several developers took interest and made contributions, from redesigning names, to algorithm updates, performance improvements, and more. Lucene’s vector search capabilities are quickly expanding thanks to everyone’s efforts.
In addition to the fruitful collaboration, developing ANN in Lucene brings other major benefits. Lucene's implementation is designed at a low-level to integrate correctly with existing functionality, which allows ANN search to interact seamlessly with other Elasticsearch features. Such a deep integration would not really be possible if we depended on an external ANN library. For example, Lucene ANN transparently handles deleted documents by skipping over 'tombstones' during the graph search. It also respects all of Lucene's data compatibility guarantees, so you can be sure that vector data still works after an upgrade. Finally, the implementation written in Java just like Elasticsearch, which allows us to ensure its security and simplify memory management.
What’s next?
In 8.0, the _knn_search endpoint for efficient ANN search will be released as a "technical preview". ANN search is a relatively new topic not only for Elastic, but for the industry, and there are significant open questions around how it should behave. What is the best way to combine vector similarity scores with traditional BM25 scores? Should kNN search support pagination? Developing ANN as its own experimental endpoint will let us quickly iterate on and test its behavior. We plan to ultimately integrate ANN into the _search API once we have solid answers for these questions. (Although _knn_search is not yet GA, the dense_vector field type was made GA in 7.6 and continues to have a stable API.)
Some key capabilities we plan to support include ANN with filters, as well as "hybrid" search where ANN results are combined with those from a traditional query. We’re also working to improve indexing speed, as building HNSW graphs can be an expensive operation. We think of this release as just a beginning, and look forward to improving ANN search over the upcoming releases. Your feedback is really valuable, and helps shape the direction of the feature. We’d love to hear from you on GitHub and our Discuss forums (and in Lucene too)!
Try out ANN search on Elastic Cloud by logging into the Elastic Cloud console or signing up for a free 14-day trial.
Mon, 07 Feb 2022 14:00:00 GMT.
Sat, 05 Feb 2022 00:18:07 GMT.
The benchmark array defines a list of scenarios, each composed of a few fields:
label : the Jenkins stage label name : the Elasticsearch index that will be used to store results docker : the Docker image containing the test to run backend : the Docker image deployed as a backend alert_fields : The fields that will be looked at by the alerting system, with an optional threshold for the t-score when the 1.5 default is not suited.
In that example, for Crawler Wide , the backend image is a static website we use as a target during the test.
If you are curious about what the Web Crawler is, check out its documentation: Web crawler | Elastic App Search Documentation [7.15]
Jenkins nested nodes are an exquisite and straightforward way to orchestrate a deployment from scratch without synchronization headaches. For instance, the "start-stack.sh" script blocks until the deployed stack is up and running and looks healthy, and then the next node block is executed. In practice, the client node will only be running once the stack node is ready, and the stack node only once the backend node is ready.
The IPs of each node are shared through simple variables across the layers to communicate with each other. Simple yet highly effective.
Once the test is done, results are sent to an Elasticsearch instance deployed on a dedicated cloud instance that collects the data over time. We have a Kibana instance running on top of it and some dashboards to display the results.
In the chart below, you can see the whole deployment when a performance job is running.
This setup is heavily inspired by the APM team’s work for orchestrating multiple node tests in Jenkins. See, for instance, this end-to-end test pipeline.
Measure performance accurately,
There’s a myriad of options when it comes to measuring performance.
For a web application, the simplest and most effective way is to build "user journeys" scenarios, run them using HTTP clients, and collect in-app metrics. We exercise the application like a real user would do and observe how the stack performs.
Those scenarios are also called "macro-benchmarks" because they interact with the application through its interfaces, unlike a "micro-benchmark" that would pick a portion of the code and run it in total isolation.
We already have a few scenarios for Enterprise Search that can run against a stack, but developers perform them manually, often on their laptops, and their results are not comparable.
The goal of the performance regression framework is to provide a way to run those scenarios in the same environment and to collect metrics we can compare.
Technically speaking, those scenarios use HTTP clients, and in most cases, HTTP API calls are enough to exercise specific features, like crawling an external website. We can do a lot through API calls in App Search and Workplace Search.
In the example below (extract), we use the Python Enterprise Search client to run a crawl job against the Swiftype website and wait for it to finish.
Sat, 05 Feb 2022 00:18:07 GMT.
Fri, 04 Feb 2022 23:42:52 GMT.
Fri, 04 Feb 2022 23:42:52 GMT.
Thu, 03 Feb 2022 14:30:00 GMT.
libBPFCov.so LLVM pass: ,
For example, you may notice that we have 2 __profc_ counters.
The first is for the BPF_PROG macro that expands to a function, the second for the actual BPF raw tracepoint program hook_sys_enter . This one has size 3. That’s because the hook_sys_enter function has 3 main regions: the entry of the function, the if conditional, and the for cycle.
You may also notice that the LLVM pass, for each one of the 2 functions we have, split the __profd_ global structs into 7 different global variables in the .rodata.profd section.
Someone who has an eye for it may also have noticed that the third field of __profd_ — now __profd_something.2 — does not contain anymore the address of its counters. I didn’t want (nor I could) to expose kernel addresses, so I put here the offset of the counters in their section ( .data.profc ).
Finally, you can also see that, as anticipated before, we completely deleted the __covrec_ global constant structs from this IR that’s meant to generate a valid and loadable BPF ELF. While the instructions incrementing the counters in the correct spots are not touched at all. So we don’t need another screenshot to show them!
The only missing moving part is how to generate a valid profraw file. We stripped any logic for doing it. We know that for generating it we need all the globals we left in this LLVM intermediate representation. But we have no sane way to hook the exit or the stop of an eBPF program in the Linux kernel.
Suddenly, inspiration came: let’s pin the globals to the BPF file system so that we can decouple the process of generating the profraw file from the running (and exiting) of the instrumented eBPF application!
And that’s what the bpfcov CLI does.
Before moving to the next section, I suggest you go to the bpfcov repository and start building the pass to obtain libBPFCov.so . You can find the instructions on how to build it here.
bash clang -g -O2 \ -target bpf \ -D__TARGET_ARCH_x86 -I$(YOUR_INCLUDES) \ -fprofile-instr-generate -fcoverage-mapping \ -emit-llvm -S \ -c raw_enter.bpf.c -o raw_enter.bpf.ll opt -load-pass-plugin $(BUILD_DIR)/lib/libBPFCov.so -passes="bpf-cov" \ -S raw_enter.bpf.ll -o raw_enter.bpf.cov.ll llc -march=bpf -filetype=obj -o cov/raw_enter.bpf.o raw_enter.bpf.cov.ll,
You can see in the Makefile inside the examples/src directory of the bpfcov GitHub repository how to automate those steps.
We now have a valid and coverage instrumented BPF ELF: cov/raw_enter.bpf.o .
From now on, you can instruct your loader and userspace code to use it, so to obtain a (eg., /cov/raw_enter ) that is your eBPF application.
bash sudo ./bpfcov -v2 run cov/raw_enter,
This command acts similar to strace. It will detect the bpf() syscalls with the BPF_MAP_CREATE command.
Meaning that it will detect the eBPF globals in the .profc , .profd , .profn , and .covmap custom eBPF sections and pin them to the BPF file system, as you can see in the following screenshot.
You may also notice that - since the LLVM pass annotated the counters correctly - libbpf can collect relocations for them…
At this point, whether we stopped our eBPF application or it exited… We have eBPF maps pinned to our BPF file system. Let’s check it:
Wonderful, we already know that the hook_sys_enter function executed one time, the if condition did not evaluate to true, while the for iterated nine times!
It’s time to put the counters, the function names, the functions data, in a profraw file now.
This is why I created the bpfcov gen command exists: to dump the pinned maps in a profraw file.
shell sudo ./bpfcov -v2 gen –unpin cov/raw_enterhttps://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt86e90993d73953bc/61f97dbfd970ea1bb42ad284/code-coverage-ebpf-programs-bpfcovgen-command.png,code-coverage-ebpf-programs-bpfcovgen-command.png,
And this is the resulting profraw file for our instrumented eBPF program!
You can see it’s made of four parts: a header, .rodata.profd , .data.profc (ie., the counters!), and the names ( .rodata.profn ), plus some padding for alignment…
We can now either use the existing LLVM tools ( llvm-profdata and llvm-cov ) with it or simply use the out subcommand.
The bpfcov out command is an opinionated shortcut to generate HTML, JSON, or LCOV coverage reports even from multiple eBPF programs and their profraw files.
It is very convenient because it avoids us having to generate profdata from the profraw , calling llvm-cov with a bunch of long and different options. And it even works with multiple profraw files coming from different eBPF applications…
shell ./bpfcov out -o yey –f html \ cov/raw_enter.profraw …,
It outputs a very nice HTML directory whose index file gives us summaries not only about function and line coverage but also and notably about region and branch coverages for our eBPF applications.
By clicking on any item in the table we end up visualizing very fine-grained, source-based coverage. A good example is the one in the following image:
Furthermore, it does work also on very complicated and real-life eBPF programs. For example, the following screenshot is a part of the coverage report obtained for a BPF LSM test (progs/lsm.c, loaded by prog_tests/test_lsm.c) living in the Linux kernel.
Thanks to this tool I can finally understand that over a total of eight executions of the lsm/file_mprotect BPF LSM program on my kernel, its is_stack variable was true two times out of eight, because six times the vma->vm_end >= vma->vm_mm->start_stack branch condition (98:58) evaluated to false.
Line 100, using is_stack in another condition, confirms that it was indeed true two times out of six. And that, for this reason (first operand - 100:6 - is_stack being false six times), the following check (100:18) on monitored_pid was short-circuited and evaluated (to true, by the way) only two times.
We finally have a tool helping us write and understand the way our eBPF programs run in the Linux kernel. I can’t stress enough how this is something I dreamt of so many times during the past few years I’ve been working with BPF…
Hope that the eBPF community and ecosystem will find bpfcov useful and cool the same way I do.
Thu, 03 Feb 2022 14:30:00 GMT.
Thu, 03 Feb 2022 14:00:00 GMT.
Thu, 03 Feb 2022 14:00:00 GMT.
Thu, 03 Feb 2022 08:00:00 GMT.
Thu, 03 Feb 2022 08:00:00 GMT.
Thu, 03 Feb 2022 00:00:00 GMT.
Thu, 03 Feb 2022 00:00:00 GMT.
Tue, 01 Feb 2022 19:00:00 GMT.
Tue, 01 Feb 2022 19:00:00 GMT.
Tue, 01 Feb 2022 13:30:00 GMT.
Tue, 01 Feb 2022 13:30:00 GMT.
Fri, 28 Jan 2022 00:00:00 GMT.
Fri, 28 Jan 2022 00:00:00 GMT.
Academic papers are an invaluable resource for engineers developing data-intensive systems. But implementing them can be intimidating and error-prone — algorithm descriptions are often complex, with important practical details omitted. And testing is a real challenge: for example, how can we thoroughly test a machine learning algorithm whose output depends closely on the dataset?
This post shares strategies for implementing academic papers in a software application. It draws on examples from Elasticsearch and Lucene in hopes of helping other engineers learn from our experiences. You might read these strategies and think "but this is just software development!" And that would indeed be true: as engineers we already have the right practices and tools, they just need to be adapted to a new challenge.
Evaluate the paper as you would a software dependency.
Adding a new software dependency requires careful evaluation: if the other package is incorrect, slow, or insecure, our project could be too. Before pulling in a dependency, developers make sure to evaluate its quality.
The same applies to academic papers you're considering implementing. It may seem that because an algorithm was published in a paper, it must be correct and perform well. But even though it passed a review process, an academic paper can have issues. Maybe the correctness proof relies on assumptions that aren't realistic. Or perhaps the "experiments" section shows much better performance than the baseline, but this only holds on a specific dataset. Even if the paper is of great quality, its approach may not be a good fit for your project.
When thinking about whether to take a "dependency" on an academic paper, it's helpful to ask the same questions we would of a software package:
Is the library widely-used and "battle tested"? _ Have other packages implemented this paper, and has it worked well for them? Are performance benchmarks available? Do these seem accurate and fair? _ Does the paper include realistic experiments? Are they well designed? Is a performance improvement big enough to justify the complexity? _ Does the paper compare to a strong baseline approach? How much does it outperform this baseline? Will the approach integrate well with our system? _ Do the algorithm's assumptions and trade-offs fit our use case?
Somehow when a software package publishes a performance comparison against their competitors, the package always comes out fastest! If a third party designed the benchmarks, they may be more balanced. The same phenomenon applies to academic papers. If an algorithm performs well not only in the original paper, but also appears in other papers as a strong baseline, then it is very likely to be solid.
Get creative with testing.
Algorithms from academic papers often have more sophisticated behavior than the types of algorithms we routinely encounter. Perhaps it's an approximation algorithm that trades off accuracy for better speed. Or maybe it's a machine learning method that takes in a large dataset, and produces (sometimes unexpected) outputs. How can we write tests for these algorithms if we can't characterize their behavior in a simple way?
Focus on invariants.
When designing unit tests, it's common to think in terms of examples: if we give the algorithm this example input, it should have that output. Unfortunately for most mathematical algorithms, example-based testing doesn't sufficiently cover their behavior.
Let's consider the C3 algorithm, which Elasticsearch uses to figure out what node should handle a search request. It ranks each node using a nuanced formula that incorporates the node's previous service and response times, and its queue size. Testing a couple examples doesn't really verify we understood the formula correctly. It helps to step back and think about testing invariants: if service time increases, does the node's rank decrease? If the queue size is 0, is the rank determined by response time, as the paper claims?
Focusing on invariants can help in a number of common cases:
Is the method supposed to be order-agnostic? If so, passing the input data in a different order should result in the same output. Does some step in the algorithm produce class probabilities? If so, these probabilities should sum to 1. Is the function symmetric around the origin? If so, flipping the sign of the input should simply flip the sign of the output.
When we first implemented C3, we had a bug in the formula where we accidentally used the inverse of response time in place of response time. This meant slower nodes could be ranked higher! When fixing the issue, we made sure to add invariant checks to guard against future mistakes.
Compare to a reference implementation.
Alongside the paper, the authors hopefully published an implementation of the algorithm. (This is especially likely if the paper contains experiments, as many journals require authors to post code for reproducing the results.) You can test your approach against this reference implementation to make sure you haven't missed important details of the algorithm.
While developing Lucene's HNSW implementation for nearest-neighbor search, we tested against a reference library by the paper's authors. We ran both Lucene and the library against the same dataset, comparing the accuracy of their results and the number of computations they performed. When these numbers match closely, we know that Lucene faithfully implements the algorithm.
When incorporating an algorithm into a system, you often need to make modifications or extensions, like scaling it to multiple cores, or adding heuristics to improve performance. It's best to first implement a "vanilla" version, test it against the reference, then make incremental changes. That way you can be confident you've captured all the key parts before making customizations.
Duel against an existing algorithm.
The last section raises another idea for a test invariant: comparing the algorithm's output to a simpler and better-understood algorithm's output. As an example, consider the block-max WAND algorithm in Lucene, which speeds up document retrieval by skipping over documents that can't appear in the top results. It is difficult to describe exactly how block-max WAND should behave in every case, but we do know that applying it shouldn't change the top results! So our tests can generate several random search queries, then run them both with and without the WAND optimization and check that their results always match.
An important aspect of these tests is that they generate random inputs on which to run the comparison. This can help exercise cases you wouldn't have thought of, and surface unexpected issues. As an example, Lucene's randomized comparison test for BM25F scoring has helped catch bugs in subtle edge cases. The idea of feeding an algorithm random inputs is closely related to the concept of fuzzing, a common testing technique in computer security.
Elasticsearch and Lucene frequently use this testing approach. If you see a test that mentions a "duel" between two algorithms (TestDuelingAnalyzers, testDuelTermsQuery. ), Binary Options then you know this strategy is in action.
Use the paper's terminology.
When another developer works with your code, they'll need to consult the paper to follow its details. The comment on Elasticsearch's HyperLogLog++ implementation says it well: "Trying to understand what this class does without having read the paper is considered adventurous." This method comment also sets a good example. It includes a link to the academic paper, and highlights what modifications were made to the algorithm as it was originally described.
Since developers will base their understanding of the code on the paper, it's helpful to use the exact same terminology. Since mathematical notation is terse, this can result in names that would not usually be considered "good style", but are very clear in the context of the paper. Formulas from academic papers are one of the few times you'll encounter cryptic variable names in Elasticsearch like rS and muBarSInverse.
The author's recommended way of reading a paper: with a large coffee.
You can email the author.
When working through a tough paper, you may spend hours puzzling over a formula, unsure if you're misunderstanding or if there's just a typo. If this were an open source project, you could ask a question on GitHub or StackOverflow. But where can you turn for an academic paper? The authors seem busy and might be annoyed by your emails.
On the contrary, many academics love hearing that their ideas are being put into practice and are happy to answer questions over email. If you work on a product they're familiar with, they might even list the application on their website!
There's also a growing trend for academics to discuss papers in the open, using many of the same tools from software development. If a paper has an accompanying software package, you might find answers to common questions on Github. Stack Exchange communities like "Theoretical Computer Science" and "Cross Validated" also contain detailed discussions about popular papers. Some conferences have begun to publish all paper reviews online. These reviews contain back-and-forth discussions with the authors that can surface helpful insights about the approach.
To be continued.
This post focuses on the basics of choosing an academic paper and implementing it correctly, but doesn't cover all aspects of actually deploying the algorithm. For example, if the algorithm is just one component in a complex system, how do we ensure that changes to the component lead to end-to-end improvements? And what if integrating the algorithm requires substantial modifications or extensions that the original paper doesn't cover? These are important topics we hope to share more about in future posts.
Thu, 30 Sep 2021 01:00:00 GMT.
Thu, 30 Sep 2021 01:00:00 GMT.
Tue, 28 Sep 2021 15:00:00 GMT.
Tue, 28 Sep 2021 15:00:00 GMT.
Mon, 27 Sep 2021 17:00:00 GMT.
Mon, 27 Sep 2021 17:00:00 GMT.
Simply add the following to your Package.swift dependencies.
And add "iOSAgent" to the targets you wish to instrument:
The agent API.
The Elastic APM iOS Agent has a few project requirements:
It’s only compatible with Swift (sorry Objective-C engineers) It requires Swift v5.3 It requires the minimum of iOS v11.
The agent API is fairly slim. We provide a configuration object that allows the agent to be set up for an on-prem or cloud solution.
If you’re using SwiftUI to build your app, you can set up the agent as follows:
Read up more on configuration in the "Set up the Agent" doc.
The agent also captures any data recorded through the OpenTelementry-Swift APIs, including traces and metrics. Here’s an example on how to start a simple trace:
You can find more examples on how to use the OTel API at OpenTelementry-Swift examples.
If you decide to go this route, you may have to add OpenTelemetry-Swift as a dependency to your project as well.
Summary and future.
We would be thrilled to receive your feedback in our discussion forum or in our GitHub repository. Please keep in mind that the current release is a preview and we may introduce breaking changes. We are excited to be launching this mobile offering and already have many ideas for what comes next, but we want the community to help guide our direction. Check out our CONTRIBUTING.md and let the PRs fly!
Thu, 23 Sep 2021 18:00:00 GMT.
Thu, 23 Sep 2021 18:00:00 GMT.
S_bastien Arnaud — Exchanges & Data architect at the French Ministry of Agriculture.
Following initial training in the field of networks and IT security, he has worked on complex data exchange and transformation solutions. He likes to design and integrate innovative architectures for processing, storing and evaluating increasingly large volumes of data.
Thu, 23 Sep 2021 15:00:00 GMT.
Thu, 23 Sep 2021 15:00:00 GMT.
Generally available with Elastic 7.15, the Elastic App Search web crawler makes it easy to ingest website content.
Elastic Observability.
Automate root cause analysis for faster application troubleshooting.
DevOps teams and site reliability engineers are constantly challenged by the need to sift through overwhelming amounts of data to keep modern applications performant and error-free. More often than not, this is a manual and time-consuming effort. To effectively resolve complex problems, these users need the ability to collect, unify, and analyze an increasing volume of telemetry data and quickly distill meaningful insights. Automation and machine intelligence have become essential components of the troubleshooter’s toolkit.
With Elastic 7.15, we’re excited to announce the general availability of Elastic Observability’s APM correlations feature. This new capability will help DevOps teams and site reliability engineers to accelerate root cause analysis by automatically surfacing attributes of the APM data set that are correlated with high-latency or erroneous transactions.
Elastic APM correlations, now generally available, accelerate root cause analysis to free up DevOps and SRE teams.
Streamline monitoring of Google Cloud Platform services with frictionless log ingestion.
Elastic’s new Google Cloud Dataflow integration drives efficiency with the frictionless ingestion of log data directly from the Google Cloud Platform (GCP) console. This agentless approach provides an "easy button" for customers — eliminating the cost and hassle of administrative overhead and further extending Elastic’s ability to more easily monitor native GCP services.
Elastic Security.
With Elastic 7.15, Elastic Security augments extended detection and response by equipping Elastic Agent to end threats at the endpoint, with new layers of prevention for every OS and host isolation for cloud-native Linux environments.
Elastic Security 7.15 powers extended detection and response (XDR) with malicious behavior protection for every OS and host isolation for cloud-native Linux environments.
Stop advanced threats at the endpoint with malicious behavior protection for Linux, Windows, and macOS hosts.
Malicious behavior protection, new in version 7.15, arms Elastic Agent to stop advanced threats at the endpoint. It provides a new layer of protection for Linux, Windows, and macOS hosts, powered by analytics that prevent attack techniques leveraged by known threats. This capability buttresses existing malware and ransomware prevention with dynamic prevention of post-execution behavior. Prevention is achieved by pairing post-execution analytics with response actions tailored to disrupt the adversary early in the attack, such as killing a process to stop a payload from being downloaded.
Contain attacks with one-click host isolation from within Kibana.
In addition to malicious behavior protection, with the release of Elastic 7.15, Elastic Security enables analysts to quickly and easily quarantine Linux hosts via a remote action from Kibana. With (just) one click, analysts can respond to malicious activity by isolating a host from a network, containing the attack and preventing lateral movements. While host isolation was introduced for Windows and macOS in version 7.14, it is now available on every OS protected by Elastic Agent.
We’re implementing this capability on Linux systems via extended Berkeley Packet Filter (eBPF) technology, a reflection of our commitment to technologies that enable users to observe and protect modern cloud-native systems in the most frictionless way possible.
For more information on our continuing efforts in the realm of cloud security, check out our recent announcements on Elastic joining forces with build.security and Cmd.
To learn more about what’s new with Elastic Security in 7.15, visit the Elastic Security 7.15 blog.
Elastic Cloud.
Whether customers are looking to quickly find information, gain insights, or protect their technology investments (or all of the above), Elastic Cloud is the best way to experience the Elastic Search Platform. And we continue to improve that experience with new integrations that let customers ingest data into Elastic Cloud even more quickly and securely.
Ingest data faster with Google Cloud Dataflow.
With Elastic 7.15, we’re pleased to announce the first-ever native Google Cloud data source integration to Elastic Cloud — Google Cloud Dataflow. This integration enables users to ship Pub/Sub, Big Query, and Cloud Storage data directly into their Elastic Cloud deployments without having to set up an extra intermediary data shipper, utilizing Google Cloud’s native serverless ETL service. The integration simplifies data architectures and helps users ingest data into Elastic Cloud faster.
Ensure data privacy with the general availability of Google Cloud Private Service Connect.
We’re also excited to announce that support for Google Private Service Connect is now generally available. Google Private Service Connect provides private connectivity from Google Cloud virtual private clouds (VPCs) to Elastic Cloud deployments. The traffic between Google Cloud and Elastic Cloud deployments on Google Cloud travels only within the Google Cloud network, utilizing Private Service Connect endpoints and ensuring that customer data stays off the (public) internet.
Google Private Service Connect provides easy and private access to Elastic Cloud deployment endpoints while keeping all traffic within the Google network.
To learn more about what’s new with Elastic Cloud, visit the Elastic Platform 7.15 blog.
Read more in our latest release blogs.
Test our mettle.
Existing Elastic Cloud customers can access many of these features directly from the Elastic Cloud console. If you’re new to Elastic Cloud, take a look at our Quick Start guides (bite-sized training videos to get you started quickly) or our free fundamentals training courses. You can always get started for free with a free 14-day trial of Elastic Cloud. Or download the self-managed version of the Elastic Stack for free.
The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all.
Wed, 22 Sep 2021 16:04:00 GMT.
Wed, 22 Sep 2021 16:04:00 GMT.
Wed, 22 Sep 2021 16:03:00 GMT.
Wed, 22 Sep 2021 16:03:00 GMT.
inverted_index.term_frequencies of zero and low inverted_index.positions to match_only_text (added in 7.14) can save around 10% of disk.
With the index disk usage API you can see how much disk space is consumed by every field in your index. Knowing what fields take up disk, you can decide which indexing option or field type is best. For example, keyword or match_only_text may be better than text for certain fields where scoring and positional information is not important. Or, use runtime fields to create a keyword at query time for flexibility and saving space.
Finally, the vector tiles API provides a huge performance and scalability improvement when searching geo_points and geo_shapes drawn to a map (through use of vector tiles). Offloading these calculations to the local GPU significantly improves performance while also lowering costs by reducing network traffic both within the cluster and to the client.
Composite runtime fields.
Elastic 7.15 continues to evolve the implementation of runtime fields in Elasticsearch and Kibana.
In Elasticsearch, composite runtime fields enable users to streamline field creation using one Painless script to emit multiple fields, with added efficiencies for field management. Use patterns like grok or dissect to emit multiple fields using one script instead of creating and maintaining multiple scripts. Using existing grok patterns also makes it faster to create new runtime fields and reduces the time and complexity of creating and maintaining regex expressions. This development makes it easier and more intuitive for users to ingest new data like custom logs. See more on runtime fields in Kibana 7.15 below.
What’s new in Kibana 7.15.
Runtime fields editor preview pane.
Combined with the introduction of composite fields for Elasticsearch (above), a new preview pane in the runtime fields editor in Kibana 7.15 makes it even easier to create fields on the fly. The preview pane empowers users to test and preview new fields before creating them — for example, by evaluating a new script against documents to check accuracy in Index Patterns, Discover, or Lens. In addition, pinning specific fields in the preview pane simplifies script creation. This enhancement also includes better error handling for the editor, all to help streamline the field creation process and allow users to create runtime fields more quickly. More developments for runtime fields are on the horizon as we continue to make previously ingested data easier to parse from Kibana.
Other updates across the Elastic Stack and Elastic Cloud.
Elastic Cloud.
Leverage more cost-effective hardware options on GCP: Google Compute Engine’s (GCE) N2 VMs for Elastic Cloud deployments running on Google Cloud offer up to 20% better CPU performance compared to the previous generation N1 machine types. Learn more in the blog post.
Elasticsearch.
Build complex flows with API keys: Search and pagination for API keys allow you to build complex management flows for keys, based on your own metadata.
Kibana.
Sync across time and (dashboard) space with your cursor: A new hover feature in Kibana charts that highlights corresponding data across multiple charts makes it easier for users to home in on specific time periods to observe and explore trends. In addition to time series, this will also highlight the same non-time data on multiple dashboard panels. Customize charts with legend-ary updates: Legends inside charts (great for busy dashboards) and multi-line series names in legends make it easier for teams to follow the data story on a dashboard. Get a head start on Maps exploration: Metadata for points and shapes is now auto-generated in Elastic Maps when a user creates an index and explores with edit tools. The user and timestamp data is saved for further exploration and management. Also, a new layer action allows users to view only the specific layer they are interested in. Learn more in the Kibana docs.
Machine learning.
Monitor Binary Options machine learning jobs easily: Operational alerts for machine learning jobs simplify the process of managing machine learning jobs and models, and alerts in Kibana make it easier to track and follow up on errors. Adjust and reset models without the fuss: The reset jobs API makes working with models much easier across Kibana, from the Logs app to Elastic Security. Reuse and scale machine learning jobs: Jobs can now be imported and exported, allowing users to reuse jobs created in lab environments or in multiple-cluster environments. Sharing jobs across deployments makes jobs more consistent and easier to scale. Investigate transaction latency: Elastic APM correlations, powered by machine learning, streamline root cause analysis. The Elasticsearch significant terms aggregation was enhanced with a p_value scoring heuristic, and Kibana’s new transaction investigation page for APM aids analysts in a holistic exploration of transaction data. To learn more, read the Observability 7.15 blog. Learn more in the Kibana and Elasticsearch docs.
Integrations.
Run Elastic Package Registry (EPR) as a Docker image: now you can run your own EPR to provide information on external data sources to air-gapped environments. By using the EPR Docker image, you can integrate, collect and visualize data using Elastic Agents. For more information, please refer to this Elastic guide.
Try it out.
Existing Elastic Cloud customers can access many of these features directly from the Elastic Cloud console. If you’re new to Elastic Cloud, take a look at our Quick Start guides (bite-sized training videos to get you started quickly) or our free fundamentals training courses. You can always get started for free with a free 14-day trial of Elastic Cloud. Or download the self-managed version of the Elastic Stack for free.
Read about these capabilities and more in the 7.15 release notes (Elasticsearch, Kibana, Elastic Cloud, Elastic Cloud Enterprise, Elastic Cloud on Kubernetes), and other Elastic 7.15 highlights in the Elastic 7.15 announcement post.
The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all.
Wed, 22 Sep 2021 16:02:00 GMT.
Wed, 22 Sep 2021 16:02:00 GMT.
Get an integrated roll-up view of application logs across application services running on ephemeral infrastructure to quickly find errors and other causes of application issues.
Identify issues with third-party and backend service dependencies, and leverage detailed drilldowns for comparing historical performance and impact on upstream services.
We’ve also enhanced the existing transaction latency distribution chart and trace selection with more granular buckets and the flexibility to drag-select all application traces that fall within a desired range of latencies.
Agentless ingestion of logs from Google Cloud Platform (GCP) for frictionless observability.
Elastic’s new GCP Dataflow integration drives efficiency with frictionless ingestion of log data directly from the Google Cloud console. The agentless approach provides an "easy button" option for customers who want to avoid the cost and hassle of managing and maintaining agents, and further extends monitoring to native GCP services.
The Google and Elastic teams worked together to develop an out-of-the-box Dataflow template that a user can select to push logs and events from Pub/Sub to Elastic.
Additional data sources: JVM metrics support for JRuby, Azure Spring Cloud logs integration, and Osquery metrics in host details panel.
With the 7.15 release, we have also enhanced our application and cloud data collection for JRuby and Azure. Now you can get visibility into system and JVM metrics for JRuby applications and continuously monitor and quickly debug issues encountered in Spring boot applications running on Azure (beta).
Osquery provides a flexible and powerful way to collect any data from a target host it's installed on. The Osquery integration with the Elastic Agent, introduced in 7.13, opened up a spectrum of capabilities to support troubleshooting of security and observability use cases. Previously, Osquery could be used via Kibana to perform live and scheduled queries, with the query results stored in a dedicated data stream. With 7.15, Osquery is now directly integrated into the enhanced host details panel and delivers ad hoc querying capabilities on the target host.
Self-managed version of Elastic Package Registry (EPR) now available for air-gapped deployments.
If you host your Elastic Stack in an air-gapped environment and want to take advantage of the recently GA Elastic Agent and Fleet, we have good news for you. Elastic Package Registry (EPR) is now available as a Docker image that can be run and hosted in any infrastructure setting of your choice. In environments where network traffic restrictions are mandatory deploying your own instance of EPR enables Kibana to download package metadata and content in order to access all available integrations and deliver the relevant out-of-box components and documentation. Currently, the EPR Docker image is a beta standalone server that will continue to grow and evolve. For more information, check out the Elastic guide for running EPR in air-gapped environments.
Try it out.
Existing Elastic Cloud customers can access many of these features directly from the Elastic Cloud console, or, if you'd prefer, you can download the latest version.
If you’re new to Elastic Cloud, take a look at our Quick Start guides (bite-sized training videos to get you started quickly) or our free fundamentals training courses. You can always get started for free with a free 14-day trial of Elastic Cloud.
Read about these capabilities and more in the Elastic Observability 7.15 release notes, and other Elastic Stack highlights in the Elastic 7.15 announcement post.
The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all.
Wed, 22 Sep 2021 16:01:00 GMT.
Wed, 22 Sep 2021 16:01:00 GMT.
Reason field, which conveys why an alert has triggered. An updated Fields browser gives analysts greater control over the columns in the Alerts table, organizing fields by category and providing descriptions alongside field names to help practitioners leverage the full power of Elastic Common Schema (ECS).
With an updated Alerts flyout, analysts can view a summary of the alert and quickly understand why it was generated. Hover actions provide new ways to interact with the alert table or an investigation timeline. The flyout also provides several ways to take action on an alert, such as adding the alert to a new or existing case, changing the alert status, isolating an alerting host (for hosts running Agent with the endpoint security integration), and initiating an investigation.
Inspect hosts with osquery on Elastic Agent.
Osquery Manager delivers several exciting enhancements in the 7.15 release:
Standardize scheduled query results with ECS.
When defining scheduled queries, you can now map query results to ECS fields to standardize your osquery data for use across detections, machine learning, and any other areas that rely on ECS-compliant data. This capability greatly increases the value of the queries you run by making those results more readily usable across the Elastic Stack.
Access controls for osquery.
7.15 gives security teams more control over who can access osquery and view results. Previously, only superusers could use osquery, but access to this feature can now be granted as needed, empowering administrators to delegate who can run, save, or schedule queries:
With a free and open Basic license, organizations can grant All , Read , or No access to superusers and non-superusers alike — improving administrative control and enabling non-superusers access to osquery. With a Gold license, organizations can achieve finer-grained control. For example, they can constrain who's allowed to edit scheduled queries, or allow certain users to run saved queries but prevent ad-hoc queries.
Scheduled query status at a glance.
Scheduled query groups now show the status of individual queries within a group, allowing analysts to understand at a glance whether there are any results to review or issues to address. Surfacing this information can also help analysts tune queries and resolve any errors.
Try it out.
Existing Elastic Cloud customers can access many of these features directly from the Elastic Cloud console. If you’re new to Elastic Cloud, take a look at our Quick Start guides (bite-sized training videos to get you started quickly) or our free fundamentals training courses. You can always get started with a free 14-day trial of Elastic Security. Or download the self-managed version of the Elastic Stack for free.
Read about these capabilities and more in the Elastic Security 7.15 release notes, and other Elastic Stack highlights in the Elastic 7.15 announcement post.
The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all.
Tue, 08 Feb 2022 09:20:06 GMT.
Mon, 07 Feb 2022 14:00:00 GMT.
index: true and specify the similarity metric we’re using to compare them:
PUT index >>>PUT index/_doc ,Then, after adding vectors, we can search for the k nearest neighbors to a query vector:GET index/_knn_search >,The new _knn_search endpoint uses HNSW graphs to efficiently retrieve similar vectors. Unlike exact kNN, which performs a full scan of the data, it scales well to large datasets. Here’s an example that compares _knn_search to the exact approach based on script_score queries on a dataset of 1 million image vectors with 128 dimensions, averaging over 10,000 different queries: Approach Queries Per Second Recall (k=10) script_score 5.257 1.000 _knn_search 849.286 0.945,
In this example, ANN search is orders of magnitude faster than the exact approach. Its recall is around 95%, so on average, it finds over 9 out of the 10 true nearest neighbors.
You can check on the performance of kNN search in the Elasticsearch nightly benchmarks. These benchmarks are powered by es-rally, a tool for Elasticsearch benchmarking, specifically the new dense_vector Rally track. We plan to extend Rally to report recall in addition to latency, as it’s also important to track the accuracy of the algorithm. Currently these benchmarks test a dataset of a couple million vectors, but ANN search can certainly scale beyond this with a greater index time or the addition of hardware resources.
Powered by Apache Lucene.
Many of Elasticsearch’s core search capabilities are powered by the Lucene library, an open source project governed by the Apache Software Foundation. Elasticsearch ANN is no exception, and is built on an exciting new Lucene feature for storing and searching numeric vectors. This feature is the result of a great collaboration involving several developers across different organizations. Starting as a bold proposal, it quickly progressed to a working (and fast) implementation. Then came the challenge of designing the API and rounding out the feature.
Since then, the Lucene community has continued to collaborate to push the feature forward. Several developers took interest and made contributions, from redesigning names, to algorithm updates, performance improvements, and more. Lucene’s vector search capabilities are quickly expanding thanks to everyone’s efforts.
In addition to the fruitful collaboration, developing ANN in Lucene brings other major benefits. Lucene's implementation is designed at a low-level to integrate correctly with existing functionality, which allows ANN search to interact seamlessly with other Elasticsearch features. Such a deep integration would not really be possible if we depended on an external ANN library. For example, Lucene ANN transparently handles deleted documents by skipping over 'tombstones' during the graph search. It also respects all of Lucene's data compatibility guarantees, so you can be sure that vector data still works after an upgrade. Finally, the implementation written in Java just like Elasticsearch, which allows us to ensure its security and simplify memory management.
What’s next?
In 8.0, the _knn_search endpoint for efficient ANN search will be released as a "technical preview". ANN search is a relatively new topic not only for Elastic, but for the industry, and there are significant open questions around how it should behave. What is the best way to combine vector similarity scores with traditional BM25 scores? Should kNN search support pagination? Developing ANN as its own experimental endpoint will let us quickly iterate on and test its behavior. We plan to ultimately integrate ANN into the _search API once we have solid answers for these questions. (Although _knn_search is not yet GA, the dense_vector field type was made GA in 7.6 and continues to have a stable API.)
Some key capabilities we plan to support include ANN with filters, as well as "hybrid" search where ANN results are combined with those from a traditional query. We’re also working to improve indexing speed, as building HNSW graphs can be an expensive operation. We think of this release as just a beginning, and look forward to improving ANN search over the upcoming releases. Your feedback is really valuable, and helps shape the direction of the feature. We’d love to hear from you on GitHub and our Discuss forums (and in Lucene too)!
Try out ANN search on Elastic Cloud by logging into the Elastic Cloud console or signing up for a free 14-day trial.
Mon, 07 Feb 2022 14:00:00 GMT.
Sat, 05 Feb 2022 00:18:07 GMT.
The benchmark array defines a list of scenarios, each composed of a few fields:
label : the Jenkins stage label name : the Elasticsearch index that will be used to store results docker : the Docker image containing the test to run backend : the Docker image deployed as a backend alert_fields : The fields that will be looked at by the alerting system, with an optional threshold for the t-score when the 1.5 default is not suited.
In that example, for Crawler Wide , the backend image is a static website we use as a target during the test.
If you are curious about what the Web Crawler is, check out its documentation: Web crawler | Elastic App Search Documentation [7.15]
Jenkins nested nodes are an exquisite and straightforward way to orchestrate a deployment from scratch without synchronization headaches. For instance, the "start-stack.sh" script blocks until the deployed stack is up and running and looks healthy, and then the next node block is executed. In practice, the client node will only be running once the stack node is ready, and the stack node only once the backend node is ready.
The IPs of each node are shared through simple variables across the layers to communicate with each other. Simple yet highly effective.
Once the test is done, results are sent to an Elasticsearch instance deployed on a dedicated cloud instance that collects the data over time. We have a Kibana instance running on top of it and some dashboards to display the results.
In the chart below, you can see the whole deployment when a performance job is running.
This setup is heavily inspired by the APM team’s work for orchestrating multiple node tests in Jenkins. See, for instance, this end-to-end test pipeline.
Measure performance accurately,
There’s a myriad of options when it comes to measuring performance.
For a web application, the simplest and most effective way is to build "user journeys" scenarios, run them using HTTP clients, and collect in-app metrics. We exercise the application like a real user would do and observe how the stack performs.
Those scenarios are also called "macro-benchmarks" because they interact with the application through its interfaces, unlike a "micro-benchmark" that would pick a portion of the code and run it in total isolation.
We already have a few scenarios for Enterprise Search that can run against a stack, but developers perform them manually, often on their laptops, and their results are not comparable.
The goal of the performance regression framework is to provide a way to run those scenarios in the same environment and to collect metrics we can compare.
Technically speaking, those scenarios use HTTP clients, and in most cases, HTTP API calls are enough to exercise specific features, like crawling an external website. We can do a lot through API calls in App Search and Workplace Search.
In the example below (extract), we use the Python Enterprise Search client to run a crawl job against the Swiftype website and wait for it to finish.
Sat, 05 Feb 2022 00:18:07 GMT.
Fri, 04 Feb 2022 23:42:52 GMT.
Fri, 04 Feb 2022 23:42:52 GMT.
Thu, 03 Feb 2022 14:30:00 GMT.
libBPFCov.so LLVM pass: ,
For example, you may notice that we have 2 __profc_ counters.
The first is for the BPF_PROG macro that expands to a function, the second for the actual BPF raw tracepoint program hook_sys_enter . This one has size 3. That’s because the hook_sys_enter function has 3 main regions: the entry of the function, the if conditional, and the for cycle.
You may also notice that the LLVM pass, for each one of the 2 functions we have, split the __profd_ global structs into 7 different global variables in the .rodata.profd section.
Someone who has an eye for it may also have noticed that the third field of __profd_ — now __profd_something.2 — does not contain anymore the address of its counters. I didn’t want (nor I could) to expose kernel addresses, so I put here the offset of the counters in their section ( .data.profc ).
Finally, you can also see that, as anticipated before, we completely deleted the __covrec_ global constant structs from this IR that’s meant to generate a valid and loadable BPF ELF. While the instructions incrementing the counters in the correct spots are not touched at all. So we don’t need another screenshot to show them!
The only missing moving part is how to generate a valid profraw file. We stripped any logic for doing it. We know that for generating it we need all the globals we left in this LLVM intermediate representation. But we have no sane way to hook the exit or the stop of an eBPF program in the Linux kernel.
Suddenly, inspiration came: let’s pin the globals to the BPF file system so that we can decouple the process of generating the profraw file from the running (and exiting) of the instrumented eBPF application!
And that’s what the bpfcov CLI does.
Before moving to the next section, I suggest you go to the bpfcov repository and start building the pass to obtain libBPFCov.so . You can find the instructions on how to build it here.
bash clang -g -O2 \ -target bpf \ -D__TARGET_ARCH_x86 -I$(YOUR_INCLUDES) \ -fprofile-instr-generate -fcoverage-mapping \ -emit-llvm -S \ -c raw_enter.bpf.c -o raw_enter.bpf.ll opt -load-pass-plugin $(BUILD_DIR)/lib/libBPFCov.so -passes="bpf-cov" \ -S raw_enter.bpf.ll -o raw_enter.bpf.cov.ll llc -march=bpf -filetype=obj -o cov/raw_enter.bpf.o raw_enter.bpf.cov.ll,
You can see in the Makefile inside the examples/src directory of the bpfcov GitHub repository how to automate those steps.
We now have a valid and coverage instrumented BPF ELF: cov/raw_enter.bpf.o .
From now on, you can instruct your loader and userspace code to use it, so to obtain a (eg., /cov/raw_enter ) that is your eBPF application.
bash sudo ./bpfcov -v2 run cov/raw_enter,
This command acts similar to strace. It will detect the bpf() syscalls with the BPF_MAP_CREATE command.
Meaning that it will detect the eBPF globals in the .profc , .profd , .profn , and .covmap custom eBPF sections and pin them to the BPF file system, as you can see in the following screenshot.
You may also notice that - since the LLVM pass annotated the counters correctly - libbpf can collect relocations for them…
At this point, whether we stopped our eBPF application or it exited… We have eBPF maps pinned to our BPF file system. Let’s check it:
Wonderful, we already know that the hook_sys_enter function executed one time, the if condition did not evaluate to true, while the for iterated nine times!
It’s time to put the counters, the function names, the functions data, in a profraw file now.
This is why I created the bpfcov gen command exists: to dump the pinned maps in a profraw file.
shell sudo ./bpfcov -v2 gen –unpin cov/raw_enterhttps://static-www.elastic.co/v3/assets/bltefdd0b53724fa2ce/blt86e90993d73953bc/61f97dbfd970ea1bb42ad284/code-coverage-ebpf-programs-bpfcovgen-command.png,code-coverage-ebpf-programs-bpfcovgen-command.png,
And this is the resulting profraw file for our instrumented eBPF program!
You can see it’s made of four parts: a header, .rodata.profd , .data.profc (ie., the counters!), and the names ( .rodata.profn ), plus some padding for alignment…
We can now either use the existing LLVM tools ( llvm-profdata and llvm-cov ) with it or simply use the out subcommand.
The bpfcov out command is an opinionated shortcut to generate HTML, JSON, or LCOV coverage reports even from multiple eBPF programs and their profraw files.
It is very convenient because it avoids us having to generate profdata from the profraw , calling llvm-cov with a bunch of long and different options. And it even works with multiple profraw files coming from different eBPF applications…
shell ./bpfcov out -o yey –f html \ cov/raw_enter.profraw …,
It outputs a very nice HTML directory whose index file gives us summaries not only about function and line coverage but also and notably about region and branch coverages for our eBPF applications.
By clicking on any item in the table we end up visualizing very fine-grained, source-based coverage. A good example is the one in the following image:
Furthermore, it does work also on very complicated and real-life eBPF programs. For example, the following screenshot is a part of the coverage report obtained for a BPF LSM test (progs/lsm.c, loaded by prog_tests/test_lsm.c) living in the Linux kernel.
Thanks to this tool I can finally understand that over a total of eight executions of the lsm/file_mprotect BPF LSM program on my kernel, its is_stack variable was true two times out of eight, because six times the vma->vm_end >= vma->vm_mm->start_stack branch condition (98:58) evaluated to false.
Line 100, using is_stack in another condition, confirms that it was indeed true two times out of six. And that, for this reason (first operand - 100:6 - is_stack being false six times), the following check (100:18) on monitored_pid was short-circuited and evaluated (to true, by the way) only two times.
We finally have a tool helping us write and understand the way our eBPF programs run in the Linux kernel. I can’t stress enough how this is something I dreamt of so many times during the past few years I’ve been working with BPF…
Hope that the eBPF community and ecosystem will find bpfcov useful and cool the same way I do.
Thu, 03 Feb 2022 14:30:00 GMT.
Thu, 03 Feb 2022 14:00:00 GMT.
Thu, 03 Feb 2022 14:00:00 GMT.
Thu, 03 Feb 2022 08:00:00 GMT.
Thu, 03 Feb 2022 08:00:00 GMT.
Thu, 03 Feb 2022 00:00:00 GMT.
Thu, 03 Feb 2022 00:00:00 GMT.
Tue, 01 Feb 2022 19:00:00 GMT.
Tue, 01 Feb 2022 19:00:00 GMT.
Tue, 01 Feb 2022 13:30:00 GMT.
Tue, 01 Feb 2022 13:30:00 GMT.
Fri, 28 Jan 2022 00:00:00 GMT.
Fri, 28 Jan 2022 00:00:00 GMT.
Academic papers are an invaluable resource for engineers developing data-intensive systems. But implementing them can be intimidating and error-prone — algorithm descriptions are often complex, with important practical details omitted. And testing is a real challenge: for example, how can we thoroughly test a machine learning algorithm whose output depends closely on the dataset?
This post shares strategies for implementing academic papers in a software application. It draws on examples from Elasticsearch and Lucene in hopes of helping other engineers learn from our experiences. You might read these strategies and think "but this is just software development!" And that would indeed be true: as engineers we already have the right practices and tools, they just need to be adapted to a new challenge.
Evaluate the paper as you would a software dependency.
Adding a new software dependency requires careful evaluation: if the other package is incorrect, slow, or insecure, our project could be too. Before pulling in a dependency, developers make sure to evaluate its quality.
The same applies to academic papers you're considering implementing. It may seem that because an algorithm was published in a paper, it must be correct and perform well. But even though it passed a review process, an academic paper can have issues. Maybe the correctness proof relies on assumptions that aren't realistic. Or perhaps the "experiments" section shows much better performance than the baseline, but this only holds on a specific dataset. Even if the paper is of great quality, its approach may not be a good fit for your project.
When thinking about whether to take a "dependency" on an academic paper, it's helpful to ask the same questions we would of a software package:
Is the library widely-used and "battle tested"? _ Have other packages implemented this paper, and has it worked well for them? Are performance benchmarks available? Do these seem accurate and fair? _ Does the paper include realistic experiments? Are they well designed? Is a performance improvement big enough to justify the complexity? _ Does the paper compare to a strong baseline approach? How much does it outperform this baseline? Will the approach integrate well with our system? _ Do the algorithm's assumptions and trade-offs fit our use case?
Somehow when a software package publishes a performance comparison against their competitors, the package always comes out fastest! If a third party designed the benchmarks, they may be more balanced. The same phenomenon applies to academic papers. If an algorithm performs well not only in the original paper, but also appears in other papers as a strong baseline, then it is very likely to be solid.
Get creative with testing.
Algorithms from academic papers often have more sophisticated behavior than the types of algorithms we routinely encounter. Perhaps it's an approximation algorithm that trades off accuracy for better speed. Or maybe it's a machine learning method that takes in a large dataset, and produces (sometimes unexpected) outputs. How can we write tests for these algorithms if we can't characterize their behavior in a simple way?
Focus on invariants.
When designing unit tests, it's common to think in terms of examples: if we give the algorithm this example input, it should have that output. Unfortunately for most mathematical algorithms, example-based testing doesn't sufficiently cover their behavior.
Let's consider the C3 algorithm, which Elasticsearch uses to figure out what node should handle a search request. It ranks each node using a nuanced formula that incorporates the node's previous service and response times, and its queue size. Testing a couple examples doesn't really verify we understood the formula correctly. It helps to step back and think about testing invariants: if service time increases, does the node's rank decrease? If the queue size is 0, is the rank determined by response time, as the paper claims?
Focusing on invariants can help in a number of common cases:
Is the method supposed to be order-agnostic? If so, passing the input data in a different order should result in the same output. Does some step in the algorithm produce class probabilities? If so, these probabilities should sum to 1. Is the function symmetric around the origin? If so, flipping the sign of the input should simply flip the sign of the output.
When we first implemented C3, we had a bug in the formula where we accidentally used the inverse of response time in place of response time. This meant slower nodes could be ranked higher! When fixing the issue, we made sure to add invariant checks to guard against future mistakes.
Compare to a reference implementation.
Alongside the paper, the authors hopefully published an implementation of the algorithm. (This is especially likely if the paper contains experiments, as many journals require authors to post code for reproducing the results.) You can test your approach against this reference implementation to make sure you haven't missed important details of the algorithm.
While developing Lucene's HNSW implementation for nearest-neighbor search, we tested against a reference library by the paper's authors. We ran both Lucene and the library against the same dataset, comparing the accuracy of their results and the number of computations they performed. When these numbers match closely, we know that Lucene faithfully implements the algorithm.
When incorporating an algorithm into a system, you often need to make modifications or extensions, like scaling it to multiple cores, or adding heuristics to improve performance. It's best to first implement a "vanilla" version, test it against the reference, then make incremental changes. That way you can be confident you've captured all the key parts before making customizations.
Duel against an existing algorithm.
The last section raises another idea for a test invariant: comparing the algorithm's output to a simpler and better-understood algorithm's output. As an example, consider the block-max WAND algorithm in Lucene, which speeds up document retrieval by skipping over documents that can't appear in the top results. It is difficult to describe exactly how block-max WAND should behave in every case, but we do know that applying it shouldn't change the top results! So our tests can generate several random search queries, then run them both with and without the WAND optimization and check that their results always match.
An important aspect of these tests is that they generate random inputs on which to run the comparison. This can help exercise cases you wouldn't have thought of, and surface unexpected issues. As an example, Lucene's randomized comparison test for BM25F scoring has helped catch bugs in subtle edge cases. The idea of feeding an algorithm random inputs is closely related to the concept of fuzzing, a common testing technique in computer security.
Elasticsearch and Lucene frequently use this testing approach. If you see a test that mentions a "duel" between two algorithms (TestDuelingAnalyzers, testDuelTermsQuery. ), Binary Options then you know this strategy is in action.
Use the paper's terminology.
When another developer works with your code, they'll need to consult the paper to follow its details. The comment on Elasticsearch's HyperLogLog++ implementation says it well: "Trying to understand what this class does without having read the paper is considered adventurous." This method comment also sets a good example. It includes a link to the academic paper, and highlights what modifications were made to the algorithm as it was originally described.
Since developers will base their understanding of the code on the paper, it's helpful to use the exact same terminology. Since mathematical notation is terse, this can result in names that would not usually be considered "good style", but are very clear in the context of the paper. Formulas from academic papers are one of the few times you'll encounter cryptic variable names in Elasticsearch like rS and muBarSInverse.
The author's recommended way of reading a paper: with a large coffee.
You can email the author.
When working through a tough paper, you may spend hours puzzling over a formula, unsure if you're misunderstanding or if there's just a typo. If this were an open source project, you could ask a question on GitHub or StackOverflow. But where can you turn for an academic paper? The authors seem busy and might be annoyed by your emails.
On the contrary, many academics love hearing that their ideas are being put into practice and are happy to answer questions over email. If you work on a product they're familiar with, they might even list the application on their website!
There's also a growing trend for academics to discuss papers in the open, using many of the same tools from software development. If a paper has an accompanying software package, you might find answers to common questions on Github. Stack Exchange communities like "Theoretical Computer Science" and "Cross Validated" also contain detailed discussions about popular papers. Some conferences have begun to publish all paper reviews online. These reviews contain back-and-forth discussions with the authors that can surface helpful insights about the approach.
To be continued.
This post focuses on the basics of choosing an academic paper and implementing it correctly, but doesn't cover all aspects of actually deploying the algorithm. For example, if the algorithm is just one component in a complex system, how do we ensure that changes to the component lead to end-to-end improvements? And what if integrating the algorithm requires substantial modifications or extensions that the original paper doesn't cover? These are important topics we hope to share more about in future posts.
Thu, 30 Sep 2021 01:00:00 GMT.
Thu, 30 Sep 2021 01:00:00 GMT.
Tue, 28 Sep 2021 15:00:00 GMT.
Tue, 28 Sep 2021 15:00:00 GMT.
Mon, 27 Sep 2021 17:00:00 GMT.
Mon, 27 Sep 2021 17:00:00 GMT.
Simply add the following to your Package.swift dependencies.
And add "iOSAgent" to the targets you wish to instrument:
The agent API.
The Elastic APM iOS Agent has a few project requirements:
It’s only compatible with Swift (sorry Objective-C engineers) It requires Swift v5.3 It requires the minimum of iOS v11.
The agent API is fairly slim. We provide a configuration object that allows the agent to be set up for an on-prem or cloud solution.
If you’re using SwiftUI to build your app, you can set up the agent as follows:
Read up more on configuration in the "Set up the Agent" doc.
The agent also captures any data recorded through the OpenTelementry-Swift APIs, including traces and metrics. Here’s an example on how to start a simple trace:
You can find more examples on how to use the OTel API at OpenTelementry-Swift examples.
If you decide to go this route, you may have to add OpenTelemetry-Swift as a dependency to your project as well.
Summary and future.
We would be thrilled to receive your feedback in our discussion forum or in our GitHub repository. Please keep in mind that the current release is a preview and we may introduce breaking changes. We are excited to be launching this mobile offering and already have many ideas for what comes next, but we want the community to help guide our direction. Check out our CONTRIBUTING.md and let the PRs fly!
Thu, 23 Sep 2021 18:00:00 GMT.
Thu, 23 Sep 2021 18:00:00 GMT.
S_bastien Arnaud — Exchanges & Data architect at the French Ministry of Agriculture.
Following initial training in the field of networks and IT security, he has worked on complex data exchange and transformation solutions. He likes to design and integrate innovative architectures for processing, storing and evaluating increasingly large volumes of data.
Thu, 23 Sep 2021 15:00:00 GMT.
Thu, 23 Sep 2021 15:00:00 GMT.
Generally available with Elastic 7.15, the Elastic App Search web crawler makes it easy to ingest website content.
Elastic Observability.
Automate root cause analysis for faster application troubleshooting.
DevOps teams and site reliability engineers are constantly challenged by the need to sift through overwhelming amounts of data to keep modern applications performant and error-free. More often than not, this is a manual and time-consuming effort. To effectively resolve complex problems, these users need the ability to collect, unify, and analyze an increasing volume of telemetry data and quickly distill meaningful insights. Automation and machine intelligence have become essential components of the troubleshooter’s toolkit.
With Elastic 7.15, we’re excited to announce the general availability of Elastic Observability’s APM correlations feature. This new capability will help DevOps teams and site reliability engineers to accelerate root cause analysis by automatically surfacing attributes of the APM data set that are correlated with high-latency or erroneous transactions.
Elastic APM correlations, now generally available, accelerate root cause analysis to free up DevOps and SRE teams.
Streamline monitoring of Google Cloud Platform services with frictionless log ingestion.
Elastic’s new Google Cloud Dataflow integration drives efficiency with the frictionless ingestion of log data directly from the Google Cloud Platform (GCP) console. This agentless approach provides an "easy button" for customers — eliminating the cost and hassle of administrative overhead and further extending Elastic’s ability to more easily monitor native GCP services.
Elastic Security.
With Elastic 7.15, Elastic Security augments extended detection and response by equipping Elastic Agent to end threats at the endpoint, with new layers of prevention for every OS and host isolation for cloud-native Linux environments.
Elastic Security 7.15 powers extended detection and response (XDR) with malicious behavior protection for every OS and host isolation for cloud-native Linux environments.
Stop advanced threats at the endpoint with malicious behavior protection for Linux, Windows, and macOS hosts.
Malicious behavior protection, new in version 7.15, arms Elastic Agent to stop advanced threats at the endpoint. It provides a new layer of protection for Linux, Windows, and macOS hosts, powered by analytics that prevent attack techniques leveraged by known threats. This capability buttresses existing malware and ransomware prevention with dynamic prevention of post-execution behavior. Prevention is achieved by pairing post-execution analytics with response actions tailored to disrupt the adversary early in the attack, such as killing a process to stop a payload from being downloaded.
Contain attacks with one-click host isolation from within Kibana.
In addition to malicious behavior protection, with the release of Elastic 7.15, Elastic Security enables analysts to quickly and easily quarantine Linux hosts via a remote action from Kibana. With (just) one click, analysts can respond to malicious activity by isolating a host from a network, containing the attack and preventing lateral movements. While host isolation was introduced for Windows and macOS in version 7.14, it is now available on every OS protected by Elastic Agent.
We’re implementing this capability on Linux systems via extended Berkeley Packet Filter (eBPF) technology, a reflection of our commitment to technologies that enable users to observe and protect modern cloud-native systems in the most frictionless way possible.
For more information on our continuing efforts in the realm of cloud security, check out our recent announcements on Elastic joining forces with build.security and Cmd.
To learn more about what’s new with Elastic Security in 7.15, visit the Elastic Security 7.15 blog.
Elastic Cloud.
Whether customers are looking to quickly find information, gain insights, or protect their technology investments (or all of the above), Elastic Cloud is the best way to experience the Elastic Search Platform. And we continue to improve that experience with new integrations that let customers ingest data into Elastic Cloud even more quickly and securely.
Ingest data faster with Google Cloud Dataflow.
With Elastic 7.15, we’re pleased to announce the first-ever native Google Cloud data source integration to Elastic Cloud — Google Cloud Dataflow. This integration enables users to ship Pub/Sub, Big Query, and Cloud Storage data directly into their Elastic Cloud deployments without having to set up an extra intermediary data shipper, utilizing Google Cloud’s native serverless ETL service. The integration simplifies data architectures and helps users ingest data into Elastic Cloud faster.
Ensure data privacy with the general availability of Google Cloud Private Service Connect.
We’re also excited to announce that support for Google Private Service Connect is now generally available. Google Private Service Connect provides private connectivity from Google Cloud virtual private clouds (VPCs) to Elastic Cloud deployments. The traffic between Google Cloud and Elastic Cloud deployments on Google Cloud travels only within the Google Cloud network, utilizing Private Service Connect endpoints and ensuring that customer data stays off the (public) internet.
Google Private Service Connect provides easy and private access to Elastic Cloud deployment endpoints while keeping all traffic within the Google network.
To learn more about what’s new with Elastic Cloud, visit the Elastic Platform 7.15 blog.
Read more in our latest release blogs.
Test our mettle.
Existing Elastic Cloud customers can access many of these features directly from the Elastic Cloud console. If you’re new to Elastic Cloud, take a look at our Quick Start guides (bite-sized training videos to get you started quickly) or our free fundamentals training courses. You can always get started for free with a free 14-day trial of Elastic Cloud. Or download the self-managed version of the Elastic Stack for free.
The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all.
Wed, 22 Sep 2021 16:04:00 GMT.
Wed, 22 Sep 2021 16:04:00 GMT.
Wed, 22 Sep 2021 16:03:00 GMT.
Wed, 22 Sep 2021 16:03:00 GMT.
inverted_index.term_frequencies of zero and low inverted_index.positions to match_only_text (added in 7.14) can save around 10% of disk.
With the index disk usage API you can see how much disk space is consumed by every field in your index. Knowing what fields take up disk, you can decide which indexing option or field type is best. For example, keyword or match_only_text may be better than text for certain fields where scoring and positional information is not important. Or, use runtime fields to create a keyword at query time for flexibility and saving space.
Finally, the vector tiles API provides a huge performance and scalability improvement when searching geo_points and geo_shapes drawn to a map (through use of vector tiles). Offloading these calculations to the local GPU significantly improves performance while also lowering costs by reducing network traffic both within the cluster and to the client.
Composite runtime fields.
Elastic 7.15 continues to evolve the implementation of runtime fields in Elasticsearch and Kibana.
In Elasticsearch, composite runtime fields enable users to streamline field creation using one Painless script to emit multiple fields, with added efficiencies for field management. Use patterns like grok or dissect to emit multiple fields using one script instead of creating and maintaining multiple scripts. Using existing grok patterns also makes it faster to create new runtime fields and reduces the time and complexity of creating and maintaining regex expressions. This development makes it easier and more intuitive for users to ingest new data like custom logs. See more on runtime fields in Kibana 7.15 below.
What’s new in Kibana 7.15.
Runtime fields editor preview pane.
Combined with the introduction of composite fields for Elasticsearch (above), a new preview pane in the runtime fields editor in Kibana 7.15 makes it even easier to create fields on the fly. The preview pane empowers users to test and preview new fields before creating them — for example, by evaluating a new script against documents to check accuracy in Index Patterns, Discover, or Lens. In addition, pinning specific fields in the preview pane simplifies script creation. This enhancement also includes better error handling for the editor, all to help streamline the field creation process and allow users to create runtime fields more quickly. More developments for runtime fields are on the horizon as we continue to make previously ingested data easier to parse from Kibana.
Other updates across the Elastic Stack and Elastic Cloud.
Elastic Cloud.
Leverage more cost-effective hardware options on GCP: Google Compute Engine’s (GCE) N2 VMs for Elastic Cloud deployments running on Google Cloud offer up to 20% better CPU performance compared to the previous generation N1 machine types. Learn more in the blog post.
Elasticsearch.
Build complex flows with API keys: Search and pagination for API keys allow you to build complex management flows for keys, based on your own metadata.
Kibana.
Sync across time and (dashboard) space with your cursor: A new hover feature in Kibana charts that highlights corresponding data across multiple charts makes it easier for users to home in on specific time periods to observe and explore trends. In addition to time series, this will also highlight the same non-time data on multiple dashboard panels. Customize charts with legend-ary updates: Legends inside charts (great for busy dashboards) and multi-line series names in legends make it easier for teams to follow the data story on a dashboard. Get a head start on Maps exploration: Metadata for points and shapes is now auto-generated in Elastic Maps when a user creates an index and explores with edit tools. The user and timestamp data is saved for further exploration and management. Also, a new layer action allows users to view only the specific layer they are interested in. Learn more in the Kibana docs.
Machine learning.
Monitor Binary Options machine learning jobs easily: Operational alerts for machine learning jobs simplify the process of managing machine learning jobs and models, and alerts in Kibana make it easier to track and follow up on errors. Adjust and reset models without the fuss: The reset jobs API makes working with models much easier across Kibana, from the Logs app to Elastic Security. Reuse and scale machine learning jobs: Jobs can now be imported and exported, allowing users to reuse jobs created in lab environments or in multiple-cluster environments. Sharing jobs across deployments makes jobs more consistent and easier to scale. Investigate transaction latency: Elastic APM correlations, powered by machine learning, streamline root cause analysis. The Elasticsearch significant terms aggregation was enhanced with a p_value scoring heuristic, and Kibana’s new transaction investigation page for APM aids analysts in a holistic exploration of transaction data. To learn more, read the Observability 7.15 blog. Learn more in the Kibana and Elasticsearch docs.
Integrations.
Run Elastic Package Registry (EPR) as a Docker image: now you can run your own EPR to provide information on external data sources to air-gapped environments. By using the EPR Docker image, you can integrate, collect and visualize data using Elastic Agents. For more information, please refer to this Elastic guide.
Try it out.
Existing Elastic Cloud customers can access many of these features directly from the Elastic Cloud console. If you’re new to Elastic Cloud, take a look at our Quick Start guides (bite-sized training videos to get you started quickly) or our free fundamentals training courses. You can always get started for free with a free 14-day trial of Elastic Cloud. Or download the self-managed version of the Elastic Stack for free.
Read about these capabilities and more in the 7.15 release notes (Elasticsearch, Kibana, Elastic Cloud, Elastic Cloud Enterprise, Elastic Cloud on Kubernetes), and other Elastic 7.15 highlights in the Elastic 7.15 announcement post.
The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all.
Wed, 22 Sep 2021 16:02:00 GMT.
Wed, 22 Sep 2021 16:02:00 GMT.
Get an integrated roll-up view of application logs across application services running on ephemeral infrastructure to quickly find errors and other causes of application issues.
Identify issues with third-party and backend service dependencies, and leverage detailed drilldowns for comparing historical performance and impact on upstream services.
We’ve also enhanced the existing transaction latency distribution chart and trace selection with more granular buckets and the flexibility to drag-select all application traces that fall within a desired range of latencies.
Agentless ingestion of logs from Google Cloud Platform (GCP) for frictionless observability.
Elastic’s new GCP Dataflow integration drives efficiency with frictionless ingestion of log data directly from the Google Cloud console. The agentless approach provides an "easy button" option for customers who want to avoid the cost and hassle of managing and maintaining agents, and further extends monitoring to native GCP services.
The Google and Elastic teams worked together to develop an out-of-the-box Dataflow template that a user can select to push logs and events from Pub/Sub to Elastic.
Additional data sources: JVM metrics support for JRuby, Azure Spring Cloud logs integration, and Osquery metrics in host details panel.
With the 7.15 release, we have also enhanced our application and cloud data collection for JRuby and Azure. Now you can get visibility into system and JVM metrics for JRuby applications and continuously monitor and quickly debug issues encountered in Spring boot applications running on Azure (beta).
Osquery provides a flexible and powerful way to collect any data from a target host it's installed on. The Osquery integration with the Elastic Agent, introduced in 7.13, opened up a spectrum of capabilities to support troubleshooting of security and observability use cases. Previously, Osquery could be used via Kibana to perform live and scheduled queries, with the query results stored in a dedicated data stream. With 7.15, Osquery is now directly integrated into the enhanced host details panel and delivers ad hoc querying capabilities on the target host.
Self-managed version of Elastic Package Registry (EPR) now available for air-gapped deployments.
If you host your Elastic Stack in an air-gapped environment and want to take advantage of the recently GA Elastic Agent and Fleet, we have good news for you. Elastic Package Registry (EPR) is now available as a Docker image that can be run and hosted in any infrastructure setting of your choice. In environments where network traffic restrictions are mandatory deploying your own instance of EPR enables Kibana to download package metadata and content in order to access all available integrations and deliver the relevant out-of-box components and documentation. Currently, the EPR Docker image is a beta standalone server that will continue to grow and evolve. For more information, check out the Elastic guide for running EPR in air-gapped environments.
Try it out.
Existing Elastic Cloud customers can access many of these features directly from the Elastic Cloud console, or, if you'd prefer, you can download the latest version.
If you’re new to Elastic Cloud, take a look at our Quick Start guides (bite-sized training videos to get you started quickly) or our free fundamentals training courses. You can always get started for free with a free 14-day trial of Elastic Cloud.
Read about these capabilities and more in the Elastic Observability 7.15 release notes, and other Elastic Stack highlights in the Elastic 7.15 announcement post.
The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all.
Wed, 22 Sep 2021 16:01:00 GMT.
Wed, 22 Sep 2021 16:01:00 GMT.
Reason field, which conveys why an alert has triggered. An updated Fields browser gives analysts greater control over the columns in the Alerts table, organizing fields by category and providing descriptions alongside field names to help practitioners leverage the full power of Elastic Common Schema (ECS).
With an updated Alerts flyout, analysts can view a summary of the alert and quickly understand why it was generated. Hover actions provide new ways to interact with the alert table or an investigation timeline. The flyout also provides several ways to take action on an alert, such as adding the alert to a new or existing case, changing the alert status, isolating an alerting host (for hosts running Agent with the endpoint security integration), and initiating an investigation.
Inspect hosts with osquery on Elastic Agent.
Osquery Manager delivers several exciting enhancements in the 7.15 release:
Standardize scheduled query results with ECS.
When defining scheduled queries, you can now map query results to ECS fields to standardize your osquery data for use across detections, machine learning, and any other areas that rely on ECS-compliant data. This capability greatly increases the value of the queries you run by making those results more readily usable across the Elastic Stack.
Access controls for osquery.
7.15 gives security teams more control over who can access osquery and view results. Previously, only superusers could use osquery, but access to this feature can now be granted as needed, empowering administrators to delegate who can run, save, or schedule queries:
With a free and open Basic license, organizations can grant All , Read , or No access to superusers and non-superusers alike — improving administrative control and enabling non-superusers access to osquery. With a Gold license, organizations can achieve finer-grained control. For example, they can constrain who's allowed to edit scheduled queries, or allow certain users to run saved queries but prevent ad-hoc queries.
Scheduled query status at a glance.
Scheduled query groups now show the status of individual queries within a group, allowing analysts to understand at a glance whether there are any results to review or issues to address. Surfacing this information can also help analysts tune queries and resolve any errors.
Try it out.
Existing Elastic Cloud customers can access many of these features directly from the Elastic Cloud console. If you’re new to Elastic Cloud, take a look at our Quick Start guides (bite-sized training videos to get you started quickly) or our free fundamentals training courses. You can always get started with a free 14-day trial of Elastic Security. Or download the self-managed version of the Elastic Stack for free.
Read about these capabilities and more in the Elastic Security 7.15 release notes, and other Elastic Stack highlights in the Elastic 7.15 announcement post.
The release and timing of any features or functionality described in this post remain at Elastic's sole discretion. Any features or functionality not currently available may not be delivered on time or at all.
Просмотров: 15 | 
Комментариев: (0)
Уважаемый посетитель, Вы зашли на сайт kopirki.net как незарегистрированный пользователь.
Мы рекомендуем Вам зарегистрироваться либо войти на сайт под своим именем.
Мы рекомендуем Вам зарегистрироваться либо войти на сайт под своим именем.