When we first adopted Elasticsearch as NetVizura’s primary datastore, we were working with version 6.8. Even back then, Elasticsearch proved to be a powerful and efficient solution for storing diverse data in a single index.
The move to version 7 marked a major step forward. It brought significant performance improvements and introduced syslog support, making our platform even more versatile. Around that time, we also added Raw Data into Elasticsearch — a feature that quickly became a favourite among our users for its depth and flexibility.
These enhancements are just a few highlights from the many that came with the 7.x series, culminating in version 7.17
Over the past year, we’ve been hard at work on the next major release: NetVizura 6.0. This version will bring a range of exciting new features and improvements (stay tuned to our blog — we’ll be sharing more details).
One of the most significant changes under the hood is our transition to Elasticsearch 8. This upgrade has unlocked a wave of augmentations across performance, scalability, and security. In this post, we’ll walk you through the most impactful changes it made and what they mean for you.
1) Storage Savings
With Elasticsearch 8.0, significant improvements were made to storage efficiency — particularly in how data types like "keyword" and "text" are handled. In our case, this translates to over 14% reduction in storage usage for the message field, which is especially noticeable in the Syslog module. These optimizations help reduce disk usage and improve overall system performance.
2) Security by Default
Starting with Elasticsearch 8.0, security features are enabled by default — and NetVizura 6.0 is fully aligned with this shift. NetVizura 6.0 supports remote Elasticsearch deployments across all modules, including the Raw Data submodule.
This gives you the flexibility to implement Elasticsearch either in the cloud or on-premises, in line with your organization’s security policies and best practices.
3) Improved Memory Management
Building on all the previous enhancements, Elasticsearch 8.16 introduced several vital fixes related to memory management during aggregations. These improvements lead to lower RAM usage when retrieving and processing data, which in turn enhances system stability and performance, especially under heavy workloads.
4) Zstandard (Zstd) Compression
One of the most impactful additions in Elasticsearch 8.x — introduced in version 8.16 — is the support for Zstandard (Zstd) compression for indices. Zstd has become a modern compression standard, widely adopted across virtualization platforms and beyond.
In our own testing, Zstd delivered up to 30% reduction in index sizes compared to traditional compression methods, with minimal CPU overhead — typically just 1–3%.
Zstd compression is now enabled by default across all NetVizura modules, including the Raw Data submodule, helping you save on storage without sacrificing performance.
5) Built on Lucene 9.12
Elasticsearch is now built on Lucene 9.12, bringing a range of performance enhancements and, more importantly, critical security fixes. These improvements are especially noticeable when working with large indices under memory pressure, resulting in more efficient data access and improved system resilience.
By upgrading to the latest Lucene core, NetVizura benefits from the latest advancements in indexing, searching, and overall stability.
We’ve carefully selected the Elasticsearch 8 improvements most relevant to NetVizura’s use cases — and even with just these highlights, it’s clear that Elasticsearch 8 delivers substantial value.
The migration process is smooth and straightforward, and NetVizura has already been fully adapted to all relevant API changes, ensuring a seamless transition for our users.
Once NetVizura 6.0 is released, we encourage you to try it out and experience the improvements firsthand. We’d love to hear your feedback — let us know if you notice the difference!
