Last checked and updated on 10 Jun 2026
What Is New in Elasticsearch 8.18
Elasticsearch 8.18 delivers key enhancements across search, security, and observability, making it a solid incremental update for production systems.
| Category | Key Updates |
|---|---|
| New Features | Semantic Text support, New ESQL commands, Cross-cluster query rules |
| Enhancements | Vector search performance, ESQL syntax, Service account management |
| Bug Fixes | Resolved issues in search, security, and indexing operations |
| Deprecations | Deprecated the _knn_search endpoint |
What search capabilities were added in 8.18?
The headline search feature is the general availability of Semantic Text, which allows you to perform semantic searches using third-party inference services. This moves beyond the tech preview phase, making it production-ready for integrating custom ML models.
ESQL gets more powerful with new STATS and WHERE commands. You can now use STATS ... BY for more flexible aggregations and WHERE for filtering directly in your ESQL queries. This simplifies writing complex data exploration queries.
For managing complex deployments, cross-cluster query rules are now generally available. This lets you define and execute consistent query rules across multiple clusters, which is crucial for large-scale, distributed search applications.
How is vector search performance improved?
Vector search sees significant optimizations in this release. The underlying HNSW graph algorithm has been fine-tuned for better performance and accuracy when performing approximate nearest neighbor (ANN) searches on dense vector fields.
In practice, this means your kNN and semantic searches will return results faster and with higher relevance. The improvements are most noticeable on large datasets where low-latency vector matching is critical for user experience.
What security updates should I know about?
Service accounts now have a dedicated management API. You can use the new _service_account endpoint to list, get, and delete service accounts programmatically, streamlining automation and infrastructure-as-code workflows.
The update also includes various fixes for the built-in Elasticsearch security features, ensuring more robust authentication and authorization processes. These are foundational updates that improve the overall security stability of the cluster.
Are there any breaking changes or deprecations?
Yes, the _knn_search endpoint has been deprecated. You should transition to using the knn option within the standard _search API. This consolidation simplifies the API surface and aligns kNN search with other search methods.
This change matters because it future-proofs your code. While the old endpoint still works for now, updating your applications to use the new method will prevent breaking changes in a future major release.
FAQ
Is Semantic Text production-ready in 8.18?
Yes, Semantic Text is now generally available (GA). It moved out of technical preview, meaning it's fully supported for production use with third-party inference services.
What should I use instead of the deprecated _knn_search endpoint?
You should use the `knn` option inside the standard `_search` API. The functionality is the same, but it's now integrated into the main search endpoint.
Can I manage service accounts via API now?
Yes, a new `_service_account` API endpoint was added for programmatic management. You can list, retrieve, and delete service accounts directly through the API.
What are the new ESQL commands for aggregation?
ESQL introduced new `STATS ... BY` and `WHERE` commands. These provide more power and flexibility for performing aggregations and filters directly within your ESQL queries.
Are cross-cluster query rules stable now?
Yes, cross-cluster query rules reached general availability in this release. You can reliably use them to enforce consistent querying logic across multiple clusters in a deployment.