Skip to main content
Version: 6.0

What's New?

Version 6.0

📅 Search Anywhere Framework version 6.0.0 released on April 30, 2026.

🔥What's New in Search Anywhere Framework

Service Monitor Toolkit

The Service Monitor Toolkit module has appeared in the Search Anywhere Framework platform. It provides observability at infrastructure, service, and application levels. It unites metrics, logs, and traces in a unified health model, correlates events from heterogeneous sources, and helps find root causes of failures

⚡️Changes
  • Added Investigations section - deep analysis and correlation of metrics on a single timeline
  • Root Cause Analysis is now available - automatic search for root causes of service degradation by dependency graph
  • Added ability to create Analytics Hub - a single window for operational monitoring of service health
  • Native integration with Inventory module - automatic construction of health models from existing assets and their relationships
  • Metrics now have the ability for dynamic calculationof criticality ranges using mathematical algorithms and ML
  • Metrics now have time windows configuration, allowing precise criticality tuning depending on time and days of the week
  • Maintenance mode is now available for metrics, you can add exceptions in the form of time periods when the metric state is not calculated and does not affect service health

SAF AI Service

Added SAF AI Service for integrating large language models into Search Anywhere Framework via a unified API and ai command.

⚡️Changes
  • Implemented summary and per_row modes for summarization, analysis, classification, and intelligent data enrichment in SAFL-pipelines
  • Added model registry with centralized management of available models and execution parameters
  • Implemented structured output with support for deterministic results for analytics, investigations, and automation
  • Added limits and auto-truncation mechanisms for controlling data volume, overload protection, and predictable execution of large queries
  • Implemented integration with Langfuse for monitoring, tracing requests, quality control, and model usage analysis

AI Security

Added AI Security module to protect artificial intelligence systems, corporate search, and agent scenarios from new types of threats

⚡️Changes
  • Implemented detection of malicious instructions, hidden commands, dangerous documents, and secret data leaks
  • Added tool abuse control for detecting dangerous action chains, privilege escalation, and unauthorized operations
  • Implemented data leak analysis through agents, including email, messengers, command line, browser, and cloud services
  • Added change verification mechanism for identifying new vulnerabilities after updating instructions, policies, and available tools
  • Implemented security policy layer for applying access restrictions, preventing leaks, and generating protection recommendations

Core

⚡️Changes
  • OpenSearch updated to version 3.5.0

Core: Engine

⚡️Changes
  • Added semanticsearch command for semantic search through documents. Supports meaning-based search using vectorization models and helps find relevant data even without exact keyword matches
  • Added ai command for integrating large language models into SAFL-pipelines. Allows performing summarization, per-row data analysis, result enrichment, and intelligent string processing directly in queries with support for structured output, limits, and controlled execution.

ACM

⚡️Changes
  • Completely redesigned health models display:
    • Clear display of available services and their status
    • Ability to set service as "parent" for analyzing its relationships
    • Extended model navigation with ability to adjust display levels, hide and expand relationships, view parents of current service
    • New Service Card page with display of all associated services and metrics, additional attributes, and state change history
  • Metrics are now global and can be bound to different health models

Incident Manager

⚡️Changes
  • Added ability to configure various Incident Types, in which you can specify:
    • What set of fields will be in the card of a specific type
    • Which roles will have access to incidents of a specific type
    • How the card will be displayed. You can add multiple card views in one incident type. For different roles, visibility and editing capability for individual fields can be configured
  • Added ability to attach files to incident history, as well as save and render them in comments
  • Added ability to configure connection to S3 storage for file storage

User Behavior Analytics

⚡️Changes
  • Now in the task scheduler active action Risk Score Assignment you can configure detailing, with transition to search or link from the list of risk score assignments in the object profile

Servers

⚡️Changes
  • The Servers module has been completely redesigned for centralized monitoring of Linux and Windows server infrastructure
  • Simplified data collection: ready configurations are supplied for quick connection and monitoring startup
  • Added 5 new dashboards for infrastructure, servers, and process control
  • Implemented server inventory for unified infrastructure accounting
  • Added 6 ready-made infrastructure incident scenarios:
    • High CPU load
    • High RAM consumption
    • High Load Average
    • Critical filesystem filling
    • Detection of zombie processes
    • Absence of current metrics from server