Elasticsearch 7.16 introduced a new range enrich policy that enhances contextual data analysis by allowing matches of numbers, dates, or IP addresses in incoming documents to corresponding ranges in the enrich index. This feature is particularly useful in security applications, where matching IP ranges can refine detection rules, and it can also be applied to other contexts, such as managing on-call schedules for engineers. By logging incidents and associating them with scheduled engineers, organizations can better analyze and understand staffing patterns and incident responses. This capability is demonstrated through a fictional example involving engineers Bob, Alice, Dan, Matt, and Lizzie, with their various work schedules logged into Elasticsearch, enabling enriched analysis of who was on call and who handled incidents. The policy facilitates not only individual document enrichment but also broader searches and aggregations, offering insights into staffing and incident management.