Elasticsearch Introduces Shield to Bring Integrated Security and Administrative Capabilities to its Real-Time Search and Analytics Software Stack

With nearly 20 million downloads of Elasticsearch, Logstash and Kibana, Shield makes it easier for businesses of all sizes to expand the software stack across entire organizations
27 January 2015

Contact information

Amy White

Elastic Communications

Los Altos, Calif. and Amsterdam, The Netherlands - 27 January 2015 -

Elasticsearch Inc., the company behind the massively popular real-time search and analytics ELK stack, today announced the availability of Shield, its new security and administrative offering. Responding to demands from increased adoption of the ELK stack and the need to extract insights out of mission-critical data in real-time, the introduction of Shield reaffirms Elasticsearch as an integral part of a business' IT infrastructure – from consumer startups to global Fortune 500 powerhouses.

Businesses of all sizes are dealing with an increasing amount of data they want to mine for insights – from operational performance to website metrics, product usage to marketing campaign performance. Elasticsearch continues to be adopted due to its ability to scale across massive amounts of data and provide real-time search and analysis, whether it's structured, machine-generated data like logs, events and metrics, or unstructured, human-generated data like Tweets, blogs, comments and other free text.

Shield, a commercial plug-in to Elasticsearch's open source ELK stack, will help existing customers expand their use of the software, as well as support new adoption, with integrated security and administrative functionalities that include:

  • Role-Based Access Control: With the ability to set granular access and usage permissions to their ELK deployments, businesses can feel comfortable expanding the amount of data they put in to Elasticsearch. For example, they can now allow the marketing department to freely search and analyze website data with read-only permissions, while preventing access to sensitive financial data.
  • LDAP-based Authentication System Support: With the ability to integrate with authentication systems like Active Directory, Shield helps ease administrative complexity by allowing organizations to manage access to the ELK stack through directory services they already have in place.
  • Audit Logging: With a complete record of all user activity, audit logging allows businesses that use Elasticsearch to more easily meet security and compliance regulations. It also improves security by recording login failures and attempts to access unauthorized information.
  • Encrypted Communications and IP Filtering: With node-to-node certificate-based SSL/TLS encryption, secure client communications with HTTPS, and the ability to configure Elasticsearch to only accept connections from approved IP addresses, Shield makes it simple for businesses to protect data from unauthorized access, eliminating the need for them to set up proxies, firewalls and other external security systems.

"We couldn't be more thrilled to make Shield available today to allow the ELK stack to be more easily be deployed across a business," said Steven Schuurman, CEO, Elasticsearch. "The initial release of Shield meets the most immediate security and administrative demands of our customers, and lays the groundwork to easily extend the functionality over time. This is another evolution in our mission to make it dead simple for businesses to put any and all of their data in Elasticsearch and extract meaningful insights."

Today's release of Shield follows a successful beta with a variety of Elasticsearch users and customers, including the Met Office, the United Kingdom's national weather service. The Met Office is working on centralizing the many logs from its infrastructure for real-time management and monitoring, and they began to implement the ELK stack due to the flexibility and scalability of the platform. Logstash is used to collect and parse logs from the servers and mainframes used to enable and support weather prediction, as well as firewalls and internal applications. The data is then indexed and stored in Elasticsearch, and visualized in Kibana to easily extract real-time insights about application and system performance. Like many organizations, some of the data being captured in logs is sensitive in nature, so SSL/TLS encryption for data being sent on the network is crucial to comply with data protection regulations, while role-based access control is key to ensure that Kibana users can see only the subset of the data that is relevant and appropriate for their work.

"Our internal infrastructure is complex and distributed, so we've been exploring how to centralize all of our logs to let us more easily monitor our internal systems to identify and resolve issues faster," said Annette Sercombe, Technical Lead at the Met Office. "While we are still in development, so far Shield has satisfied a number of our demanding internal and external compliance requirements and has been simple to implement. We're very excited at the potential to make our log centralization project a reality with the ELK stack."

"We're excited to make Shield available today as we've seen a number of businesses already experiencing benefits from its beta, and we incorporated their feedback into today's initial release," said Shay Banon, Elasticsearch Founder and CTO. "We very much care about feedback from our customers, users, and community, and use it to improve our offerings to best meet their needs. Shield is an example of this process in action, and we hope it allows businesses to continue to get what they need out of our software to help them leverage data to do things that before weren't possible."

Shield is available immediately as part of Elasticsearch's Development, Gold, and Platinum subscriptions, which also include Marvel, an Elasticsearch monitoring product, and support for the full ELK stack.

About Elasticsearch, Inc.

Elasticsearch is on a mission to make massive amounts of data usable for businesses by delivering the world’s most advanced search and analytics engine. With a laser focus on achieving the best user experience imaginable, the Elasticsearch ELK stack – comprised of Elasticsearch, Logstash, and Kibana – has become a rapidly growing open source solution in the market. Used by thousands of enterprises in virtually every industry today, Elasticsearch Inc. provides production support, development support, and training for the full ELK stack.

Elasticsearch, Inc. was founded in 2012 by the people behind the Elasticsearch and Apache Lucene open source projects. Since its initial release, the ELK stack has more than 10 million cumulative downloads. The company is backed by Benchmark Capital, Index Ventures, and NEA with headquarters in Amsterdam and Los Altos, California, and offices around the world.

To learn more, visit