Stack security

Protect your data in the Elastic Stack

Elastic Stack security features give the right access to the right people, with most features at no additional cost. IT, operations, and application teams rely on them to manage well-intentioned users and keep malicious actors at bay, while executives and customers can rest easy knowing data stored in the Elastic Stack is safe and secure.

Getting started with Elasticsearch: Store, search, and analyze with the free and open Elastic Stack.
Watch video
Intro to ELK: Get started with logs, metrics, data ingestion and custom vizualizations in Kibana.
Watch video
Getting started with Elastic Cloud: Launch your first deployment.
Learn more


Sign on, securely

It's the first step to protect data flowing through Elasticsearch, Kibana, Beats, and Logstash from unauthorized users and unintentional modification.

With the Elastic Stack, you can integrate with a number of industry standard identity management systems. Authenticate with Active Directory, LDAP, or the Elasticsearch native realm. Use single sign-on (SSO) options like certificates, Kerberos, and SAML — or build a custom realm that supports your home-grown identity management system.


Manage users and roles

Take control of who can do what within the Elastic Stack. Grant the IT/Ops team the ability to monitor Elasticsearch cluster health without being able to see or modify the data. Or give the marketing team read-only access to marketing-specific data, but deny access to other indices.

User privileges extend to Kibana, too. Group dashboards, visualizations, and saved searches into spaces by team, function, or any way you choose. Control which users and roles can access each space, including the specific Kibana features and apps within it.


Prevent snooping, tampering, and sniffing

Protect data — credit card numbers, email addresses, accounts — as it travels within the cluster and clients.

With SSL/TLS encryption, you can secure node-to-node, HTTP, and transport client traffic across your Elastic Stack. IP filtering also prevents unapproved hosts from joining or communicating with your cluster.

Layered Security

Secure all the way down to the field level

We dug deep to engineer and implement rock-solid security you can trust. Safeguard your Elastic Stack data at the level you like — from top to bottom.

  • Cluster: Who can check cluster health?
  • Index: Who can add or delete documents in an index?
  • Document: Who can access sensitive documents?
  • Field: Restrict access to individual fields.

Audit Logging

Have a record of who did what and when

Perhaps the quiet hero of the security world, our audit log features let you easily maintain a complete record of all system and user activity. You can filter the activity to only log what you need or log all activity that takes place in the Elastic Stack. You can, of course, log the audit data back into Elasticsearch for easy searching and analyzing later.


Meeting security standards

Whether it's compliance from our end (FIPS 140-2 and Section 508) or standards on your side (HIPAA, PCI DSS, FISMA, ISO, or GDPR), the security features of the Elastic Stack help you become and stay compliant.