Supported platforms:

  • Linux: x86_64 only
  • MacOS X: 10.13 - 10.1x (64-bit only)
  • Windows: Not supported

Minimum hardware:

  • ~4GB of free RAM or 6GB if Elasticsearch is running on the same machine.
  • 2GB for App Server.
  • 2GB for Worker.
  • 50Mb for Filebeat and other processes.
  • 5GB of disk space available.


If you do not have access to a Platinum license, a trial license is automatically applied for you upon the first succesful boot. Trial licenses are valid for 30 days.

Running Enterprise Search

First, you’ll need to get Elasticsearch up and running with security features:

Step 1. Download Elasticsearch 7.7.x and navigate to the newly unpacked directory.

Step 2. Locate the config/elasticsearch.yml configuration file and edit the following setting to enable Elasticsearch’s Security features: true

Step 3. Start Elasticsearch:

$ bin/elasticsearch

Step 4. Open a new terminal window, and navigate to the Elasticsearch directory. From here, we must generate a random password for the elastic user, which will be used by Enterprise Search to securely communicate with the underlying Elasticsearch cluster:

$ bin/elasticsearch-setup-passwords auto

Locate the password for the elastic user as output in the console and keep it handy: we will need it in a few moments.

You may also manually generate passwords using the elasticsearch-setup-passwords command.

We must now configure Enterprise Search:

Step 5. Download Enterprise Search 7.7.x and navigate to the newly unpacked directory.

Step 6. Locate the config/enterprise-search.yml file and edit the following settings using the recently generated password:

ent_search.auth.source: standard
elasticsearch.username: elastic
elasticsearch.password: [ELASTIC_USER_PASSWORD]

Step 7. Add the following configuration to the config/enterprise-search.yml file. It allows Enterprise Search to create to appropriate indices for the target Elasticsearch cluster:

allow_es_settings_modification: true

allow_es_settings_modification: true can be used safely if the cluster is used for Enterprise Search only. An alternative option is to set auto_create_index at the cluster level. See Elasticsearch Cluster Settings for more information.

Step 8. You must also set at least one encryption key in the same config/enterprise-search.yml configuration file (256-bit key recommended), as an array:

secret_management.encryption_keys: [{encryption_key1}, {encryption_key2}, {...}]

For more information on encryption keys for Enterprise Search, refer to the Configuring Encryption Keys guide.

Step 9. Run the boot command and provide a default user password to start Enterprise Search. For those using Workplace Search, the default password will also be used to log in to the Workplace Search administrative experience:

$ ENT_SEARCH_DEFAULT_PASSWORD=passwordexample bin/enterprise-search

Should you choose not to provide a default password, a random passphrase will be generated for you on the first boot sequence, and will be output in the console

Step 10. Head to http://localhost:3002. You will be presented with a one-time deployment status report. If the Elasticsearch cluster is not already running with a Platinum license applied, a trial license is automatically applied for you and will be valid for 30 days.

With the enterprise_search user in hand and the password provided at boot time, proceed to the next step to log in.

From the Elastic Enterprise Search home screen, select the product for your use case. Need help choosing the best product for your needs?

Learn more:

Then continue with the Getting Started documentation for your selected product:

Elasticsearch Cluster Settings

Enterprise Search makes alterations to the auto_create_index persistent and transient settings within Elasticsearch when using allow_es_settings_modification: true. Avoid making changes to those settings as it may result in unintended consequences.

An alternative approach involves setting the auto_create_index configuration in elasticsearch.yml for the target Elasticsearch cluster:

action.auto_create_index: ".ent-search-*-logs-*,-.ent-search-*,-test-.ent-search-*,+*"

Using this alternative approach allows you to maintain all Elasticsearch-specific settings at the cluster level.

Password Reset Tips

Run the binary with an attached --reset-auth command:

  • Standard Auth: Resets login and generates new random password.
  • elasticsearch-native and elasticsearch-saml: Removes the current role mappings. All users are granted the owner role.