License Managementedit

When you install the default distribution of Kibana, you receive free features with no expiration date. For the full list of features, refer to https://www.elastic.co/subscriptions.

If you want to try out the full set of features, you can activate a free 30-day trial. To view the status of your license, start a trial, or install a new license, open the menu, then go to Stack Management > Stack > License Management.

You can start a trial only if your cluster has not already activated a trial license for the current major product version. For example, if you have already activated a trial for 6.0, you cannot start a new trial until 7.0. You can, however, request an extended trial at https://www.elastic.co/trialextension.

When you activate a new license level, new features appear in Stack Management.

management license

At the end of the trial period, some features operate in a degraded mode. You can revert to Basic, extend the trial, or purchase a subscription.

If security features are enabled, unless you have a trial license, you must configure Transport Layer Security (TLS) in Elasticsearch. See Encrypting communications. Kibana and the start basic API provide a list of all of the features that will no longer be supported if you revert to a basic license.

Required permissionsedit

The manage cluster privilege is required to access License Management.

You can add this privilege in Stack Management > Security > Roles.

Update your licenseedit

You can update your license at runtime without shutting down your Elasticsearch nodes. License updates take effect immediately. The license is provided as a JSON file that you install in Kibana or by using the update license API.

If you are using a basic or trial license, security features are disabled by default. In all other licenses, security features are enabled by default; you must secure the Elastic Stack or disable the security features.

License expirationedit

Your license is time based and expires at a future date. If you’re using monitoring features and your license will expire within 30 days, a license expiration warning is displayed prominently. Warnings are also displayed on startup and written to the Elasticsearch log starting 30 days from the expiration date. These error messages tell you when the license expires and what features will be disabled if you do not update the license.

You should update your license as soon as possible. You are essentially flying blind when running with an expired license. Access to the cluster health and stats APIs is critical for monitoring and managing an Elasticsearch cluster.

Beatsedit

  • Beats will continue to poll centrally-managed configuration.

Elasticsearchedit

  • The deprecation API is disabled.
  • SQL support is disabled.
  • Aggregations provided by the analytics plugin are no longer usable.

Elastic Stack alerting featuresedit

  • The PUT and GET watch APIs are disabled. The DELETE watch API continues to work.
  • Watches execute and write to the history.
  • The actions of the watches do not execute.

Elastic Stack graph analytics featuresedit

  • Graph explore APIs are disabled.

Elastic Stack machine learning featuresedit

  • APIs to create anomaly detection jobs, open jobs, send data to jobs, create datafeeds, and start datafeeds are disabled.
  • All started datafeeds are stopped.
  • All open anomaly detection jobs are closed.
  • APIs to create and start data frame analytics jobs are disabled.
  • Existing anomaly detection job and data frame analytics job results continue to be available by using Kibana or APIs.

Elastic Stack monitoring featuresedit

  • The agent stops collecting cluster and indices metrics.
  • The agent stops automatically cleaning indices older than xpack.monitoring.history.duration.

Elastic Stack security featuresedit

  • Cluster health, cluster stats, and indices stats operations are blocked.
  • All data operations (read and write) continue to work.

Once the license expires, calls to the cluster health, cluster stats, and index stats APIs fail with a security_exception and return a 403 HTTP status code.

{
  "error": {
    "root_cause": [
      {
        "type": "security_exception",
        "reason": "current license is non-compliant for [security]",
        "license.expired.feature": "security"
      }
    ],
    "type": "security_exception",
    "reason": "current license is non-compliant for [security]",
    "license.expired.feature": "security"
  },
  "status": 403
}

This message enables automatic monitoring systems to easily detect the license failure without immediately impacting other users.

Logstash pipeline managementedit

  • Cannot create new pipelines or edit or delete existing pipelines from the UI.
  • Cannot list or view existing pipelines from the UI.
  • Cannot run Logstash instances which are registered to listen to existing pipelines.

Kibanaedit

  • Users can still log into Kibana.
  • Kibana works for data exploration and visualization, but some features are disabled.
  • The license management UI is available to easily upgrade your license. See Update your license and License Management.

Kibana reporting featuresedit

  • Reporting is no longer available in Kibana.
  • Report generation URLs stop working.
  • Existing reports are no longer accessible.

Rollupsedit

  • Rollup jobs cannot be created or started.
  • Existing rollup jobs can be stopped and deleted.
  • The get rollup caps and rollup search APIs continue to function.

Transformsedit

  • Transforms cannot be created, previewed, started, or updated.
  • Existing transforms can be stopped and deleted.
  • Existing transform results continue to be available.