Elastic self-managed subscriptions
The Elastic Stack — Elasticsearch, Kibana, and Integrations — powers a variety of use cases. And we have flexible plans to help you get the most out of your on-prem subscriptions.
Our resource-based pricing philosophy is simple: You only pay for the data you use, at any scale, for every use case.
Contact sales for more pricing information about self-managed licensing.
Free and open -
Basic 1, 2
Platinum
Enterprise
Gold
(Discontinued)9
for self-managed users
Elastic Stack Operations & Management
Storage types
Inverted index (for search)
Evaluating calculated fields at index time
Runtime fields
Lookup runtime field
Document store (for unstructured)
Columnar store (for analytics)
BKD trees (for numeric, dates, & geo)
Flattened field type
Histogram field type
Match only text field type
Shape field type
Vector field type
Version field type
Wildcard field type
Synthetic _source
15
15
15
Data management
Searchable snapshots
Snapshot/restore APIs
Snapshot as simple archives
Snapshot lifecycle management
Snapshot-based peer recoveries
Data rollups
Data streams
Data tiers
Data transforms
Index lifecycle management
Data stream lifecycle
Downsampling lifecycle
Stack management
Data import tutorials
Ingest Node Pipeline Builder UI
Grok Debugger
Upgrade Assistant
License management
Centralized Logstash pipeline management
Scalability & resiliency
Clustering & high availability
Cluster rebalancing
Advanced cluster rebalancing13
Cross-cluster search (legacy certificate based security model / _search only)
Cross-cluster search (advanced API-key based security model / including ES|QL)
Cross-cluster replication
Elastic Stack security
Secure settings
Encrypted communications
Role-based access control
Anonymous access control (public sharing)
File and native authentication
Kibana Spaces
Kibana feature controls
Kibana sub-feature privileges8
Prelogin access agreement
API keys management
Elasticsearch audit logging
Kibana audit logging
IP filtering
LDAP, PKI3, Active Directory authentication
Elasticsearch Token Service
Single sign-on (SAML, OpenID Connect, Kerberos, JWT)
Attribute-based access control
Field- and document-level security
Custom authentication & authorization realms
Encryption at rest support
FIPS 140-2 mode
Advanced security for remote clusters
Stack monitoring
Full stack monitoring
Multi-stack monitoring
Configurable retention policy
Kibana alerting and actions5
Alerting
Noise reduction capabilities (e.g: Scheduled Snooze, Muting, Deduping, etc.)
Maintenance Windows
Tracking containment rule type (geofencing)
Anomaly detection rule types by Machine Learning
Operational rule type for transforms
Search threshold rule types for Discover
Case Management
Case user assignment
Elastic Connectors (e.g., Server Log and Index)
Connectors (Actions) (e.g. email, webhook, Jira, MS Teams, OpsGenie, PagerDuty, Slack, IBM Resilient, ServiceNow®, Tines, Torq)
Watcher
Clients
REST APIs
Language clients
Query DSL
Console
ES-Hadoop
JDBC Client
ODBC Client
Tableau Connector
Localized UI
English
Chinese (Simplified)
French
Japanese
Search & Analysis
Full-text search
Relevance scoring
Highlighting
Type ahead
Corrections
Suggestions
Percolations
Async search
Results pinning
Dynamically updateable synonyms
Query profiler
Similarity functions for vector fields
Vector search
Reciprocal Rank Fusion (RRF) for hybrid search
Doc-value-only fields
Synonym management
Query Rules
Learning to Rank
Retrievers
Rank Vectors (for MaxSim)
Analytics
Aggregations
Boxplot aggregation
Cumulative cardinality aggregation
Geoline aggregation
Geoshape aggregations
Geohexgrid aggregations
Geogrid query
Moving percentiles aggregation
Multi terms aggregation
Normalize aggregation
Range aggregation over histogram fields
Random sampler aggregation
Rate aggregation
Significant terms aggregation p-value score
String stats aggregation
Text categorization aggregation
Top metrics aggregation
T-test aggregation
Graph exploration
Vector tiles API
Query languages
Elasticsearch SQL APIs & CLI
Event Query Language (EQL)
ES|QL (Elasticsearch Query Language)
Cross-cluster ES|QL - Tech Preview
Machine Learning
Data exploration for machine learning
Data Visualizer
File upload wizard
Data drift
Dashboard embeddables
Anomaly detection
Single metric and multi-metric
Population/entity analysis
Log message categorization
Rare analysis
Root cause indication
Forecasting on time series
DST support
Data frame analysis
Outlier detection
Regression
Classification
Feature importance
Inference and model management
Language identification
Third party model management, for ML nodes
Kibana Space access to models
Elastic Learned Sparse Encoder (ELSER) - packaged for ML nodes
e5 - packaged for ML nodes
Elastic Rerank
Inference API - Elastic managed (ELSER, e5, Elastic Rerank)
Inference API - support for third party and self managed embeddings, reranking and LLM providers
AIOps
Explain log rate spikes
Log Pattern Analysis
Change Point Detection
Elasticsearch
Search server
Search management UI
Search stack monitoring
Dashboards for web and search analytics
Dev Console
Elastic AI Assistant
Content Management
Content management UI
Ingestion pipeline management
Inference processor management
Extraction Service (Beta)
Machine Learning / AI
Third party model management, for ML nodes
Elastic Learned Sparse Encoder (ELSER) - packaged for ML nodes
e5 - packaged for ML nodes
Elastic Rerank
Inference API - Elastic managed (ELSER, e5 and Elastic Rerank)
Inference API - support for third party and self managed embeddings, reranking and LLM providers
Playground
Query and relevance
Search Applications
Elasticsearch query DSL
ES|QL (Elasticsearch Query Language)
Language-specific relevance
Vector search
Similarity functions for vector fields
Reciprocal Rank Fusion (RRF) for hybrid search
Synonym management
Query rules
Learning to Rank (LTR)
Search Applications (beta)
Clients
Language clients (open source)
Search UI (open source)
AI ecosystem client integrations (open source)
Web and search analytics client (Beta)
Security
Encrypted communications
Role-based access control
LDAP, PKI3, Active Directory authentication
Single sign-on (SAML, OpenID Connect, Kerberos, JWT)
Encryption at rest support
Data Ingest & Transformation
Ingest products & features
Filebeat, Metricbeat, Winlogbeat, Packetbeat12, Heartbeat, Auditbeat
Functionbeat
Real browser-based synthetic monitoring agent
Logstash
ES-Hadoop
File import wizard
Auto Import (Tech Preview)
Fleet
Fleet Server
Fleet app
Fleet integrations
Elastic Agent
Selective agent binary updates
Scheduled agent binary upgrades
Selective agent policy reassignment
Selective agent unenrollment
Per Policy output assignment
Per Integration output assignment
Reusable Integration policies
Data sources - For a full list of integrations available, check out our Integrations page.
Abuse.ch
Audit system data
Cisco Firepower
Check Point Firewall
Cloudflare
CrowdStrike Falcon
Fortinet Fortigate
File Integrity Monitoring
Google Workspace
Microsoft 365 Defender & Defender for Endpoint
Microsoft (Office) 365
Network Packet Capture
NetFlow & IPFIX
Okta
Palo Alto Networks Cortex XDR
Palo Alto Networks Firewalls
SentinelOne
Tenable
Zscaler
Data transformation
Index time enrichment
Processors
Analyzers
Tokenizers
Filters
Filter on ANN - vector Search
Grok
Field transformation
External lookup enrichment
Circle ingest processor
Match & Geo-match enrich processor10
Support for MaxMind commercial databases
Support for IPinfo commercial databases
Redact ingest processor
Elastic Common Schema
Elastic Common Schema
Content Integrations16
Elastic open web crawler
Connector Framework
Connector API
Elastic Azure Blob Storage connector
Elastic Box connector
Elastic Confluence Cloud & Server connector
Elastic Confluence Data Center connector
Elastic Dropbox connector
Elastic GitHub & GitHub Enterprise Server connector
Elastic Gmail connector
Elastic Google Cloud Storage connector
Elastic Google Drive connector
Elastic GraphQL connector
Elastic Jira Cloud & Server connector
Elastic Jira Data Center connector
Elastic MongoDB connector
Elastic Microsoft SQL connector
Elastic MySQL connector
Elastic Network Drive connector
Elastic Notion connector
Elastic OneDrive connector
Elastic Oracle connector
Elastic Outlook connector
Elastic PostgreSQL connector
Elastic Redis connector
Elastic S3 connector
Elastic Salesforce connector
Elastic ServiceNow connector
Elastic SharePoint Online connector
Elastic SharePoint Server connector
Elastic Slack connector
Elastic Teams connector
Elastic Zoom connector
Data Exploration & Visualization
Visualizations
Time series
Geo
Metrics
Tables
Tag cloud
Custom (Vega)
Lens
Data exploration
ES|QL (Elasticsearch Query Language)
Dashboards
Drilldown between dashboards
Drilldown to URL
Discover
Console
Kibana query autocomplete
Kibana runtime fields editor
Run search sessions in background
Graph analytics
Data views
Share & collaborate
Embeddable dashboards
Anonymous access control (public sharing)
CSV exports
PDF and PNG reports
Saved queries
Content management
Kibana Spaces
Custom banners
Custom branding
Object export UI & APIs
Tags
Navigational search
Elastic Observability
Observability overview
User Experience overview
Curated ad hoc data exploration
Service Level Objectives (SLOs)
Kibana alerting and actions5
Elastic AI Assistant
Universal Profiling
LLM Observability
Elastic APM
APM Server
Jaeger intake
OpenTelemetry intake for traces and metrics
APM app
Distributed tracing
Service maps
Tail-based sampling
Correlations
Synthetic _source for APM indices
15
15
15
LLM tracing
APM agents
Java
.NET
Go
Ruby
RUM (JavaScript)
PHP
Python
Node
Integrations
Elastic Logs, Metrics
Kibana alerting and actions5
Machine learning
Synthetic _source for Profiling indices
15
15
15
Elastic Logs
Log shipper (Filebeat)
Dashboards for common data sources
Logs app
Logsdb indices for logs
Synthetic _source for logsdb indices
15
15
15
Custom routing on sort fields for logsdb
Integrations
Elastic APM, Synthetic Monitoring private locations
Kibana alerting and actions5
Log categorization
Machine learning
Elastic Metrics
Metric shipper (Metricbeat)
Dashboards for common data sources
Metrics app
Time series indices for metrics (TSDS)
Synthetic _source for time series indices
15
15
15
Downsampling
Integrations
Elastic Logs, APM
Kibana alerting and actions5
Machine learning
Elastic Synthetic Monitoring
Synthetic Monitoring UI
Project Monitors
Managed Test Execution Service14
Private Testing Locations
Point and Click Script Recorder
Integrations
Elastic Logs, Metrics, APM
Kibana alerting and actions5
Machine learning
Elastic Security
Elastic Common Schema
Extended detection and response (XDR)
Security information and event management (SIEM)
Host security analysis
Network security analysis
User security analysis
Timeline event explorer
Case management
Detection engine (e.g., correlation, indicator match, threshold)
Prebuilt detection rules
Prebuilt detection rules import/export
Prebuilt detection rules customization
Detection alerts suppression
Analyst Insights
Detection alert external actions
Machine learning anomaly detection
Prebuilt anomaly detection jobs
Attack Discovery
Malware prevention
Admin-defined endpoint blocklist
Ransomware prevention
Malicious behavior protection
Memory threat protection
Self healing
Host Isolation
Interactive response console
Tamper protection
Elastic AI Assistant
Threat intelligence management
Customizable on-endpoint protection notifications
Cloud and Kubernetes Security Posture Management (K/CSPM)
Workload session auditing
Integrations
Elastic Agent
Elastic APM
IPinfo Commercial Database
Elastic Maps
Kibana Alerts and Actions5
Response actions on 3rd-party endpoint solutions
Osquery Manager
Network Packet Capture12
Threat intelligence feeds and platforms
Atlassian Jira
Swimlane SOAR
IBM Resilient
ServiceNow ITOM, ITSM, SecOps
Generative AI Connector for Open AI, Azure Open AI, AWS Bedrock, Google Vertex AI
Machine learning
Elastic Maps
Elastic Maps Service6
Base layer maps
Elastic Maps Server11
Maps app
Shapefile and GeoJSON upload
Multiple layers
Native vector tile support
Layer-based filtering
Client-side styling
Individual points and shapes
Geo aggregations
Embed Maps in dashboard
Tracking alerts
Containment alerts
Geo-threshold alerts
Display up to 24 zoom levels
Custom raster and vector tile service support
Kibana Alerts: tracking containment (geofencing)
Orchestration
Elastic Cloud Enterprise
Deploy anywhere: bare metal, VMs, private or public cloud
Centrally provision, manage, and monitor multiple clusters
Resource tagging, and tag-based deployment configuration
Online same-day version updates
Single-click upgrades & scaling
User and role management
Automated periodic snapshots
Optimized resource utilization
Container-based resource isolation
Cross-cluster search and replication across ECE installations
Deployment autoscaling
Advanced security for remote clusters
Elastic Cloud on Kubernetes4
Deploy Elasticsearch, Kibana, and APM Server, Beats, Enterprise tier, and Elastic Agent on Kubernetes
Deploy Search and Elastic Maps Server on Kubernetes
Provision, manage, and monitor multiple clusters
Default Elastic Stack security and authentication for every deployment
Single command upgrades and scaling
Cross-cluster replication and search within or outside of a Kubernetes cluster
Autoscaling Elasticsearch and Machine learning nodes
Support
Support coverage
24/7/365
24/7/365
Business hrs
Target initial response times
Critical: 1 hr
L2: 4 hrs
L3: 1 business day
L2: 4 hrs
L3: 1 business day
Critical: 1 hr
L2: 4 hrs
L3: 1 business day
L2: 4 hrs
L3: 1 business day
Critical: 4 hrs
L2: 1 day
L3: 2 days
L2: 1 day
L3: 2 days
Unlimited # of incidents
Unlimited # of projects
Support contacts7
8
8
6
Web and phone support
Emergency patches
Free and open -
Basic 1, 2
Platinum
Enterprise
Gold
(Discontinued)9
for self-managed users
Elastic Stack Operations & Management
Storage types
Inverted index (for search)
Evaluating calculated fields at index time
Runtime fields
Lookup runtime field
Document store (for unstructured)
Columnar store (for analytics)
BKD trees (for numeric, dates, & geo)
Flattened field type
Histogram field type
Match only text field type
Shape field type
Vector field type
Version field type
Wildcard field type
Synthetic _source
Data management
Searchable snapshots
Snapshot/restore APIs
Snapshot as simple archives
Snapshot lifecycle management
Snapshot-based peer recoveries
Data rollups
Data streams
Data tiers
Data transforms
Index lifecycle management
Data stream lifecycle
Downsampling lifecycle
Stack management
Data import tutorials
Ingest Node Pipeline Builder UI
Grok Debugger
Upgrade Assistant
License management
Centralized Logstash pipeline management
Scalability & resiliency
Clustering & high availability
Cluster rebalancing
Advanced cluster rebalancing13
Cross-cluster search (legacy certificate based security model / _search only)
Cross-cluster search (advanced API-key based security model / including ES|QL)
Cross-cluster replication
Elastic Stack security
Secure settings
Encrypted communications
Role-based access control
Anonymous access control (public sharing)
File and native authentication
Kibana Spaces
Kibana feature controls
Kibana sub-feature privileges8
Prelogin access agreement
API keys management
Elasticsearch audit logging
Kibana audit logging
IP filtering
LDAP, PKI3, Active Directory authentication
Elasticsearch Token Service
Single sign-on (SAML, OpenID Connect, Kerberos, JWT)
Attribute-based access control
Field- and document-level security
Custom authentication & authorization realms
Encryption at rest support
FIPS 140-2 mode
Advanced security for remote clusters
Stack monitoring
Full stack monitoring
Multi-stack monitoring
Configurable retention policy
Kibana alerting and actions5
Alerting
Noise reduction capabilities (e.g: Scheduled Snooze, Muting, Deduping, etc.)
Maintenance Windows
Tracking containment rule type (geofencing)
Anomaly detection rule types by Machine Learning
Operational rule type for transforms
Search threshold rule types for Discover
Case Management
Case user assignment
Elastic Connectors (e.g., Server Log and Index)
Connectors (Actions) (e.g. email, webhook, Jira, MS Teams, OpsGenie, PagerDuty, Slack, IBM Resilient, ServiceNow®, Tines, Torq)
Watcher
Clients
REST APIs
Language clients
Query DSL
Console
ES-Hadoop
JDBC Client
ODBC Client
Tableau Connector
Localized UI
English
Chinese (Simplified)
French
Japanese
Search & Analysis
Full-text search
Relevance scoring
Highlighting
Type ahead
Corrections
Suggestions
Percolations
Async search
Results pinning
Dynamically updateable synonyms
Query profiler
Similarity functions for vector fields
Vector search
Reciprocal Rank Fusion (RRF) for hybrid search
Doc-value-only fields
Synonym management
Query Rules
Learning to Rank
Retrievers
Rank Vectors (for MaxSim)
Analytics
Aggregations
Boxplot aggregation
Cumulative cardinality aggregation
Geoline aggregation
Geoshape aggregations
Geohexgrid aggregations
Geogrid query
Moving percentiles aggregation
Multi terms aggregation
Normalize aggregation
Range aggregation over histogram fields
Random sampler aggregation
Rate aggregation
Significant terms aggregation p-value score
String stats aggregation
Text categorization aggregation
Top metrics aggregation
T-test aggregation
Graph exploration
Vector tiles API
Query languages
Elasticsearch SQL APIs & CLI
Event Query Language (EQL)
ES|QL (Elasticsearch Query Language)
Cross-cluster ES|QL - Tech Preview
Machine Learning
Data exploration for machine learning
Data Visualizer
File upload wizard
Data drift
Dashboard embeddables
Anomaly detection
Single metric and multi-metric
Population/entity analysis
Log message categorization
Rare analysis
Root cause indication
Forecasting on time series
DST support
Data frame analysis
Outlier detection
Regression
Classification
Feature importance
Inference and model management
Language identification
Third party model management, for ML nodes
Kibana Space access to models
Elastic Learned Sparse Encoder (ELSER) - packaged for ML nodes
e5 - packaged for ML nodes
Elastic Rerank
Inference API - Elastic managed (ELSER, e5, Elastic Rerank)
Inference API - support for third party and self managed embeddings, reranking and LLM providers
AIOps
Explain log rate spikes
Log Pattern Analysis
Change Point Detection
Elasticsearch
Search server
Search management UI
Search stack monitoring
Dashboards for web and search analytics
Dev Console
Elastic AI Assistant
Content Management
Content management UI
Ingestion pipeline management
Inference processor management
Extraction Service (Beta)
Machine Learning / AI
Third party model management, for ML nodes
Elastic Learned Sparse Encoder (ELSER) - packaged for ML nodes
e5 - packaged for ML nodes
Elastic Rerank
Inference API - Elastic managed (ELSER, e5 and Elastic Rerank)
Inference API - support for third party and self managed embeddings, reranking and LLM providers
Playground
Query and relevance
Search Applications
Elasticsearch query DSL
ES|QL (Elasticsearch Query Language)
Language-specific relevance
Vector search
Similarity functions for vector fields
Reciprocal Rank Fusion (RRF) for hybrid search
Synonym management
Query rules
Learning to Rank (LTR)
Search Applications (beta)
Clients
Language clients (open source)
Search UI (open source)
AI ecosystem client integrations (open source)
Web and search analytics client (Beta)
Security
Encrypted communications
Role-based access control
LDAP, PKI3, Active Directory authentication
Single sign-on (SAML, OpenID Connect, Kerberos, JWT)
Encryption at rest support
Data Ingest & Transformation
Ingest products & features
Filebeat, Metricbeat, Winlogbeat, Packetbeat12, Heartbeat, Auditbeat
Functionbeat
Real browser-based synthetic monitoring agent
Logstash
ES-Hadoop
File import wizard
Auto Import (Tech Preview)
Fleet
Fleet Server
Fleet app
Fleet integrations
Elastic Agent
Selective agent binary updates
Scheduled agent binary upgrades
Selective agent policy reassignment
Selective agent unenrollment
Per Policy output assignment
Per Integration output assignment
Reusable Integration policies
Data sources - For a full list of integrations available, check out our Integrations page.
Abuse.ch
Audit system data
Cisco Firepower
Check Point Firewall
Cloudflare
CrowdStrike Falcon
Fortinet Fortigate
File Integrity Monitoring
Google Workspace
Microsoft 365 Defender & Defender for Endpoint
Microsoft (Office) 365
Network Packet Capture
NetFlow & IPFIX
Okta
Palo Alto Networks Cortex XDR
Palo Alto Networks Firewalls
SentinelOne
Tenable
Zscaler
Data transformation
Index time enrichment
Processors
Analyzers
Tokenizers
Filters
Filter on ANN - vector Search
Grok
Field transformation
External lookup enrichment
Circle ingest processor
Match & Geo-match enrich processor10
Support for MaxMind commercial databases
Support for IPinfo commercial databases
Redact ingest processor
Elastic Common Schema
Elastic Common Schema
Content Integrations16
Elastic open web crawler
Connector Framework
Connector API
Elastic Azure Blob Storage connector
Elastic Box connector
Elastic Confluence Cloud & Server connector
Elastic Confluence Data Center connector
Elastic Dropbox connector
Elastic GitHub & GitHub Enterprise Server connector
Elastic Gmail connector
Elastic Google Cloud Storage connector
Elastic Google Drive connector
Elastic GraphQL connector
Elastic Jira Cloud & Server connector
Elastic Jira Data Center connector
Elastic MongoDB connector
Elastic Microsoft SQL connector
Elastic MySQL connector
Elastic Network Drive connector
Elastic Notion connector
Elastic OneDrive connector
Elastic Oracle connector
Elastic Outlook connector
Elastic PostgreSQL connector
Elastic Redis connector
Elastic S3 connector
Elastic Salesforce connector
Elastic ServiceNow connector
Elastic SharePoint Online connector
Elastic SharePoint Server connector
Elastic Slack connector
Elastic Teams connector
Elastic Zoom connector
Data Exploration & Visualization
Visualizations
Time series
Geo
Metrics
Tables
Tag cloud
Custom (Vega)
Lens
Data exploration
ES|QL (Elasticsearch Query Language)
Dashboards
Drilldown between dashboards
Drilldown to URL
Discover
Console
Kibana query autocomplete
Kibana runtime fields editor
Run search sessions in background
Graph analytics
Data views
Share & collaborate
Embeddable dashboards
Anonymous access control (public sharing)
CSV exports
PDF and PNG reports
Saved queries
Content management
Kibana Spaces
Custom banners
Custom branding
Object export UI & APIs
Tags
Navigational search
Elastic Observability
Observability overview
User Experience overview
Curated ad hoc data exploration
Service Level Objectives (SLOs)
Kibana alerting and actions5
Elastic AI Assistant
Universal Profiling
LLM Observability
Elastic APM
APM Server
Jaeger intake
OpenTelemetry intake for traces and metrics
APM app
Distributed tracing
Service maps
Tail-based sampling
Correlations
Synthetic _source for APM indices
LLM tracing
APM agents
Java
.NET
Go
Ruby
RUM (JavaScript)
PHP
Python
Node
Integrations
Elastic Logs, Metrics
Kibana alerting and actions5
Machine learning
Synthetic _source for Profiling indices
Elastic Logs
Log shipper (Filebeat)
Dashboards for common data sources
Logs app
Logsdb indices for logs
Synthetic _source for logsdb indices
Custom routing on sort fields for logsdb
Integrations
Elastic APM, Synthetic Monitoring private locations
Kibana alerting and actions5
Log categorization
Machine learning
Elastic Metrics
Metric shipper (Metricbeat)
Dashboards for common data sources
Metrics app
Time series indices for metrics (TSDS)
Synthetic _source for time series indices
Downsampling
Integrations
Elastic Logs, APM
Kibana alerting and actions5
Machine learning
Elastic Synthetic Monitoring
Synthetic Monitoring UI
Project Monitors
Managed Test Execution Service14
Private Testing Locations
Point and Click Script Recorder
Integrations
Elastic Logs, Metrics, APM
Kibana alerting and actions5
Machine learning
Elastic Security
Elastic Common Schema
Extended detection and response (XDR)
Security information and event management (SIEM)
Host security analysis
Network security analysis
User security analysis
Timeline event explorer
Case management
Detection engine (e.g., correlation, indicator match, threshold)
Prebuilt detection rules
Prebuilt detection rules import/export
Prebuilt detection rules customization
Detection alerts suppression
Analyst Insights
Detection alert external actions
Machine learning anomaly detection
Prebuilt anomaly detection jobs
Attack Discovery
Malware prevention
Admin-defined endpoint blocklist
Ransomware prevention
Malicious behavior protection
Memory threat protection
Self healing
Host Isolation
Interactive response console
Tamper protection
Elastic AI Assistant
Threat intelligence management
Customizable on-endpoint protection notifications
Cloud and Kubernetes Security Posture Management (K/CSPM)
Workload session auditing
Integrations
Elastic Agent
Elastic APM
IPinfo Commercial Database
Elastic Maps
Kibana Alerts and Actions5
Response actions on 3rd-party endpoint solutions
Osquery Manager
Network Packet Capture12
Threat intelligence feeds and platforms
Atlassian Jira
Swimlane SOAR
IBM Resilient
ServiceNow ITOM, ITSM, SecOps
Generative AI Connector for Open AI, Azure Open AI, AWS Bedrock, Google Vertex AI
Machine learning
Elastic Maps
Elastic Maps Service6
Base layer maps
Elastic Maps Server11
Maps app
Shapefile and GeoJSON upload
Multiple layers
Native vector tile support
Layer-based filtering
Client-side styling
Individual points and shapes
Geo aggregations
Embed Maps in dashboard
Tracking alerts
Containment alerts
Geo-threshold alerts
Display up to 24 zoom levels
Custom raster and vector tile service support
Kibana Alerts: tracking containment (geofencing)
Orchestration
Elastic Cloud Enterprise
Deploy anywhere: bare metal, VMs, private or public cloud
Centrally provision, manage, and monitor multiple clusters
Resource tagging, and tag-based deployment configuration
Online same-day version updates
Single-click upgrades & scaling
User and role management
Automated periodic snapshots
Optimized resource utilization
Container-based resource isolation
Cross-cluster search and replication across ECE installations
Deployment autoscaling
Advanced security for remote clusters
Elastic Cloud on Kubernetes4
Deploy Elasticsearch, Kibana, and APM Server, Beats, Enterprise tier, and Elastic Agent on Kubernetes
Deploy Search and Elastic Maps Server on Kubernetes
Provision, manage, and monitor multiple clusters
Default Elastic Stack security and authentication for every deployment
Single command upgrades and scaling
Cross-cluster replication and search within or outside of a Kubernetes cluster
Autoscaling Elasticsearch and Machine learning nodes
Support
Support coverage
Target initial response times
Unlimited # of incidents
Unlimited # of projects
Support contacts7
Web and phone support
Emergency patches
15
15
15
15
15
15
15
15
15
15
15
15
15
15
15
24/7/365
24/7/365
Business hrs
Critical: 1 hr
L2: 4 hrs
L3: 1 business day
L2: 4 hrs
L3: 1 business day
Critical: 1 hr
L2: 4 hrs
L3: 1 business day
L2: 4 hrs
L3: 1 business day
Critical: 4 hrs
L2: 1 day
L3: 2 days
L2: 1 day
L3: 2 days
8
8
6
1 For a more detailed discussion of our licensing options and 2021 licensing changes, please refer to the licensing FAQ on our website.
2 Available under the Elastic License. Select features are also available under SSPL or Apache License 2.0. For questions about which features may be licensed under SSPL and Apache License 2.0, please contact elastic_license@elastic.co.
3 Feature is currently not available in deployments on Elastic Cloud Enterprise.
4 Customers whose Enterprise subscriptions use ECE/ECE Instances as the billing metric must agree to additional terms before they can access the Enterprise-level features listed in this section. Please contact us.
5 Refer to the Alerting section (Kibana Alerts and Kibana Actions items) for further details. Alerting rules based on anomaly detection or SLOs are only available on Platinum and Enterprise tiers.
6 Elastic Maps Service - Terms of Service
7 Elastic Certified Professionals can be added as additional Support contacts on paid subscriptions at no additional charge.
8 Access to administering Kibana subfeature privileges start at the Gold tier and are available on a per-feature basis matching the feature’s subscriptions tier.
9 Gold Subscription tier is no longer available for new customers, try Elastic Cloud Gold instead. Customers with existing Gold Subscriptions will continue to be supported through the end of its current subscription term.
10 Elastic GeoIP Database Service Agreement
11 Subject to Elastic Vector Tiles Data License Agreement
12 Re-distributing the Windows release of Packetbeat and the Network Packet Capture agent integration for Windows hosts requires an additional license to npcap, a Windows packet sniffing library, that may be obtained from nmap.org.
13 Advanced cluster rebalancing is based on observed data stream write loads described in cluster-level shard allocation.
14 Access to the global managed testing infrastructure is for users running Elastic Cloud only. Self managed users can deploy their own testing nodes using private locations.
15 Synthetic _source is an Enterprise feature from 8.17 onward.
16 Updates provided through this subscription page exclude End-of-Life (EOL) products such as Enterprise Search or included features such as App Search, Workplace Search, Elastic web crawler or native connectors. For more details on discontinued products, please consult our product subscription archive.
The list above reflects the features available in the latest version of the Elastic Stack. Any features or functions of services or products referenced on this page or other pages, or in any presentations, press releases or public statements, which are not currently available or not currently available as a GA release, may not be delivered on time or at all. The development, release, and timing of any features or functionality described for our products remains at our sole discretion. Customers who purchase our products and services should make the purchase decisions based upon services and product features and functions that are currently available.
