Elastic Stack subscriptions
The Elastic Stack — Elasticsearch, Kibana, Beats, and Logstash — powers a variety of use cases. And we have flexible plans to help you get the most out of your on-prem subscriptions.
Open Source
Apache 2.0: Now and always.
Feature highlights include:
- Clustering & high availability
- Powerful search and analysis
- Data visualization and dashboarding
- And more (see full list)
Basic
The forever-free plan.
Everything in Open Source plus:
- Core security features
- Solutions such as Elastic APM, SIEM, Maps, and more
- Canvas
- And more (see full list)
Gold
More features. Dedicated support.
Everything in Basic plus:
- Alerting
- Reporting
- Ingest management
- Business hours support
- And more (see full list)
Platinum
The fully loaded experience.
Everything in Gold plus:
- Advanced security features
- Machine learning
- Cross-cluster replication
- 24/7/365 support
- And more (see full list)
Open Source
Basic
Gold
Platinum
Elastic Stack Operations & Management
Storage types
- Inverted index (for search)
- Document store (for unstructured)
- Columnar store (for analytics)
- BKD trees (for numeric, dates, & geo)
- Frozen indices (for long term storage)
Storage types
- Inverted index (for search)
- Document store (for unstructured)
- Columnar store (for analytics)
- BKD trees (for numeric, dates, & geo)
- Frozen indices (for long term storage)
Storage types
- Inverted index (for search)
- Document store (for unstructured)
- Columnar store (for analytics)
- BKD trees (for numeric, dates, & geo)
- Frozen indices (for long term storage)
Storage types
- Inverted index (for search)
- Document store (for unstructured)
- Columnar store (for analytics)
- BKD trees (for numeric, dates, & geo)
- Frozen indices (for long term storage)
Data management
- Snapshot/restore
- Minimal snapshots
- Data rollups
- Index management
- Index lifecycle management
- Data frames
Data management
- Snapshot/restore APIs & UI
- Minimal snapshots
- Data rollups
- Index management
- Index lifecycle management
- Data frames
Data management
- Snapshot/restore APIs & UI
- Minimal snapshots
- Data rollups
- Index management
- Index lifecycle management
- Data frames
Data management
- Snapshot/restore APIs & UI
- Minimal snapshots
- Data rollups
- Index management
- Index lifecycle management
- Data frames
Stack management
- Data import tutorials
- Grok Debugger
- Upgrade Assistant
- License management
- Centralized Beats management
- Centralized Logstash pipeline management
Stack management
- Data import tutorials
- Grok Debugger
- Upgrade Assistant
- License management
- Centralized Beats management
- Centralized Logstash pipeline management
Stack management
- Data import tutorials
- Grok Debugger
- Upgrade Assistant
- License management
- Centralized Beats management
- Centralized Logstash pipeline management
Stack management
- Data import tutorials
- Grok Debugger
- Upgrade Assistant
- License management
- Centralized Beats management
- Centralized Logstash pipeline management
Scalability & resiliency
- Clustering & high availability
- Automatic data rebalancing
- Cross-cluster search
- Cross-cluster replication*
Scalability & resiliency
- Clustering & high availability
- Automatic data rebalancing
- Cross-cluster search
- Cross-cluster replication*
Scalability & resiliency
- Clustering & high availability
- Automatic data rebalancing
- Cross-cluster search
- Cross-cluster replication*
Scalability & resiliency
- Clustering & high availability
- Automatic data rebalancing
- Cross-cluster search
- Cross-cluster replication*
Security
- Encrypted communications
- Role-based access control
- File and native authentication
- Kibana Spaces
- Kibana feature control
- Audit logging
- IP filtering
- LDAP, PKI*, Active Directory authentication
- Elasticsearch Token Service
- Single sign-on (SAML, OpenID Connect, Kerberos*)
- Attribute-based access control
- Field- and document-level security
- Custom authentication & authorization realms
- Encryption at rest support
- FIPS 140-2 mode
Security
- Encrypted communications
- Role-based access control
- File and native authentication
- Kibana Spaces
- Kibana feature control
- Audit logging
- IP filtering
- LDAP, PKI*, Active Directory authentication
- Elasticsearch Token Service
- Single sign-on (SAML, OpenID Connect, Kerberos*)
- Attribute-based access control
- Field- and document-level security
- Custom authentication & authorization realms
- Encryption at rest support
- FIPS 140-2 mode
Security
- Encrypted communications
- Role-based access control
- File and native authentication
- Kibana Spaces
- Kibana feature control
- Audit logging
- IP filtering
- LDAP, PKI*, Active Directory authentication
- Elasticsearch Token Service
- Single sign-on (SAML, OpenID Connect, Kerberos*)
- Attribute-based access control
- Field- and document-level security
- Custom authentication & authorization realms
- Encryption at rest support
- FIPS 140-2 mode
Security
- Encrypted communications
- Role-based access control
- File and native authentication
- Kibana Spaces
- Kibana feature control
- Audit logging
- IP filtering
- LDAP, PKI*, Active Directory authentication
- Elasticsearch Token Service
- Single sign-on (SAML, OpenID Connect, Kerberos*)
- Attribute-based access control
- Field- and document-level security
- Custom authentication & authorization realms
- Encryption at rest support
- FIPS 140-2 mode
Stack monitoring
- Full stack monitoring
- Multi-stack monitoring
- Configurable retention policy
- Automatic stack issue alerts
Stack monitoring
- Full stack monitoring
- Multi-stack monitoring
- Configurable retention policy
- Automatic stack issue alerts
Stack monitoring
- Full stack monitoring
- Multi-stack monitoring
- Configurable retention policy
- Automatic stack issue alerts
Stack monitoring
- Full stack monitoring
- Multi-stack monitoring
- Configurable retention policy
- Automatic stack issue alerts
Alerting
- Highly available, scalable alerting
- Notifications via email, Slack, Pagerduty, Jira, or webhooks
- Alerting UI
Alerting
- Highly available, scalable alerting
- Notifications via email, Slack, Pagerduty, Jira, or webhooks
- Alerting UI
Alerting
- Highly available, scalable alerting
- Notifications via email, Slack, Pagerduty, Jira, or webhooks
- Alerting UI
Alerting
- Highly available, scalable alerting
- Notifications via email, Slack, Pagerduty, Jira, or webhooks
- Alerting UI
Clients
- REST APIs
- Language clients
- Query DSL
- Console
- ES-Hadoop
- Elasticsearch SQL APIs & CLI
- JDBC Client
- ODBC Client
Clients
- REST APIs
- Language clients
- Query DSL
- Console
- ES-Hadoop
- Elasticsearch SQL APIs & CLI
- JDBC Client
- ODBC Client
Clients
- REST APIs
- Language clients
- Query DSL
- Console
- ES-Hadoop
- Elasticsearch SQL APIs & CLI
- JDBC Client
- ODBC Client
Clients
- REST APIs
- Language clients
- Query DSL
- Console
- ES-Hadoop
- Elasticsearch SQL APIs & CLI
- JDBC Client
- ODBC Client
Localized UI
- English
- Chinese (Simplified)
- Japanese
Localized UI
- English
- Chinese (Simplified)
- Japanese
Localized UI
- English
- Chinese (Simplified)
- Japanese
Localized UI
- English
- Chinese (Simplified)
- Japanese
Search & Analysis
Full-text search
- Relevance scoring
- Highlighting
- Type ahead
- Corrections
- Suggestions
- Percolations
- Query profiler
Full-text search
- Relevance scoring
- Highlighting
- Type ahead
- Corrections
- Suggestions
- Percolations
- Query profiler
Full-text search
- Relevance scoring
- Highlighting
- Type ahead
- Corrections
- Suggestions
- Percolations
- Query profiler
Full-text search
- Relevance scoring
- Highlighting
- Type ahead
- Corrections
- Suggestions
- Percolations
- Query profiler
Analytics
- Aggregations
- Graph exploration
Analytics
- Aggregations
- Graph exploration
Analytics
- Aggregations
- Graph exploration
Analytics
- Aggregations
- Graph exploration
Machine learning
- Data Visualizer
- Anomaly detection on time series
- Population/entity analysis
- Log message categorization
- Root cause indication
- Alerting on anomalies
- Forecasting on time series
- Multi-dimensional anomaly viewer UI
Machine learning
- Data Visualizer
- Anomaly detection on time series
- Population/entity analysis
- Log message categorization
- Root cause indication
- Alerting on anomalies
- Forecasting on time series
- Multi-dimensional anomaly viewer UI
Machine learning
- Data Visualizer
- Anomaly detection on time series
- Population/entity analysis
- Log message categorization
- Root cause indication
- Alerting on anomalies
- Forecasting on time series
- Multi-dimensional anomaly viewer UI
Machine learning
- Data Visualizer
- Anomaly detection on time series
- Population/entity analysis
- Log message categorization
- Root cause indication
- Alerting on anomalies
- Forecasting on time series
- Multi-dimensional anomaly viewer UI
Data Ingest & Transformation
Ingest products & features
- Filebeat, Metricbeat, Winlogbeat, Packetbeat, Heartbeat, Auditbeat
- Functionbeat
- Logstash
- ES-Hadoop
- File import wizard
Ingest products & features
- Filebeat, Metricbeat, Winlogbeat, Packetbeat, Heartbeat, Auditbeat
- Functionbeat
- Logstash
- ES-Hadoop
- File import wizard
Ingest products & features
- Filebeat, Metricbeat, Winlogbeat, Packetbeat, Heartbeat, Auditbeat
- Functionbeat
- Logstash
- ES-Hadoop
- File import wizard
Ingest products & features
- Filebeat, Metricbeat, Winlogbeat, Packetbeat, Heartbeat, Auditbeat
- Functionbeat
- Logstash
- ES-Hadoop
- File import wizard
Data sources
- Operating systems
- Web servers and proxies
- Datastores and queues
- Cloud services
- Containers and orchestration
- ArcSight
- Audit system data
- AWS
- Azure
- Cisco ASA
- CoreDNS
- Envoy Proxy
- Iptables
- Microsoft SQL Server
- NetFlow
- Palo Alto Firewall
- Suricata
- Zeek (formerly Bro)
Data sources
- Operating systems
- Web servers and proxies
- Datastores and queues
- Cloud services
- Containers and orchestration
- ArcSight
- Audit system data
- AWS
- Azure
- Cisco ASA
- CoreDNS
- Envoy Proxy
- Iptables
- Microsoft SQL Server
- NetFlow
- Palo Alto Firewall
- Suricata
- Zeek (formerly Bro)
Data sources
- Operating systems
- Web servers and proxies
- Datastores and queues
- Cloud services
- Containers and orchestration
- ArcSight
- Audit system data
- AWS
- Azure
- Cisco ASA
- CoreDNS
- Envoy Proxy
- Iptables
- Microsoft SQL Server
- NetFlow
- Palo Alto Firewall
- Suricata
- Zeek (formerly Bro)
Data sources
- Operating systems
- Web servers and proxies
- Datastores and queues
- Cloud services
- Containers and orchestration
- ArcSight
- Audit system data
- AWS
- Azure
- Cisco ASA
- CoreDNS
- Envoy Proxy
- Iptables
- Microsoft SQL Server
- NetFlow
- Palo Alto Firewall
- Suricata
- Zeek (formerly Bro)
Data transformation
- Index time enrichment
- Processors
- Analyzers
- Tokenizers
- Filters
- Grok
- Field transformation
- External lookup enrichment
Data transformation
- Index time enrichment
- Processors
- Analyzers
- Tokenizers
- Filters
- Grok
- Field transformation
- External lookup enrichment
Data transformation
- Index time enrichment
- Processors
- Analyzers
- Tokenizers
- Filters
- Grok
- Field transformation
- External lookup enrichment
Data transformation
- Index time enrichment
- Processors
- Analyzers
- Tokenizers
- Filters
- Grok
- Field transformation
- External lookup enrichment
Elastic Common Schema
- Elastic Common Schema
Elastic Common Schema
- Elastic Common Schema
Elastic Common Schema
- Elastic Common Schema
Elastic Common Schema
- Elastic Common Schema
Data Exploration & Visualization
Visualizations
- Time series
- Geo
- Metrics
- Tables
- Tag cloud
- Custom (Vega)
Visualizations
- Time series
- Geo
- Metrics
- Tables
- Tag cloud
- Custom (Vega)
Visualizations
- Time series
- Geo
- Metrics
- Tables
- Tag cloud
- Custom (Vega)
Visualizations
- Time series
- Geo
- Metrics
- Tables
- Tag cloud
- Custom (Vega)
Data exploration
- Dashboards
- Discover
- Console
- Kibana query autocomplete
- Graph analytics
Data exploration
- Dashboards
- Discover
- Console
- Kibana query autocomplete
- Graph analytics
Data exploration
- Dashboards
- Discover
- Console
- Kibana query autocomplete
- Graph analytics
Data exploration
- Dashboards
- Discover
- Console
- Kibana query autocomplete
- Graph analytics
Canvas
- Canvas
Canvas
- Canvas
Canvas
- Canvas
Canvas
- Canvas
Share & collaborate
- Embeddable dashboards
- Object export UI & APIs
- CSV exports
- PDF and PNG reports
Share & collaborate
- Embeddable dashboards
- Object export UI & APIs
- CSV exports
- PDF and PNG reports
Share & collaborate
- Embeddable dashboards
- Object export UI & APIs
- CSV exports
- PDF and PNG reports
Share & collaborate
- Embeddable dashboards
- Object export UI & APIs
- CSV exports
- PDF and PNG reports
Elastic APM
- APM Server
- APM app
- Distributed tracing
- APM Server
- APM app
- Distributed tracing
- APM Server
- APM app
- Distributed tracing
- APM Server
- APM app
- Distributed tracing
APM agents
- Java
- .NET
- Go
- Ruby
- RUM (Javascript)
- Python
- Node
APM agents
- Java
- .NET
- Go
- Ruby
- RUM (Javascript)
- Python
- Node
APM agents
- Java
- .NET
- Go
- Ruby
- RUM (Javascript)
- Python
- Node
APM agents
- Java
- .NET
- Go
- Ruby
- RUM (Javascript)
- Python
- Node
Integrations
- Elastic Logs, Infrastructure
- Alerting
- Machine learning
Integrations
- Elastic Logs, Infrastructure
- Alerting
- Machine learning
Integrations
- Elastic Logs, Infrastructure
- Alerting
- Machine learning
Integrations
- Elastic Logs, Infrastructure
- Alerting
- Machine learning
Elastic Logs
- Log shipper (Filebeat)
- Dashboards for common data sources
- Logs app
- Log shipper (Filebeat)
- Dashboards for common data sources
- Logs app
- Log shipper (Filebeat)
- Dashboards for common data sources
- Logs app
- Log shipper (Filebeat)
- Dashboards for common data sources
- Logs app
Elastic Infrastucture
- Metric shipper (Metricbeat)
- Dashboards for common data sources
- Infrastructure app
- Metric shipper (Metricbeat)
- Dashboards for common data sources
- Infrastructure app
- Metric shipper (Metricbeat)
- Dashboards for common data sources
- Infrastructure app
- Metric shipper (Metricbeat)
- Dashboards for common data sources
- Infrastructure app
Integrations
- Elastic Logs, APM
Integrations
- Elastic Logs, APM
Integrations
- Elastic Logs, APM
Integrations
- Elastic Logs, APM
Elastic Uptime
- Uptime monitor (Heartbeat)
- Uptime dashboards in Kibana
- Uptime app
- Uptime monitor (Heartbeat)
- Uptime dashboards in Kibana
- Uptime app
- Uptime monitor (Heartbeat)
- Uptime dashboards in Kibana
- Uptime app
- Uptime monitor (Heartbeat)
- Uptime dashboards in Kibana
- Uptime app
Integrations
- Elastic Logs, Infrastructure, APM
Integrations
- Elastic Logs, Infrastructure, APM
Integrations
- Elastic Logs, Infrastructure, APM
Integrations
- Elastic Logs, Infrastructure, APM
Elastic SIEM
- Elastic Common Schema
- Host security analysis
- Network security analysis
- Timeline event explorer
- Elastic Common Schema
- Host security analysis
- Network security analysis
- Timeline event explorer
- Elastic Common Schema
- Host security analysis
- Network security analysis
- Timeline event explorer
- Elastic Common Schema
- Host security analysis
- Network security analysis
- Timeline event explorer
Elastic Maps
Elastic Maps Service
- Base layer maps
- 10 zoom levels
Elastic Maps Service
- Base layer maps
- 18 zoom levels
Elastic Maps Service
- Base layer maps
- 18 zoom levels
Elastic Maps Service
- Base layer maps
- 18 zoom levels
Maps app
- Multiple layers
- Layer-based filtering
- Client-side styling
- Individual points and shapes
- Geo aggregations
- Embed Maps in dashboard
Maps app
- Multiple layers
- Layer-based filtering
- Client-side styling
- Individual points and shapes
- Geo aggregations
- Embed Maps in dashboard
Maps app
- Multiple layers
- Layer-based filtering
- Client-side styling
- Individual points and shapes
- Geo aggregations
- Embed Maps in dashboard
Maps app
- Multiple layers
- Layer-based filtering
- Client-side styling
- Individual points and shapes
- Geo aggregations
- Embed Maps in dashboard
Elastic App Search
- App Search Server
- App Search UI
- Search result curation
- Search analytics
- Custom synonyms
- Language-specific relevance
- Typo-tolerant relevance model
- Relevance model tuning
- App Search Server
- App Search UI
- Search result curation
- Search analytics
- Custom synonyms
- Language-specific relevance
- Typo-tolerant relevance model
- Relevance model tuning
- App Search Server
- App Search UI
- Search result curation
- Search analytics
- Custom synonyms
- Language-specific relevance
- Typo-tolerant relevance model
- Relevance model tuning
- App Search Server
- App Search UI
- Search result curation
- Search analytics
- Custom synonyms
- Language-specific relevance
- Typo-tolerant relevance model
- Relevance model tuning
Security
- Encrypted communications
- Role-based access control
- Single sign-on (SAML)
- Encryption at rest support
Security
- Encrypted communications
- Role-based access control
- Single sign-on (SAML)
- Encryption at rest support
Security
- Encrypted communications
- Role-based access control
- Single sign-on (SAML)
- Encryption at rest support
Security
- Encrypted communications
- Role-based access control
- Single sign-on (SAML)
- Encryption at rest support
Support
- Elastic Stack Monitoring Service
- Support coverage
- Response times: Critical: N/A L2: N/A L3: N/A
- Unlimited # of incidents
- # of support contacts
- Web and phone support
- Emergency patches
- Elastic Stack Monitoring Service
- Support coverage
- Response times: Critical: N/A L2: N/A L3: N/A
- Unlimited # of incidents
- # of support contacts
- Web and phone support
- Emergency patches
- Elastic Stack Monitoring Service
- Business hrs support coverage
- Response times: Critical: 4 hrs L2: 1 day L3: 2 days
- Unlimited # of incidents
- 6 support contacts
- Web and phone support
- Emergency patches
- Elastic Stack Monitoring Service
- 24/7/365 support coverage
- Response times: Critical: 1 hr L2: 4 hrs L3: 1 day
- Unlimited # of incidents
- 8 support contacts
- Web and phone support
- Emergency patches
* Feature is currently not available in deployments on Elastic Cloud Enterprise.
Any features or functions of services or products referenced on this page or other pages, or in any presentations, press releases or public statements, which are not currently available or not currently available as a GA release, may not be delivered on time or at all. The development, release, and timing of any features or functionality described for our products remains at our sole discretion. Customers who purchase our products and services should make the purchase decisions based upon services and product features and functions that are currently available.
We're with you every step of the way: from starting up to development to production.
We know what it's like to start small and launch something big. Have access to our products, features, and support right from the beginning from project conception to production.
Want to learn more? We love a good query.
Get details. Request a quote. Explore your options. Anything you like, really.
MarketoFEForm