Elastic AI FAQ

This FAQ is informational. Please note that it may change.

At Elastic, we're committed to transparency — this includes our AI practices and how we securely handle customer data. This overview explains how Elastic uses AI to help our customers and users, and it shares relevant information about our AI security and privacy practices. We've provided a detailed list of definitions and terms in the Supplemental terms of service.

Generative AI is evolving quickly. At Elastic, a cross-functional team of experts work together to ensure that we use AI responsibly in our offerings.

How does Elastic use generative AI in its products?

We use generative AI across our solutions to help our customers and users carry out a wide range of tasks:

  • Security: Helps our customers and users respond to incidents and find alerts faster
  • Observability: Accelerates root cause analysis
  • Search: Provides developers with tools to build modern and conversational search applications

We also use generative AI in our Support Hub's AI Support Assistant, which references Elastic's internal documentation to help answer customers' frequently asked questions. Customers can opt out of Elastic's generative AI features, and we do not use customer data to train Elastic AI.

What kinds of non-generative AI models does Elastic offer?

Customers can add their own compatible AI models to Elasticsearch, keeping in mind that these aren't run by Elastic, so we recommend that you review all third-party terms and data practices. Elastic also has non-generative AI, such as: 

  • Elastic Learned Sparse EncodeR (ELSER): ELSER was developed by Elastic for semantic search to interpret queries in natural language. It's trained on open source models and public data, not customer data.
  • E5: E5 is a multilingual open source natural language processing model that's trained on open source models and public data.
  • Elastic Rerank: Elastic Rerank is a cross encoder model developed for semantic reranking, which returns more accurate search results. It's trained on open source models and public data, not customer data.

Customers can also opt out of Elastic's non-generative AI features.

How can customers use generative AI with Elastic?

Customers have the following options for using generative AI with Elastic:

  1. Use your own LLM: Integrate your own or a third-party large language model (LLM) (e.g., OpenAI, Azure OpenAI Service, Amazon Bedrock). These models are not Elastic AI, and Elastic is not responsible for their data practices. We recommend that you review any terms from such third-party LLM providers, especially when using sensitive data.
  2. Use Elastic managed LLM: Elastic's LLM uses models from providers like OpenAI, Anthropic, Meta, Amazon, and Google. Elastic regularly evaluates AI models from various providers for performance, accuracy, security, safety, legal and regulatory compliance, and usability. Any third-party LLM providers used with the Elastic managed LLM are listed on Elastic's External Subprocessors page.
  3. Opt out: You can choose not to use generative AI with Elastic.

How is my data protected with Elastic AI?

  • Permissions: Elastic AI respects your existing permissions. LLMs and AI models used to generate AI responses can only access and use information that a user already has permission to access.
  • Data protection: Customer data used in our solutions is protected in transit and during processing as outlined in the Elastic Information Security Addendum.
  • Subprocessors: Third-party LLM providers selected by Elastic to process customer data are listed on Elastic's External Subprocessors page.
  • Data training: Elastic does not use your data to train its AI models. We may use telemetry, which does not include your input prompts or AI generated outputs, as described in the Elastic Product Privacy Statement, as well as voluntary feedback and suggestions to make our products and services better.
  • Data privacy and security compliance: Elastic AI adheres to the Elastic Information Security Addendum and the Elastic Customer DPA.
  • Sensitive data: For the Elastic managed LLM, your input prompts and generated outputs are confidential and protected. No customer data is stored in the Elastic managed LLM. If you choose to integrate third-party LLMs, they have their own data privacy policies and protocols and Elastic is not responsible for them.
  • AI interaction: We let users know when they're chatting with our AI.
  • Content ownership: You own your data and what the AI creates. Elastic owns its intellectual property, systems, and tools.
  • Accuracy: Elastic doesn't guarantee AI output accuracy. Please make sure it's accurate, useful, fair, and suitable for your needs.

Need more info?

If you have questions, please reach out to legal@elastic.co.