Elastic, the company developing enterprise search engine Elasticsearch and the Elastic Stack, has decided to make core Elastic Stack security features accessible to all users (and not just those who have a Gold subscription).
What is the Elastic Stack?
Elasticsearch is the most widely used enterprise search engine in the world. It is usually used for log, business, operational and security intelligence analytics.
It is part of the Elastic Stack, an integrated solution that also includes:
- Logstash (a data collection and processing tool used to ingest data from logs, web apps, data stores, etc. and send it to Elasticsearch)
- Kibana (a platform that lets users visualize and explore their Elasticsearch data), and
- Beats (data shippers that send data from machines and systems to Logstash or Elasticsearch).
Elasticsearch converts raw data sent to it into internal documents and adds a searchable reference to them in the cluster’s index. Users can search and retrieve the needed data via the Elasticsearch API and visualize it through Kibana.
Organizations can run it on-premises or in the cloud, but also have the option of using managed Elasticsearch services.
The security features
The core security features that are now available to all will allow users to encrypt network traffic (through TLS), create and manage users, define roles that protect index and cluster level access via APIs, and fully secure Kibana with Spaces.
(Advanced security features – encryption at rest, attribute-based access control, LDAP and AD authentication, field- and document-level security, etc. – are still available only to paying customers.)
Users who want to take advantage of the offered security features are urged to download versions 6.8.0 or 7.1.0 of the Elastic Stack.
To help them learn the fundamentals of securing Elasticsearch, the company is also offering a training course (free until the end of May) and other learning materials.