Elastic self-managed plans

Elastic self-managed subscriptions provide the full power of the Elasticsearch Platform, including Search & AI, Observability, and Security solutions, for you to host, manage, and scale on your own infrastructure. With the freedom to deploy anywhere — air-gapped or in any private or public cloud — you retain full control over your hardware, configuration, and orchestration.
Download Elastic
Contact Sales

Free and open

Download
The full Elastic Stack
  • Elasticsearch: The open source, distributed vector database and search and analytics engine built for speed and scale
  • Kibana: The open source interface to query, analyze, visualize, and manage your data stored in Elasticsearch
  • Data ingestion: Centralize data from any source with native support for OTel, Logstash, and Beats
  • Security: Native authentication (username/password), RBAC, and TLS encryption
  • Monitoring the stack: AutoOps via Cloud Connect and Stack Monitoring

Elasticsearch

  • Scalable, secure Elasticsearch datastore and vector database with flexible document format for unstructured and structured data storage
  • Optimized for fast, high-volume vector and semantic data storage and retrieval
  • Powerful index modes for optimized storage of metrics and logs
  • Hundreds of out-of-the-box integrations, including the Elastic Agent, Connectors, and Logstash
  • Tools for analytic insight on your data, including Discover, dashboards, field statistics, maps, alerting, and developer console
  • Powerful lexical (BM25) and semantic (vector) search

Security

  • Out-of-the-box threat detection with alerting
  • Centralized ingest and agent management for unified fleet administration
  • Malware prevention and host data collection for core endpoint protection
  • Case management with built-in incident tracking and ticketing system

Observability

  • APM, logging, and metrics via Kibana Discover and Dashboards
  • Centralized ingest and agent management
  • Alerting
  • LLM observability
  • Streams for automatically parsing raw logs and surfacing critical events for rapid troubleshooting

Orchestration

  • Elastic Cloud on Kubernetes(ECK):
    • Kubernetes native; orchestrate the Elastic Stack using CRDs and K8s primitives
    • Single command upgrades and cluster resizes

Community Support

  • Free webinars and training materials
  • Slack community
  • Meetups

Platinum*

Contact us
Everything in Free plus:
  • Advanced security and compliance: Single sign-on (SSO), LDAP/Active Directory, field/document-level security, and audit logging
  • Machine learning: Out-of-the-box anomaly detection for logs/metrics and ELSER for semantic search
  • High availability: Cross-cluster replication (CCR) to keep data synchronized across data centers

Elasticsearch

  • Semantic and vector search with Elastic's out-of-the-box machine learning models on Elastic ML nodes — ELSER and e5 models

Security

  • Automated threat discovery with machine learning anomaly detection and prebuilt SIEM jobs
  • Behavioral ransomware protection
  • Detection alerts suppression for reducing alert noise
  • Third-party incident response and ticketing integrations (e.g., Jira, ServiceNow, Webhook)
  • Entity analytics (risk score, entity graph, watchlist)

Observability

  • Log categorization for automated log pattern recognition
  • Service maps of entire application architecture based on APM data
  • Tail-based sampling for capturing every anomalous trace
  • Service Level Objectives for user-centric reliability management
  • APM correlations for automated root cause analysis
  • Machine learning for Observability data for automated anomaly detection

Orchestration

Premium Support

  • 24/7/365 support
  • Phone and web-based support
  • 8 Support Contacts
  • Unlimited incidents
  • Target initial response time:
    • Critical: 1 hour
    • L2: 4 hours
    • L3: 1 business day

Enterprise

Contact us
Everything in Platinum plus:
  • Searchable snapshots: Allow searching years of data on low-cost object storage (S3), reducing infrastructure costs by up to 80%
  • Advanced AI and orchestration: Access to Attack Discovery (GenAI security) and Universal Profiling
  • Cross-cluster search: Advanced API-key based security model, including ES|QL

Elasticsearch

  • Elastic Agent Builder for RAG and search development with third-party LLM providers
  • Jina AI models for semantic search and RAG applications
  • Inference Service Management with third-party LLM and machine learning model providers
  • High relevance by default with hybrid search, RAG; customizable with retrievers and ES|QL
  • Semantic reranking with Elastic's out-of-the-box machine learning model — Elastic Rerank
  • Personalization with Learn-to-Rank (LTR)
  • DiskBBQ: Reduces vector memory footprint while maintaining fast kNN search speeds

Security

  • Elastic Workflows for automating incident response and alert routing.
  • Endpoint response actions
  • Endpoint and cloud workload protection for deep visibility
  • AI insights and guidance
  • Attack Discovery automated alert triage
  • Automatic Import data source onboarding
  • Automatic Migration for streamlined SIEM onboarding
  • Advanced entity analytics (AI skill, entity resolution)

Observability

  • Elastic AI Assistant optimized for O11y specific generative AI guidance
  • Elastic Workflows
  • AI-assisted pipelines and parsing with Streams and Significant Events
  • Reduced storage footprint for logs, metrics, traces, and profiles
  • Universal Profiling for frictionless code-level performance data

Orchestration

  • Elastic Cloud on Kubernetes(ECK):
    • Central as-code configuration for snapshots, settings, SSO, indices, templates, pipelines, and more
    • CCS and CCR within or outside Kubernetes instance
    • Autoscaling
  • Elastic Cloud Enterprise (ECE):
    • Deploy and manage Elastic Stack via UI/API
    • Robust templating
    • Automated snapshots
    • CCS and CCR across envs and cloud
    • Users management, RBAC, SAML/SSO
    • Deployment autoscaling

Enterprise Support

  • 24/7/365 support
  • Phone and web-based support
  • 8 Support Contacts
  • Unlimited incidents
  • Target initial response time:
    • Critical: 1 hour
    • L2: 4 hours
    • L3: 1 business day

*Existing customers only

For a full list of features and authoritative tier definitions, please visit the self-managed subscriptions page.

Why upgrade to Enterprise?

Drive business value by reducing TCO, minimizing security risk, and accelerating innovation at scale

Move beyond the limitations of free deployments. Enterprise self-managed is engineered to optimize your infrastructure spend, secure your most sensitive data, and give your team the AI and machine learning tools they need to build the next generation of search, security, and observability applications.

  • Lower total cost of ownership

    Optimize spend and efficiency across any deployment. Minimize hidden operational overhead and reduce infrastructure bills by up to 80% using searchable snapshots to store years of data on low-cost object storage (S3).

  • Mitigate business and regulatory risk

    Protect your brand and avoid compliance penalties with pre-certified security controls. Unlock Audit Logging, Field-Level Security, and FIPS 140-3 compliance to satisfy GDPR, HIPAA, and FedRAMP requirements.

  • Ensure business continuity

    Minimize operational risk and resolve critical incidents faster. Get 24/7 access to Elastic support engineers with guaranteed 1-hour response SLAs and proactive guidance to keep your mission-critical apps online.

  • Scale without technical limits

    Move from "proof of concept" to production with an architecture engineered for unrestricted growth. Leverage cross-cluster search (CCS) to query unlimited data across regions without duplication or performance degradation.

  • Accelerate innovation

    Drive smarter decisions and faster time-to-market. Gain exclusive access to native AI capabilities like ELSER, Attack Discovery, and Universal Profiling. Use AI-assisted Streams to automatically surface significant events, and automate incident response with Elastic Workflows — capabilities that are not available in the free tier.

Frequently asked questions

How do paid features reduce my costs?

Self-managing a free cluster often incurs hidden costs in hardware and maintenance. Enterprise features like searchable snapshots can actually lower your total infrastructure bill by allowing you to store years of data on low-cost object storage (S3) instead of expensive hardware. Additionally, you gain access to 24/7 expert support and advanced security compliance. Not sure if paid is worth it? Contact us to examine your setup.

What happens if my self-managed cluster goes down?

On the Free tier, you rely on community forums for help. With a paid subscription, you get guaranteed access to Elastic’s support engineers with SLAs as fast as 1 hour (Platinum) or 15 minutes (Enterprise) for critical issues.

Can I use a hybrid of self-managed and cloud?

Yes. Cloud Connect allows self-managed clusters to access specific Elastic Cloud services without migrating your deployment. AutoOps, which provides automated performance monitoring and cluster health management, is available via Cloud Connect on all license tiers including Free. Access to the Elastic Inference Service (EIS), which lets you run hosted ML models for semantic search and RAG applications, requires an Enterprise licence. Cloud Connect is the practical middle ground if you want to retain control over your own infrastructure while offloading specific operational or AI workloads to Elastic Cloud.

If I start with self-managed, can I migrate to Elastic Cloud later?

Yes. You can migrate to Elastic Cloud at any time. You can choose Elastic Cloud Hosted for granular control or Elastic Cloud Serverless for a fully automated, "zero-ops" experience that eliminates version upgrades and capacity planning entirely. Transitioning to these managed services often reduces server management costs by over 90% by optimizing resource usage.

Additional resources

Want to learn more about our features, support, and more?

See exactly what we have to offer with the Elastic Stack and our solutions.