Skip to main content

Help us improve the Digital Marketplace - send your feedback

Elasticsearch

Elasticsearch Service (ESS)

It's the only hosted Elasticsearch and Kibana offering available powered by the creators of Elasticsearch. Run it on AWS, GCP or Azure & never wait for the latest versions or features. Plus get powerful free features and Elastic support you won't find anywhere else, such as Logstash and Beats.

Features

  • Built-in Security that supports Encryption and Authentication
  • Built-in Role-based Access Control and Field & Document-level Security
  • Built-in Machine Learning for Anomaly Detection on Time-Series Data
  • Built-in Graph Analytics & Reporting tools
  • Built-in Query and Machine Based Alerting, and Uptime Monitoring
  • Built-in Elastic Maps Service for Geographic Visualisation
  • Built-in Elastic-specific Monitoring Tools & APM
  • Built-in Data rollups, SQL interface
  • Built-in multi-tiered storage, including frozen and index lifecycle management
  • Elastic generative AI: Human-like content creation, real-time answers

Benefits

  • The company behind Elasticsearch, Beats, Kibana & Logstash
  • World class support from the engineering behind the Elastic Stack.
  • Centrally provision, manage, and monitor multiple clusters
  • The Elastic experience includes APM, App Search, Workplace Search
  • Advances configuration and deployment. Simple scaling, custom plugins, and architecture
  • Snapshot and restore so you know your data is secure.
  • Deploy search experiences, at scale, with speed and relevancy
  • Highly resilient, distributed data platform and search technology
  • Security analytics capability with SIEM and Endpoint

Pricing

£0.98 a unit

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@elastic.co. Tell them what format you need. It will help if you say what assistive technology you use.

Framework

G-Cloud 14

Service ID

1 9 3 8 3 0 1 0 5 6 1 9 4 9 0

Contact

Elasticsearch Mark Boschier
Telephone: 07824 848 293
Email: gcloud@elastic.co

Service scope

Service constraints
Not applicable
System requirements
Not applicable

User support

Email or online ticketing support
Email or online ticketing
Support response times
Response times vary depending on a customer's subscription level.

Urgent (Level 1) - Initial Response time:
Base subscription level - 4 business hours;
Enhanced subscription level - 1 hour 24x7;
Premium subscription level - 30 minutes 24x7;

High (Level 2) - Initial Response time:
Base subscription level - 1 business day;
Enhanced subscription level - 4 hours 24x7;
Premium subscription level - 4 hours 24x7;

Normal (Level 3) - Initial Response time:
Base subscription level - 1 business day;
Enhanced subscription level - 1 business day;
Premium subscription level - 1 business day;

https://www.elastic.co/support/welcome
User can manage status and priority of support tickets
Yes
Online ticketing support accessibility
None or don’t know
Phone support
Yes
Phone support availability
24 hours, 7 days a week
Web chat support
No
Onsite support
Yes, at extra cost
Support levels
Support Services for Elasticsearch Service include general assistance and support regarding the use of the Elasticsearch Service, provided by Elastic to customers that have purchased a subscription to use the Elasticsearch Service at either Gold, Platinum, or Enterprise Level ("Subscription Level").

Elastic offers three different "Support Levels" of Support Services based on a Customer's Subscription Level as described in the table below:

Gold Subscription Level = Base Support Level;
Platinum Subscription Level = Enhanced Support Level;
Enterprise Subscription Level = Premium Support Level
Support available to third parties
Yes

Onboarding and offboarding

Getting started
Elastic provides a range of resources to help customers get started on Elastic Cloud. These include: comprehensive documentation, webinars and videos, public trainings, private trainings, on-demand trainings, customer stories, partners, professional support, consulting, and access to Elasticsearch engineers.
Service documentation
Yes
Documentation formats
HTML
End-of-contract data extraction
Elastic Cloud customers can extract and download data in a number of formats, including CSV and PDF via the UI, or JSON via the Elasticsearch APIs. Customers may also use snapshot and restore methods to extract their data. This can be done at any time without Elastic involvement. Further information on our policies can be found in our Terms of Service.
End-of-contract process
At the end of each contract period, any remaining credits on the Customer's cloud account will be forfeited. Due to the nature of Elasticsearch Service, and to protect end users from untimely decommissioning, Elastic Cloud accounts are not automatically terminated at the end of the contract subscription period. Post-subscription, Cloud accounts will automatically convert to monthly billing and continue to incur costs at Elastic’s on-demand rates as set forth at https://cloud.elastic.co/deployment-pricing-table at the time of use, paid through PO (invoicing). To avoid being charged for active deployments after the contract end date, customers are solely responsible for deleting deployments and ensuring all data is retrieved from Elastic Cloud prior to termination of the Elastic Cloud account.

Using the service

Web browser interface
Yes
Using the web interface
Adding data to Elasticsearch;
Best practices for managing your data;
Preparing a deployment for production;
Securing your deployment;
Keeping your deployment healthy;
Snapshot and restore;
Managing your organisation;
Account and billing management;
Elasticsearch Service hardware;
Elasticsearch Service regions;
Web interface accessibility standard
None or don’t know
How the web interface is accessible
Kibana aims to meet WCAG 2.1 level AA compliance. However, we do try to take a broader view of accessibility, and go above and beyond the legal and regulatory standards to provide a good experience for all of our users.
Web interface accessibility testing
N/A
API
Yes
What users can and can't do using the API
A RESTful API is available with Elasticsearch Service, allowing customers to perform most of the operations available in the UI console through API calls. Customers can create an API key to quickly and easily authenticate, and then use the API to create and manage deployments, configure remote clusters, set up traffic filters, manage extensions, and much more. Access the API from its base URL at api.elastic-cloud.com.

Documentation can be found here: https://www.elastic.co/guide/en/cloud/current/ec-restful-api.html
API automation tools
  • Ansible
  • Chef
  • OpenStack
  • SaltStack
  • Terraform
  • Puppet
  • Other
API documentation
Yes
API documentation formats
HTML
Command line interface
Yes
Command line interface compatibility
  • Linux or Unix
  • MacOS
Using the command line interface
Customers can interact with the full RESTful API for Elasticsearch Service directly from the command line through the curl command.

More information can be found here: https://www.elastic.co/guide/en/cloud/current/ec-restful-api-command-line.html

Scaling

Scaling available
Yes
Scaling type
  • Automatic
  • Manual
Independence of resources
Docker and cgroups are used to guarantee a customer's share of the underlying resources. This ensures that customers are allocated the exact RAM, Storage, and CPU that they pay for - no more, no less.
Usage notifications
Yes
Usage reporting
  • Email
  • Other
Other usage reporting
Slack notification and notices on the deployment overview interface.

Analytics

Infrastructure or application metrics
Yes
Metrics types
  • CPU
  • Disk
  • Memory
  • Number of active instances
Reporting types
  • API access
  • Real-time dashboards

Resellers

Supplier type
Not a reseller

Staff security

Staff security clearance
Other security clearance
Government security clearance
Up to Developed Vetting (DV)

Asset protection

Knowledge of data storage and processing locations
Yes
Data storage and processing locations
  • United Kingdom
  • European Economic Area (EEA)
  • Other locations
User control over data storage and processing locations
Yes
Datacentre security standards
Complies with a recognised standard (for example CSA CCM version 3.0)
Penetration testing frequency
At least once a year
Penetration testing approach
‘IT Health Check’ performed by a Tigerscheme qualified provider or a CREST-approved service provider
Protecting data at rest
Other
Other data at rest protection approach
Data at rest for Elastic Cloud deployments is encrypted at rest using the aes-xts-plain64 algorithm (AES-256) and a minimum key length of 256 bits. Elastic's underlying cloud providers also utilise a number of mechanisms to protect data at rest.
Data sanitisation process
Yes
Data sanitisation type
Explicit overwriting of storage before reallocation
Equipment disposal approach
Complying with a recognised standard, for example CSA CCM v.30, CAS (Sanitisation) or ISO/IEC 27001

Backup and recovery

Backup and recovery
Yes
Backup controls
Snapshot lifecycle management (SLM) is the easiest way to regularly back up a cluster. An SLM policy automatically takes snapshots on a preset schedule. The policy can also delete snapshots based on retention rules defined by the customer.
Datacentre setup
Multiple datacentres with disaster recovery
Scheduling backups
Users schedule backups through a web interface
Backup recovery
Users can recover backups themselves, for example through a web interface

Data-in-transit protection

Data protection between buyer and supplier networks
TLS (version 1.2 or above)
Data protection within supplier network
TLS (version 1.2 or above)

Availability and resilience

Guaranteed availability
Gold, Platinum and Enterprise customers have a 99.95% uptime SLA. Please request Elastic's "Service Level Agreement" for more information.
Approach to resilience
An Elastic Cloud cluster running across 3 data centres would be a single Elasticsearch cluster, with a copy of the data residing in each availability zone, all replicating one another and being load balanced by the endpoint.
Outage reporting
Any operational outages are updated live on the Elastic Cloud status page.

Identity and authentication

User authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Username or password
Access restrictions in management interfaces and support channels
Native authentication, 2-factor authentication, Role-Based Access Controls, and field & document level security.
Access restriction testing frequency
At least once a year
Management access authentication
  • 2-factor authentication
  • Public key authentication (including by TLS client certificate)
  • Dedicated link (for example VPN)
  • Username or password
Devices users manage the service through
Directly from any device which may also be used for normal business (for example web browsing or viewing external email)

Audit information for users

Access to user activity audit information
Users contact the support team to get audit information
How long user audit data is stored for
Between 1 month and 6 months
Access to supplier activity audit information
Users contact the support team to get audit information
How long supplier audit data is stored for
Between 1 month and 6 months
How long system logs are stored for
Between 1 month and 6 months

Standards and certifications

ISO/IEC 27001 certification
Yes
Who accredited the ISO/IEC 27001
Coalfire Certification, Inc
ISO/IEC 27001 accreditation date
Available upon request
What the ISO/IEC 27001 doesn’t cover
Available upon request
ISO 28000:2007 certification
No
CSA STAR certification
Yes
CSA STAR accreditation date
Available upon request.
CSA STAR certification level
Level 2: CSA STAR Attestation
What the CSA STAR doesn’t cover
Available upon request.
PCI certification
Yes
Who accredited the PCI DSS certification
Coalfire Systems, Inc.
PCI DSS accreditation date
Available upon request
What the PCI DSS doesn’t cover
Available upon request.
Cyber essentials
No
Cyber essentials plus
No
Other security certifications
Yes
Any other security certifications
  • SOC2 Type II
  • HIPAA

Security governance

Named board-level person responsible for service security
Yes
Security governance certified
Yes
Security governance standards
ISO/IEC 27001
Information security policies and processes
Elastic has an extensive security programme, led by Elastic's CISO, and is supported by the company's Information Security Staff, VP of Legal, and Director of Product, Security Market. This also includes Elastic’s Data Protection Officer for its European operations. The Elastic security programme includes the ability to monitor changes to the regulatory requirements in relevant jurisdictions, adjusting the security programme for changes to legal requirements, and ensuring compliance with relevant regulatory requirements. Elastic's Information Security Governance Policy and Standards align with the ISO 27001 framework and includes the following: Information Security Governance Policy; Privacy policy; Access Control Standard; Asset Management Standard; Change Management Standard; Vulnerability Management Standard; Data Classification Standard; Security Analysis and Logging Standard; Incident Management Standard; Supplier Assessment Standard.

Operational security

Configuration and change management standard
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Configuration and change management approach
Elastic’s Change Management Standard is designed to control and manage the propagation of software and infrastructure changes to a production environment. Changes proposed are reviewed, authorised, tested, implemented, and released in a controlled manner, and the status of each proposed change is documented and monitored. The requirements related to Emergency Changes and Systems Development Life Cycle (SDLC) are also included. This is the overall process of developing, implementing, and retiring information systems through a multistep process from initiation, analysis, design, implementation, and maintenance to disposal.
Vulnerability management type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Vulnerability management approach
Vulnerability assessment and scanning tools are used within the Elastic Cloud environment. Elastic’s vulnerability management process follows CVE as the industry standard and, as a CVE CNA, Elastic regularly conducts third-party code reviews of our products, runs a bug bounty program, and accepts external reports from anyone regarding the security of our software. Elastic also follows a documented process to respond to vulnerability and other security-related events. A remediation plan is developed and changes are implemented to remediate all critical and high vulnerabilities at a minimum.
Protective monitoring type
Conforms to a recognised standard, for example CSA CCM v3.0 or SSAE-16 / ISAE 3402
Protective monitoring approach
Elastic's internal Security Incident Event Monitoring System provides centralised log correlation analysis merging different sources which provides alerting on abnormal behaviour affecting systems performance and security. Responses follow our internal security incident management process. More details about this control are available in our independently audited SOC2 Type 2 report that can be requested via an Elastic representative.
Incident management type
Conforms to a recognised standard, for example, CSA CCM v3.0 or ISO/IEC 27035:2011 or SSAE-16 / ISAE 3402
Incident management approach
Elastic has developed and distributed security incident policies and procedures which are communicated to authorised users. We respond to identified security incidents by executing a defined incident response plan to understand, contain, remediate, and communicate security incidents, as appropriate. Security incidents are logged, tracked, resolved, and communicated to affected parties by management according to Elastic's security incident response policy. More details about this control are available in our independently audited SOC2 Type 2 report that can be requested via an Elastic representative.

Secure development

Approach to secure software development best practice
Independent review of processes (for example CESG CPA Build Standard, ISO/IEC 27034, ISO/IEC 27001 or CSA CCM v3.0)

Separation between users

Virtualisation technology used to keep applications and users sharing the same infrastructure apart
No

Energy efficiency

Energy-efficient datacentres
Yes
Description of energy efficient datacentres
Elastic utilises Infrastructure as a Service providers (IaaS) and does not maintain its own datacentres. Elastic Cloud customers have the flexibility to choose between three underlying IaaS providers (AWS, Google Cloud, and Microsoft Azure) and the geographical region for their data on a per-deployment basis.

Each of these three providers has sustainability-related commitments
for each of their platforms, which enable users like us to
operate with increased carbon efficiency. For example, AWS’s
public statements disclose that it has a target to power its
datacentres using 100% renewable energy by 2025, which, in
turn, will reduce AWS's carbon footprint by 88% compared to
using consumed electricity. Microsoft Azure and Google Cloud
have very similar initiatives in place, which not only incorporate
renewable energy and greenhouse gas emissions reduction
targets but also include objectives related to water, waste, and
preventing deforestation.

Social Value

Social Value

Social Value

  • Fighting climate change
  • Equal opportunity

Fighting climate change

As a software company, we believe that our products can enable positive environmental change. The technological services Elastic offer are not only efficient, but can also contribute towards industry decarbonization. This year, Elastic calculated our carbon emissions for the first time, helping us better understand our current impact, as well as how we can set and achieve future emission targets. In 2023, Elastic formalised its commitment to the Science Based Target initiative (SBTi). The commitment sets Elastic on the path toward meaningful targets and reduction. Elastic’s business strategy provides relatively low-carbon advantages, helping to minimise our impacts.
Our distributed workforce can have significantly lower carbon impacts when compared against emissions from commuting and large office footprints. Our cloud-first approach leverages some of the most efficient data hosting available from the leading hyperscalers.

Equal opportunity

At Elastic, we are strengthened by the differences that define us. We celebrate the limitless dimensions inherent to our Elasticians and aspire to build a team with a wide breadth and depth of diversity, including representation, that reflects our customers and communities around the globe. Our commitment to fair pay is the foundation of our compensation philosophy and informs our pay decisions around the globe. This means paying people fairly for the job they perform without regard to gender or race/ethnicity. We believe in this so strongly that we partner with an external consultant to conduct fair pay analysis on a regular basis using established job groupings and control factors to ensure appropriate comparisons. We look at gender globally and race and ethnicity for employees in the U.S., and we account for factors to ensure appropriate comparisons. We are pleased to report that women globally earn $0.99 for every $1.00 earned by men for similar work. We are also happy to report the same is true for underrepresented groups (URG) in the U.S., where underrepresented group employees earned $0.98 for every $1.00 earned by non-underrepresented group (non-URG) employees for similar work. As further demonstration of our commitment to fair pay, in the United States we include salary ranges in all job postings across all states and Washington DC to ensure a level playing field for every applicant. Outside of the United States, we conduct
country-specific analysis in accordance with local practice. We have published our French Gender Pay Gap Index for the past four years with a strong score of 93 out of 100 in our most recent analysis.
Across Elastic, we take pride in our compensation practices. We are steadfast in our commitment to providing fair pay for all Elasticians.

Pricing

Price
£0.98 a unit
Discount for educational organisations
No
Free trial available
Yes
Description of free trial
Elastic offers a 14-day free trial with up to 360GB of storage so you can play and experience the value Elastic provides.

Due to data limitations, AI and machine learning features in the trial are limited.
Link to free trial
https://cloud.elastic.co/registration

Service documents

Request an accessible format
If you use assistive technology (such as a screen reader) and need versions of these documents in a more accessible format, email the supplier at gcloud@elastic.co. Tell them what format you need. It will help if you say what assistive technology you use.