Rock solid enterprise security on all levels
Search Guard gives you full security control over your entire Elasticsearch environment. Whether you just want to encrypt data in transit, authenticate users against Active Directory, use Kerberos or JSON web tokens for Single Sign On or need to monitor and log malicious access attempts, Search Guard is your one-stop-shop solution.
180+
Customers
30+
Countries
5M+
Downloads
Search Guard puts “Security First”. Your data is too valuable and sensitive to take any shortcut.
Completely
Open Source
Worried about backdoors or hidden functionalities? Want to check that Search Guard does not “call home”? Need to do an internal audit before using it in production? We think that security software has to be Open Source by definition, so all of our code is available for you to download, inspect, evaluate and audit.
Compliance
Features
Security compliance regulations like GDPR, HIPAA, PCI-DSS or SOX require a business to protect, track and control access to sensitive data. Search Guard offers an extensive range of features that will help you to meet the technical requirements of compliance regulations.
Fortune
500 companies
A wide variety of enterprises, from Fortune 500 companies to the most innovative start-ups around the world, are trusting in Search Guard to secure their environments, and for good reason. Search Guard runs on high-scale mission-critical production clusters protecting sensitive data in the finance, healthcare, pharmaceutical, aviation, telecommunications, security, and data intelligence sectors.
What do you get with Search Guard?
Search Guard is your one-stop-shop solution when it comes to security and compliance. Versatile, flexible and battle-proven.
Search Guard is licensed per production cluster, not per node. The license has no node-limit, so you don’t need to worry about ever increasing prices. Scale your cluster, not your cost! All other systems, like development, staging, integration, test and the like, are also included at no additional cost.
We support TLS encryption for all data in transit, on REST and also on Transport layer. Make sure your traffic cannot be stolen or tampered with, and that only trusted nodes can join your cluster. Take the first step towards compliance!
Search Guard supports encryption at rest on a file system level by using libraries like dm-crypt.
Leverage your existing Active Directory or LDAP servers for Elasticsearch authentication and authorization. Our flexible configuration makes it possible to map nearly any Directory structure to Search Guard roles. We support role subtrees, attribute-based roles and also nested roles.
Especially in Windows environments, Kerberos is the authentication method of choice. Search Guard supports Kerberos and SPNEGO natively, so it integrates perfectly with any Windows-based Single Sign On infrastructure.
Search Guard provides fine-grained role-based access to any index in your cluster. Control exactly what a user is able to do with your valuable data by using either pre-defined permission sets like READ, WRITE, DELETE, or by granting access based on individual Elasticsearch actions.
Document-level security restricts a user’s access to certain documents within an index. Field-level security enables you to include or exclude fields from the documents in the search result. This gives you full control over which roles can see what data, all the way down to individual fields.
Audit logging enables you to track access to your Elasticsearch cluster, log security related events and provide evidence in case of an attack. Audit logging helps you to stay compliant with security regulations like GDPR, HIPAA, ISO, PCI or SOX.
Document-level security restricts a user’s access to certain documents within an index. Field-level security enables you to include or exclude fields from the documents in the search result. This gives you full control over which roles can see what data, all the way down to individual fields.
Sometimes logging audit events is not enough, and you need to keep track of what is going on in your cluster at a deeper level. For example, to maintain compliance with GDPR. Search Guard can monitor and store any read or write access at document and field level. You know exactly which user has seen or modified which documents and fields, and when. This is compliance implemented in the right way.
Any change to your Elasticsearch and Search Guard infrastructure can be monitored and recorded. Need to prove that your security configuration has not been altered? Want to know what access permissions a particular role had seven months ago? Or need to make sure that critical security patches have been installed on time? Our compliance features enable you to do all of these things.
Before returning results to the client Search Guard can anonymise fields on a per-role basis. No need to anonymise at ingest time anymore!
Tired of Kibana users being able to see all your dashboards and visualizations? Meet Search Guard multitenancy, which allows you to set up different spaces in Kibana which are only accessible for certain roles. Want to separate dashboards by department or role? With Search Guard multitenancy you can!
We support Kibana Single Sign-On and offer a variety of technologies to choose from, including SAML, OpenID, Kerberos, JWT or Proxy authentication.
Search Guard supports SAML and integrates perfectly with identity providers like Okta, Auth0, Keycloak, OneLogin or any other SAML compliant provider.
JSON Web Tokens (JWT) are an open, industry standard method for implementing lightweight Single Sign On solutions. We support JWT out of the box, so Search Guard integrates perfectly with any Identity Provider that supports JWT or OpenID.
The REST management API is a great tool to automate the management of users, roles and permissions in your running cluster. Integrate Search Guard with tools like Ansible, Chef or Puppet, or configure any aspect of Search Guard with a simple curl command.
Search Guard can be configured by using our powerful command line tools from any machine that has access to your cluster. But sometimes you want a more visual way of configuration, or give your users and customers self-access. Meet our Kibana-based configuration GUI which makes it super-easy to manage all aspects of Search Guard.
Search Guard is compatible with the Elastic stack, including Kibana, Logstash, Beats and X-Pack.
Search Guard is compatible with Cross Cluster Search and tribe nodes. You can use all Search Guard features without limitations.
Search Guard runs perfectly on virtualised or containerised environments like Docker or AWS.
Our licensing model
Search Guard offers several licensing models to fit your infrastructure and requirements.

Search Guard
Community Edition
Your basic needs are covered,
completely free of charge.

Search Guard
Enterprise Edition
Unlimited nodes.
Scale your cluster, not your cost.
If you need a custom solution because your infrastructure
doesn’t fit in with any of the editions, get in touch with us.
If you need an academic license, please fill in the form here.
Search Guard in use
Search Guard is in use worldwide, by companies of all sizes and in a broad range of industry sectors.

Main industry sectors
Finance
Healthcare
Science
Governmental
Big Data
Aerospace
E-Commerce
Legal
Telecommunications
Education
What people say
Sign up for our newsletter
Sign up for the Search Guard newsletter. We will only send out useful updates, and never spam you. And that's a promise!