Rock solid enterprise security on all levels

Search Guard gives you full security control over your entire Elasticsearch environment. Whether you just want to encrypt data in transit, authenticate users against Active Directory, use Kerberos or JSON web tokens for Single Sign On or need to monitor and log malicious access attempts, Search Guard is your one-stop-shop solution.







View plans & pricing Read the official documentation

Search Guard puts “Security First”. Your data is too valuable and sensitive to take any shortcut.

Open Source


Worried about backdoors or hidden functionalities? Want to check that  Search Guard does not “call home”? Need to do an internal audit before using it in production? We think that security software has to be Open Source by definition, so all of our code is available for you to download, inspect, evaluate and audit.



Security compliance regulations like GDPR, HIPAA, PCI-DSS or SOX require a business to protect, track and control access to sensitive data. Search Guard offers an extensive range of features that will help you to meet the technical requirements of compliance regulations.

500 companies


A wide variety of enterprises, from Fortune 500 companies to the most innovative start-ups around the world, are trusting in Search Guard to secure their environments, and for good reason. Search Guard runs on high-scale mission-critical production clusters protecting sensitive data in the finance, healthcare, pharmaceutical, aviation, telecommunications, security, and data intelligence sectors.

What do you get with Search Guard?

Search Guard is your one-stop-shop solution when it comes to security and compliance. Versatile, flexible and battle-proven.

Search Guard is licensed per production cluster, not per node. The license has no node-limit, so you don’t need to worry about ever increasing prices. Scale your cluster, not your cost! All other systems, like development, staging, integration, test and the like, are also included at no additional cost.

Read more

We support TLS encryption for all data in transit, on REST and also on Transport layer. Make sure your traffic cannot be stolen or tampered with, and that only trusted nodes can join your cluster. Take the first step towards compliance!

Read more

Search Guard supports encryption at rest on a file system level by using libraries like dm-crypt.

Leverage your existing Active Directory or LDAP servers for Elasticsearch authentication and authorization. Our flexible configuration makes it possible to map nearly any Directory structure to Search Guard roles. We support role subtrees, attribute-based roles and also nested roles.

Read more

Especially in Windows environments, Kerberos is the authentication method of choice. Search Guard supports Kerberos and SPNEGO natively, so it integrates perfectly with any Windows-based Single Sign On infrastructure.

Read more

Search Guard provides fine-grained role-based access to any index in your cluster. Control exactly what a user is able to do with your valuable data by using either pre-defined permission sets like READ, WRITE, DELETE, or by granting access based on individual Elasticsearch actions.

Read more

Document-level security restricts a user’s access to certain documents within an index. Field-level security enables you to include or exclude fields from the documents in the search result. This gives you full control over which roles can see what data, all the way down to individual fields.

Read more

Audit logging enables you to track access to your Elasticsearch cluster, log security related events and provide evidence in case of an attack. Audit logging helps you to stay compliant with security regulations like GDPR, HIPAA, ISO, PCI or SOX.

Read more

Document-level security restricts a user’s access to certain documents within an index. Field-level security enables you to include or exclude fields from the documents in the search result. This gives you full control over which roles can see what data, all the way down to individual fields.

Read more

Sometimes logging audit events is not enough, and you need to keep track of what is going on in your cluster at a deeper level. For example, to maintain compliance with GDPR. Search Guard can monitor and store any read or write access at document and field level. You know exactly which user has seen or modified which documents and fields, and when. This is compliance implemented in the right way.

Read more

Any change to your Elasticsearch and Search Guard infrastructure can be monitored and recorded. Need to prove that your security configuration has not been altered? Want to know what access permissions a particular role had seven months ago? Or need to make sure that critical security patches have been installed on time? Our compliance features enable you to do all of these things.

Read more

Before returning results to the client Search Guard can anonymise fields on a per-role basis. No need to anonymise at ingest time anymore!

Read more

Tired of Kibana users being able to see all your dashboards and visualizations? Meet Search Guard multitenancy, which allows you to set up different spaces in Kibana which are only accessible for certain roles. Want to separate dashboards by department or role? With Search Guard multitenancy you can!

Read more

We support Kibana Single Sign-On and offer a variety of technologies to choose from, including SAML, OpenID, Kerberos, JWT or Proxy authentication.

Search Guard supports SAML and integrates perfectly with identity providers like Okta, Auth0, Keycloak, OneLogin or any other SAML compliant provider.

Read more

JSON Web Tokens (JWT) are an open, industry standard method for implementing lightweight Single Sign On solutions. We support JWT out of the box, so Search Guard integrates perfectly with any Identity Provider that supports JWT or OpenID.

Read more

The REST management API is a great tool to automate the management of users, roles and permissions in your running cluster. Integrate Search Guard with tools like Ansible, Chef or Puppet, or configure any aspect of Search Guard with a simple curl command.

Read more

Search Guard can be configured by using our powerful command line tools from any machine that has access to your cluster. But sometimes you want a more visual way of configuration, or give your users and customers self-access. Meet our Kibana-based configuration GUI which makes it super-easy to manage all aspects of Search Guard.

Read more

Search Guard is compatible with the Elastic stack, including Kibana, Logstash, Beats and X-Pack.

Search Guard is compatible with Cross Cluster Search and tribe nodes. You can use all Search Guard features without limitations.

Read more

Search Guard runs perfectly on virtualised or containerised environments like Docker or AWS.

Our licensing model

Search Guard offers several licensing models to fit your infrastructure and requirements.

Search Guard

Community Edition

Your basic needs are covered,
completely free of charge.

Install now!

Search Guard

Enterprise Edition

Unlimited nodes.
Scale your cluster, not your cost.

Get a quote now!

Search Guard

Compliance Edition

Stay compliant with
Data Protection Regulations.

Get a quote now!

If you need a custom solution because your infrastructure
doesn’t fit in with any of the editions, get in touch with us.
If you need an academic license, please fill in the form here.

Find a distribution partner near you Interested in an OEM contract?

Search Guard in use

Search Guard is in use worldwide, by companies of all sizes and in a broad range of industry sectors.

Main industry sectors





Big Data






What people say

  • “Search Guard met all of our needs and more. Not only have we found open source tools that meet our needs, but we’ve found a partner that’s worked with us through the development of the new platform. They’ve been responsive and engaged every step of the way.”

    Steve Croce, Senior Product Manager and Head of User Experience ObjectRocket
  • “Security is paramount to the protection of our customer’s data. ICHEC chose Search Guard to protect its ELK-Stack environment because of its Single Sign-On authentication integration, access control measures and audit features. The licensing model is also flexible as we continue to grow our services.”

    Tim Murphy, System Administrator Irish Centre for High-End Computing (ICHEC)
  • "Search Guard makes it possible for us to use the ELK-Stack in a productive environment. We chose Search Guard primarily because of the Active Directory and role-permission features. We find their licensing model incredibly helpful, as well as the fact that we are able to use an unlimited amount of nodes."

    Arno Haß, Project Manager Max-Delbrück-Centre for molecular medicine
  • “Security is the prerequisite for every project in the IT industry, especially when it comes to data. HEAnet chooses Search Guard to protect its ELK cluster because it provides node-to-node encryption (TLS) and more features such as multi-tenancy, compliance, unlike its competitors who only provide security on the REST layer.”

    Yasvanth Babu, Middleware System Administrator HEAnet CLG
  •  “We've chose SearchGuard because it matches our values of technical rigour, openness, and auditability. It's enabled us to ensure that data in transit is secure against eavesdropping in off-prem environments, to implement verifiable and granular access to our Elastic clusters, and most importantly to give our analysts access to restricted data sets with confidence that PII remains protected and confidential.”

    Tom Deflect (DDoS protection CDN) & Deflect Labs (DDoS research)
  • "The Steinbuch Centre for Computing at KIT is using Search Guard to secure Elasticsearch instances operated in the World Wide LHC Computing Grid Tier-1 center "GridKa" and in the Large Scale Data Facility. Without fine-grained access control we would be unable to expose Elasticsearch to individual users or use single instances for both private and public data. The multitenancy features for Kibana offered by Search Guard are specially useful, enabling us to also use Kibana for public dashboards."

    Andreas Petzold, Manager Tier-1 Center Karlsruhe Institute of Technology (KIT) Steinbuch Centre for Computing (SCC)
  • "The protection of personal information is very important at the British School of Bucharest. After extensive research we have come to the conclusion that Search Guard, is the best option in order to protect our ELK stack. Being an open source software, with very good documentation and features to help with compliance, including GDPR, we believe Search Guard is a must for any business that wants to stay on top of their IT systems security."

    Alexandru Voinea, IT Manager British School of Bucharest

Sign up for our newsletter

Sign up for the Search Guard newsletter. We will only send out useful updates, and never spam you. And that's a promise!