Elastic Features¶
Many folks have asked if they could switch from the open source version of the Elastic Stack to the Features version licensed under the Elastic license (formerly known as X-Pack). Starting with our Elastic 6.8.2 release, we have a script called so-elastic-features that will walk you through this. If you want to do this manually, you can do the following:
- First, please review the Elastic Features license:
https://github.com/elastic/elasticsearch/blob/6.7/licenses/ELASTIC-LICENSE.txt
Next, you should make sure that all updates have been installed:
sudo soup
If soup prompts to reboot, please do so.
Verify that everything is working properly before continuing.
Edit
/etc/nsm/elasticdownload.confusing your favorite text editor and changeDOCKERHUBfromsecurityonionsolutionstosecurityonionsolutionselas:DOCKERHUB="securityonionsolutionselas"
Run soup again to download the new Docker images for Elastic Features:
sudo soup
Once soup has downloaded the new Docker images, it should restart your Docker containers.
Kibana should now have some new features on the left side.
Q&A¶
- Is Elastic Features open source?
No, it is not open source. It is licensed under the Elastic license: https://github.com/elastic/elasticsearch/blob/6.7/licenses/ELASTIC-LICENSE.txt
- What does this mean for Security Onion licensing?
Security Onion continues to be free and open source and will continue to default to the open source version of the Elastic Stack. If you choose to switch to Elastic Features (not open source), you may do so using the instructions above.
- If I switch to Elastic Features, is this a trial license?
If you switch to Elastic Features, you can remain on the BASIC license for free forever or you can choose to upgrade to a paid subscription. For more information about Elastic Features subscription levels, please see: https://www.elastic.co/subscriptions