OpenSource Risk Experts
Map your blast radius

CASE STUDY

A logistics company migrates Elasticsearch to OpenSearch.

An anonymised composite. After Elasticsearch and Kibana moved to the Server Side Public License, a logistics company chose to migrate Elasticsearch to OpenSearch rather than accept open ended commercial terms. This is how it mapped the exposure, sized the cost, and moved without disrupting shipment tracking.

Situation

The organization is a mid market logistics and freight forwarding company operating across several regions. Elasticsearch and Kibana sat at the center of its operations: shipment tracking search, warehouse event logging, and the dashboards that operations teams watched in real time. The platform had been adopted years earlier under the Apache 2.0 license and treated as ordinary open source infrastructure, with new indices and services added on top as the business grew.

The exposure or trigger

Elasticsearch and Kibana moved from Apache 2.0 to the Server Side Public License and the Elastic License in 2021. Source available is not open source, and the Server Side Public License is not approved by the Open Source Initiative. The logistics company had continued to upgrade through the change without recording it as a licensing event. The trigger came when a customer facing tracking portal was scoped, which raised the question of whether exposing search to external parties crossed a restricted use, and whether a commercial license would soon be unavoidable.

Leadership needed clear answers. Which deployments carried genuine exposure, what a commercial license might cost against the planned external use, and whether a migration could be done without putting shipment tracking at risk during peak season.

Approach

Work began with an open source license risk assessment that built the dependency tree and recorded the license state of every Elasticsearch and Kibana instance. A relicensing exposure review then mapped the blast radius and separated true exposure from harmless internal use.

  • Each deployment was classified by how it was used, because the license trigger depends on use, not mere presence.
  • The planned external tracking portal was modeled against the service condition that drives the sharpest exposure.
  • Every material finding received a cost of exposure and a cost to cure.
  • Migration to OpenSearch was weighed against a commercial license on cost, timeline, and operational risk.

The analysis showed that the internal logging and dashboard deployments carried no live trigger, but the planned external portal would have moved the company toward terms that favored the vendor. Migrating to OpenSearch, the community fork led by AWS, returned the affected workloads to an open license and removed the dependency on future Elastic commercial terms before the external use began. The recommended path was a sequenced migration paired with a governance layer to catch the next change. The background sits in the OpenSearch fork story.

Outcome

The company migrated its search, logging, and dashboard workloads to OpenSearch on a sequenced plan that protected operations. Non critical indices moved first to validate the approach, a period of dual running confirmed parity on query results and dashboard behavior, and the shipment tracking workloads moved last during low volume windows. Each step stayed reversible until parity was proven, so peak season was never exposed to an untested cutover.

The quantified result was a search and tracking estate back under an open license, a removed dependency on Elastic commercial terms for the migrated workloads, and an avoided commercial license whose projected cost had been the original concern. The external tracking portal launched on OpenSearch with no licensing question attached. The cost to cure, mostly engineering time across a planned quarter, came in below the multi year commercial license the company had feared.

Lessons for buyers

  • A planned new use, such as an external portal, can turn dormant exposure into a live trigger. Model the change before you build it.
  • A credible fork such as OpenSearch is both a migration path and negotiation leverage. Having it changes the economics.
  • Sequencing and dual running let you migrate a critical data layer without betting operations on a single cutover.
  • Sizing the cost to cure against the projected commercial license prevents an expensive default to paying.
  • A governance layer turns a one time migration into lasting protection against the next relicense.

For the wider pattern, read the Redis and Elastic database licensing pillar and database relicensing as a pattern. For a related remediation, see how a healthcare system remediated its Elastic SSPL exposure, or browse all case studies.

COMMON QUESTIONS

Questions buyers ask.

Why did the logistics company migrate Elasticsearch to OpenSearch?

Elasticsearch and Kibana moved to the Server Side Public License and the Elastic License in 2021. The logistics company wanted to return its search and tracking workloads to an open license and remove its dependency on future Elastic commercial terms, so it migrated to OpenSearch, the AWS led fork.

How was the OpenSearch migration carried out without disruption?

The migration was sequenced. Non critical indices moved first to validate the approach, dual running confirmed parity, and shipment tracking workloads moved last during low volume windows. Each step was reversible until parity was proven.

Is this a real named client?

No. This is an anonymised composite drawn from common patterns in logistics and supply chain operations. It does not describe a specific named organization.

Is this case study legal advice?

No. It describes commercial and licensing risk advisory work, not legal advice. For interpretation of license terms, organizations should engage their own counsel.

CONTAINMENT

Plan your OpenSearch move before a new use triggers it.

A confidential open source license risk assessment. Independent, buyer side, paid only by you.

Not ready to talk? Read the free open source license risk guides first.

Map your exposure