Is your Elasticsearch use affected

Elasticsearch sits at the center of search, logging, and observability in a vast number of enterprises, which is exactly why its license change mattered so widely. The component is often buried under a logging stack or an internal search feature that a team set up years ago and rarely revisits. That is the problem in miniature. The software kept running while the terms underneath it moved, and most organizations never went back to check. Working out whether you are affected is mostly a matter of looking carefully at what you actually run.

What changed in 2021

As of 2021, Elastic moved Elasticsearch and Kibana from the Apache 2.0 license to a dual model under the Server Side Public License and the Elastic License, beginning with version 7.11. Apache 2.0 is a permissive open source license that places almost no conditions on use. The Server Side Public License is a source available license that is not approved by the Open Source Initiative, and its central condition targets parties that offer the software as a service to others. In response, AWS led a fork, OpenSearch, which keeps Elasticsearch and Kibana functionality under Apache 2.0. Elastic later added an open license option as well, which means a recent release may be available under more than one set of terms. Source available is not the same as open source, and that distinction is the heart of the matter.

The version test: which releases are affected

The first thing to check is your version. Anything you run from 7.11 onward is offered under the Server Side Public License and the Elastic License rather than Apache 2.0. Anything before that point remains under Apache 2.0. This sounds simple, and for a single deployment it is, but most organizations run many Elasticsearch instances of different ages, installed by different teams, sometimes pulled in transitively by another tool that bundles it. A logging appliance, a monitoring stack, and an internal search service can each carry a different version. The version test only helps once you know every place Elasticsearch runs, which is why the inventory comes before the analysis.

The deployment test: how you use it

The second thing to check is how you deploy. For ordinary internal use, indexing your own logs, powering search inside your own application, running observability for your own systems, the Server Side Public License generally permits the use. The provision that draws scrutiny applies to offering Elasticsearch as a managed or hosted service to third parties. If you provide a product where customers consume Elasticsearch functionality as a service, you are closer to the use the license is designed to restrict, and that case warrants careful review. The pattern mirrors the rest of the relicensing wave: the restriction is aimed at competitive service offerings, and most internal deployments fall on the permitted side. The boundary, however, is a legal question, so any deployment that resembles a service offering belongs with your counsel.

Where the hidden exposure usually sits

The exposure that surprises people is rarely the obvious cluster the platform team manages. It is the Elasticsearch that arrived inside something else. A third party appliance that bundles it, a software product you acquired that embeds it, a customer facing feature that quietly exposes search functionality outward. These are the deployments that escape the inventory and surface later, often during an acquisition or a vendor review. The way to find them is a complete dependency map that sees transitive and bundled components, not just the instances someone deliberately stood up. Without that map you are answering the affected question for the deployments you remember rather than the ones you run.

What to do once you know

When the mapping is done, the response is straightforward to scope. For internal deployments that are clearly permitted, document the position so it holds up if questioned later. For any deployment near the service line, take it to your counsel and size the exposure. Where you want to return to a permissive open source license, OpenSearch is the established path, and its migration cost depends on which Elastic specific features you depend on. The decision is the same shape as elsewhere in this space: stay, adopt the open license option, license commercially, or migrate, each weighed on obligation, cost, and effort. For the wider context, read our pillar on Redis and Elastic database licensing, and for related reading see Redis and the AGPL reversal, assessing database license exposure in production, and vector database licensing risk to watch.