Sold by: Elastic
Deployed on AWS
Single unified agent to collect and send data to Elastic.
4.4
Overview
Elastic helps you collect all forms of data for observability and security with a single unified agent and helps you transform it into actionable insights.
Highlights
- Single agent to install and scale for ingestion of data into Elasticsearch in order to obtain insights within seconds of installation.
- Enabled by Fleet, a scalable central management console that facilitates the life cycle management of agents as lightweight data collectors. Fleet provides a web-based UI to add and manage agents and integrations providing a secure and easy setup that is centrally managed at scale. Deploy agent upgrades and policies across hundreds of thousands of agents at runtime and get real-time updates on all your agents by tracking the agent status, configuration, overhead, processes, versions, and more.
- A single unified agent that empowers Security, Observability and Search use cases. Save time with streamlined data collection across all layers and data types. Deploy endpoint security seamlessly across your infrastructure. Simplify architecture for scale, automation, and build efficiency. Embed endpoint security within your release processes without slowing down application development.
Details
Sold by
Categories
Delivery method
Supported services
Delivery option
Elastic Agent EKS Addon
Latest version
Operating system
Linux
Deployed on AWS
New
Introducing multi-product solutions
You can now purchase comprehensive solutions tailored to use cases and industries.
Features and programs
Financing for AWS Marketplace purchases
AWS Marketplace now accepts line of credit payments through the PNC Vendor Finance program. This program is available to select AWS customers in the US, excluding NV, NC, ND, TN, & VT.
Pricing
This product is available free of charge. Free subscriptions have no end date and may be canceled any time.
Additional AWS infrastructure costs may apply. Use the AWS Pricing Calculator to estimate your infrastructure costs.
Vendor refund policy
Elastic Agent is Free of charge and therefore a refund is not applicable.
Legal
Vendor terms and conditions
Upon subscribing to this product, you must acknowledge and agree to the terms and conditions outlined in the vendor's End User License Agreement (EULA) .
Content disclaimer
Vendors are responsible for their product descriptions and other product content. AWS does not warrant that vendors' product descriptions or other product content are accurate, complete, reliable, current, or error-free.
Delivery details
Elastic Agent EKS Addon
Supported services: Learn more
- Amazon EKS
EKS add-on
An add-on is software that provides supporting operational capabilities to Kubernetes applications but isn't specific to the application. This includes software like observability agents or Kubernetes drivers that allow the cluster to interact with underlying AWS resources for networking, compute, and storage. Add-on software is typically built and maintained by the Kubernetes community, cloud providers like AWS, or third-party vendors. Amazon EKS add-ons provide installation and management of a curated set of add-ons for Amazon EKS clusters. All Amazon EKS add-ons include the latest security patches and bug fixes, and are validated by AWS to work with Amazon EKS. Amazon EKS add-ons allow you to consistently ensure that your Amazon EKS clusters are secure and stable and reduce the amount of work that you need to do to install, configure, and update add-ons.
Additional details
Resources
Vendor resources
Support
Vendor support
Detailed information on Elastic support is available at elastic.co/support/welcome. Our support engineers are here to help and can be reached via email at support@elastic.co .
AWS infrastructure support
AWS Support is a one-on-one, fast-response support channel that is staffed 24x7x365 with experienced and technical support engineers. The service helps customers of all sizes and technical abilities to successfully utilize the products and features provided by Amazon Web Services.
Similar products
Milvus, the world most popular open-source vector database (42k+ GitHub stars), now offers an official fully managed service: Zilliz Cloud, built by the original Milvus team. Purpose-built for GenAI embedding workloads and trusted by 10,000+ organizations, Zilliz delivers hybrid search and sub-10 ms latency at billion-vector scale. Enjoy a monthly Free Tier (5GB storage, 2.5M vCUs) or try Serverless/Dedicated free for 30 days, cancel anytime.
This is a repackaged open source software product wherein additional charges apply for support provided by Fifty Clouds. The Amazon ECS-Optimized Amazon Linux 2023 (AL2023) x86_64 AMI is a specialized Amazon Machine Image (AMI) designed to provide optimal performance, security, and compatibility for containerized applications running on Amazon Elastic Container Service (ECS). Built on top of Amazon Linux 2023 (AL2023), this AMI includes ECS agent pre-installed and configured for seamless integration with ECS, ensuring efficient orchestration and management of Docker containers.
Structured agent access to Elasticsearch: Query indices using natural language via a standardized protocol -- no custom APIs needed
This is a repackaged open source software product wherein additional charges apply for support provided by Fifty Clouds. The Amazon ECS-Optimized Amazon Linux 2 AMI is a customized, high-performance image designed specifically to run containerized applications in Amazon Web Services (AWS) environments. Optimized for use with Amazon Elastic Container Service (ECS), this AMI is built on the robust and secure foundation of Amazon Linux 2 and includes Docker pre-installed, alongside essential ECS agent software and related dependencies.
Customer reviews
Delonte J.
Streamlined Security Investigations with Elastic
Reviewed on Feb 12, 2026
Review provided by G2
What do you like best about the product?
I appreciate the ability to visualize data and turn it into actionable intelligence with Elastic Security. We use it to create dashboards that monitor our security posture, attack surface, and threat landscape. The integration with our incident management system is seamless, and the setup was simple and straightforward. Elastic Security has allowed our team to conduct investigations more efficiently.
What do you dislike about the product?
I find building sequencing rules where multiple events must occur in order over a given time challenging.
What problems is the product solving and how is that benefiting you?
I use Elastic Security to efficiently investigate and detect security incidents. It allows us to visualize data, creating dashboards to monitor our security posture and turn insights into actionable intelligence.
Information Technology and Services
Easy Alert Management and Powerful Cases for Security Investigations
Reviewed on Feb 12, 2026
Review provided by G2
What do you like best about the product?
You can manage the alerts in an easy way. From alerts panel you can have all the information needed for a security investigation. Also, with the cases feature, you can create your own database of alerts
What do you dislike about the product?
Sometimes, charging is slow, and it's difficult to copy fileds and values from timelines
What problems is the product solving and how is that benefiting you?
It's helping us as a SIEM
Information Technology and Services
Powerful Detection and Deep Visibility with Practical Usability in Elastic Security
Reviewed on Feb 12, 2026
Review provided by G2
What do you like best about the product?
Elastic Security stands out for its powerful detection capabilities and deep visibility across endpoints and logs, while still being relatively easy to use once the workflows are understood. Implementation is smooth in environments already using the Elastic stack, and integrations with existing tools are flexible and well-documented. The platform offers a rich set of features for threat detection, hunting, and response that scales well for SOC operations. Customer support and community resources are strong, making troubleshooting manageable. Overall, it’s a feature-dense, frequently used platform that balances advanced capability with practical usability.
What do you dislike about the product?
The learning curve can be steep at the beginning, especially when tuning detections and managing advanced features without prior Elastic experience.
What problems is the product solving and how is that benefiting you?
Elastic Security helps centralize detection by allowing us to create custom rules that identify threats across multiple data sources in one platform. Its ability to ingest logs from tools like CrowdStrike and other security products gives us unified visibility for faster investigations. This reduces tool sprawl and improves our SOC’s efficiency in detecting and responding to incidents.
Banking
Pre-Built Elastic Security Use Cases That Make Migration Easier
Reviewed on Feb 11, 2026
Review provided by G2
What do you like best about the product?
Most helpful, which was one of the reason for choosing Elastic Security is pre-build security use-cases ready to use.
What do you dislike about the product?
Upside is, when you migrate from different tool, to learn specifics, eg. IP address stored in multiple fileds for ability to search either by text or regex.
What problems is the product solving and how is that benefiting you?
Primarily we use it as SIEM tool and also as EDR tool.
hector g.
Prebuilt Rules and Easy Integrations Make Elastic a Strong Choice
Reviewed on Feb 11, 2026
Review provided by G2
What do you like best about the product?
I think one of the best things about Elastic is the large set of prebuilt rules created by Elastic themselves.
I also like how the parsing and mapping are really easy to follow and implement, especially when you can find an integration that’s already created for the technology you need to monitor.
I also like how the parsing and mapping are really easy to follow and implement, especially when you can find an integration that’s already created for the technology you need to monitor.
What do you dislike about the product?
What I was missing most was a proper SOAR. I haven’t tried the workflows yet, but I have high expectations for them.
In the past, we tested the AI assistant in the first version and were a bit disappointed. Nowadays, I think it has improved quite a lot.
Another thing I’ve noticed lately is that when using and correlating different log sources, especially through the integrations by Elastic, I sometimes find fields that should match but don’t. For example, Source.ip vs client.ip, or user.name vs source.user.name. This inconsistency has made it quite difficult to correlate threat intelligence with the dashboards.
In the past, we tested the AI assistant in the first version and were a bit disappointed. Nowadays, I think it has improved quite a lot.
Another thing I’ve noticed lately is that when using and correlating different log sources, especially through the integrations by Elastic, I sometimes find fields that should match but don’t. For example, Source.ip vs client.ip, or user.name vs source.user.name. This inconsistency has made it quite difficult to correlate threat intelligence with the dashboards.
What problems is the product solving and how is that benefiting you?
One of the biggest problems we faced when implementing our MSSP was separating data among customers. Elastic handles this quite well, and that’s a big reason we chose it.