One of our prototypes makes heavy use of Elasticsearch and Kibana to take advantage of their text-search and visual analytics engine. Then, after one month, turns out our free license expired. This is no problem, I thought, we don’t need the functionalities of a paid license. That wasn’t completely true, one small piece of very important functionality was missing without a paid license: security.
You see, as long as the prototype lived in a single machine with access by a single person, that was no problem, but as it started to grow we had to deploy it into a full server for it to be accessible by other developers and stakeholders, this involves a layer of security: closing ports, creating users, restricting access, etc. Elastic has security as part of its X-Pack plugin, for free, for the first 30 days. After that it is back to open connections and no use accounts.
While we would have loved to buy a full license, the scope of the project as a prototype didn’t require it. For the short remaining life of the project we decided to go with an alternative: Search Guard. Just install it, set it up and security is up and running again for free.
Sometimes you just need a patch to keep going.