在選擇OpenSource軟體時，當然還是要看一下授權

elasticsearch/LICENSE.txt

Source code in this repository is covered by one of three licenses: (i) the Apache License 2.0 (ii) an Apache License 2.0 compatible license (iii) the Elastic License. The default license throughout the repository is Apache License 2.0 unless the header specifies another license. Elastic Licensed code is found only in the x-pack directory.

The build produces two sets of binaries - one set that falls under the Elastic License and another set that falls under Apache License 2.0. The binaries that contain -oss in the artifact name are licensed under Apache License 2.0 and these binaries do not package any code from the x-pack directory.

重點整理

• 有 -OSS 才是Open Source版本 (裡面沒有x-pack這個 folder)
  
• 有x-pack就有Elastic版權
• Elastic Basic License 是不允許提供給第三方用戶

Nothing in grants You the right to transfer, sell, rent, lease, distribute, sublicense, loan or otherwise make available the Commercial Software Source Code, in whole or in part, to any third party.

若第三方公司 基於 ELK Basic 版本上二次開發，並且販售，那此公司已經違法… 二次開發只能用 oss 版本而非 Basic 版本

轉貼Elastic官方的解釋
https://www.facebook.com/groups/elastictaiwan/permalink/1365484180329076/

Elastic 各版本功能

https://www.elastic.co/subscriptions

如果想要一些進階功能，有一個Elasticsearch的開放發行版
https://opendistro.github.io/for-elasticsearch/

Cloud 平台選擇

Elastic Cloud上的Elasticsearch Service與Amazon Elasticsearch Service的差別
https://www.elastic.co/aws-elasticsearch-service?fbclid=IwAR1oHfFkaXWkH8ptUMSAjFReyNCyrApM1FrVuW2pXmnMfQYPVtylGgR290Y#full-comparison

Elastic 官方回覆
https://www.facebook.com/groups/elastictaiwan/permalink/1446397522237741/

聽說嵌入雷神解答才是正解…

Elasticsearch 開源社群相當活耀，一方面提供商業服務，另一方面也釋出許多開源專案，整體是正向發展，許多SIEM也採用Elasticsearch當核心 (Security Onion, Wazuh…)

最後引用SZ Lin在資安大會所講的，共用的開源系統，參與一起貢獻形成正向循環，閉門造車形成閉源的環境，長期下來會浪費大量人力進行維護
https://szlin.me/2020/08/09/%e4%bb%a5%e9%96%8b%e6%ba%90%e8%bb%9f%e9%ab%94%e8%a8%ad%e8%a8%88%e3%80%81%e6%a7%8b%e5%bb%ba%e3%80%81%e7%b6%ad%e8%ad%b7-embedded-linux-%e5%b9%b3%e5%8f%b0/