Did they made a mistake? It looks to me that they took advantage of Splunk being proprietary. Not many people would use closed Splunk alternative. So they have made an open alternative and everyone loved it and this is what created the community and made them popular. Then they started using their position to force people into their proprietary Basic package because there was no security in the OSS version. That caused many data leaks from unsecured Elastic clusters. Can you imagine MariaDB not having any security by default? Or nginx without ACL? I never cared about Machine Learning, APM, SIEM and their other "products". Then they released "basic security" which was not open and was still pretty limited (e.g. not supporting OpenID). Elastic is big now, listed on the stock exchange so I understand they have to listen to their shareholders. While I don't like Amazon business and I am not their customer, I actually welcome this attempt to finally make a basic usable Elastic really open!