diff --git a/chatops_deployment/.gitignore b/chatops_deployment/.gitignore
index 84b3f48d..4c790564 100644
--- a/chatops_deployment/.gitignore
+++ b/chatops_deployment/.gitignore
@@ -2,4 +2,8 @@
 .terraform.lock.hcl
 plan
 terraform.tfstate
-terraform.tfstate.backup
\ No newline at end of file
+terraform.tfstate.backup
+ansible/dev_ssl/*
+ansible/prod_ssl/*
+ansible/dev-bastion-key
+ansible/prod-bastion-key
diff --git a/chatops_deployment/ansible/configure.yml b/chatops_deployment/ansible/configure.yml
index 5e88a6eb..bd3fab15 100644
--- a/chatops_deployment/ansible/configure.yml
+++ b/chatops_deployment/ansible/configure.yml
@@ -48,3 +48,10 @@
     - alertmanager
   tags:
     - alertmanager
+
+- name: Configure Elastic Stack
+  hosts: elastic
+  remote_user: ubuntu
+  force_handlers: true
+  roles:
+    - elastic
diff --git a/chatops_deployment/ansible/group_vars/monitoring/vars.yml b/chatops_deployment/ansible/group_vars/monitoring/vars.yml
index f1862ebf..d40aa46d 100644
--- a/chatops_deployment/ansible/group_vars/monitoring/vars.yml
+++ b/chatops_deployment/ansible/group_vars/monitoring/vars.yml
@@ -7,3 +7,5 @@ alertmanager_username: "{{ vault_alertmanager_username }}"
 alertmanager_password: "{{ vault_alertmanager_password }}"
 alertmanager_version: "0.28.1"
 prometheus_version: "3.2.1"
+elastic_password: "{{ vault_elastic_password }}"
+elasticsearch_version: "9.0.0"
diff --git a/chatops_deployment/ansible/roles/elastic/files/elastic.filebeat.yml b/chatops_deployment/ansible/roles/elastic/files/elastic.filebeat.yml
new file mode 100644
index 00000000..6b2f97b3
--- /dev/null
+++ b/chatops_deployment/ansible/roles/elastic/files/elastic.filebeat.yml
@@ -0,0 +1,8 @@
+- type: filestream
+  id: elasticsearch
+  enabled: true
+  paths:
+    - /var/log/elasticsearch/*.log
+  fields:
+    service.name: elasticsearch
+  fields_under_root: true
diff --git a/chatops_deployment/ansible/roles/elastic/handlers/main.yml b/chatops_deployment/ansible/roles/elastic/handlers/main.yml
new file mode 100644
index 00000000..cd5c686b
--- /dev/null
+++ b/chatops_deployment/ansible/roles/elastic/handlers/main.yml
@@ -0,0 +1,6 @@
+---
+- name: Restart Elasticsearch
+  become: true
+  ansible.builtin.systemd_service:
+    name: elasticsearch.service
+    state: restarted
diff --git a/chatops_deployment/ansible/roles/elastic/tasks/elasticsearch.yml b/chatops_deployment/ansible/roles/elastic/tasks/elasticsearch.yml
new file mode 100644
index 00000000..e32a3f28
--- /dev/null
+++ b/chatops_deployment/ansible/roles/elastic/tasks/elasticsearch.yml
@@ -0,0 +1,81 @@
+---
+- name: Install prerequisite packages
+  become: true
+  ansible.builtin.apt:
+    pkg:
+      - apt-transport-https
+      - software-properties-common
+      - wget
+    update_cache: true
+
+- name: Create key directory
+  become: true
+  ansible.builtin.file:
+    path: /etc/apt/keyrings
+    state: directory
+    mode: "0755"
+
+- name: Add Elasticsearch key and repository to apt
+  become: true
+  block:
+    - name: Add key
+      ansible.builtin.get_url:
+        url: https://artifacts.elastic.co/GPG-KEY-elasticsearch
+        dest: /etc/apt/keyrings/elasticsearch.asc
+        mode: "0755"
+
+    - name: Add repository
+      ansible.builtin.apt_repository:
+        repo: "deb [signed-by=/etc/apt/keyrings/elasticsearch.asc] https://artifacts.elastic.co/packages/9.x/apt stable main"
+        state: present
+
+- name: Install Elasticsearch
+  become: true
+  ansible.builtin.apt:
+    name: elasticsearch
+    state: latest # noqa: package-latest
+    update_cache: true
+
+- name: Attach data volume to Elasticsearch data directory
+  become: true
+  ansible.posix.mount:
+    boot: true
+    path: /var/elasticsearch/data
+    src: "{{ elasticsearch_device }}"
+    state: mounted
+    fstype: ext4
+
+- name: Set permissions on volume
+  become: true
+  ansible.builtin.file:
+    path: /var/elasticsearch/data
+    state: directory
+    owner: root
+    group: elasticsearch
+    mode: "0774"
+    recurse: true
+
+- name: Template elasticsearch config
+  become: true
+  ansible.builtin.template:
+    src: elasticsearch.yml.j2
+    dest: "/etc/elasticsearch/elasticsearch.yml"
+    owner: root
+    group: elasticsearch
+    mode: "0770"
+  notify:
+    - Restart Elasticsearch
+
+- name: Copy certificate and key
+  become: true
+  ansible.builtin.copy:
+    src: "./SSL/elasticsearch.{{ item }}"
+    dest: "/etc/elasticsearch/certs/elasticsearch.{{ item }}"
+    owner: root
+    group: elasticsearch
+    mode: "0440"
+  notify:
+    - Restart Elasticsearch
+  loop:
+    - key
+    - crt
diff --git a/chatops_deployment/ansible/roles/elastic/tasks/main.yml b/chatops_deployment/ansible/roles/elastic/tasks/main.yml
new file mode 100644
index 00000000..616a14d1
--- /dev/null
+++ b/chatops_deployment/ansible/roles/elastic/tasks/main.yml
@@ -0,0 +1,5 @@
+---
+- name: Install ElasticSearch
+  ansible.builtin.import_tasks: elasticsearch.yml
+  tags:
+    - elasticsearch
diff --git a/chatops_deployment/ansible/roles/elastic/templates/elasticsearch.yml.j2 b/chatops_deployment/ansible/roles/elastic/templates/elasticsearch.yml.j2
new file mode 100644
index 00000000..c9be70fe
--- /dev/null
+++ b/chatops_deployment/ansible/roles/elastic/templates/elasticsearch.yml.j2
@@ -0,0 +1,14 @@
+path:
+    data: /var/elasticsearch/data
+    logs: /var/log/elasticsearch
+cluster.name: chatops-elasticsearch
+xpack.security.enabled: true
+xpack.security.enrollment.enabled: true
+xpack.security.http.ssl:
+  enabled: true
+  key: /etc/elasticsearch/certs/elasticsearch.key
+  certificate: /etc/elasticsearch/certs/elasticsearch.crt
+xpack.security.transport.ssl:
+  enabled: false
+http.host: 127.0.0.1
+http.port: 9200
\ No newline at end of file