We performed a comparison between Datadog and Elastic Security (formerly ELK Logstash) based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Datadog and Elastic Security have a similar user rating for ease of deployment, and users of both felt that the solutions were expensive. Users felt Elastic Security took too long to respond when it came to service and support. In terms of features, reviewers of Datadog had a problem with stability and felt there wasn’t enough monitoring through their dashboard. Reviewers of Elastic Security said they had difficulty retrieving data and felt the solution should offer predictive maintenance.
"The Datadog suite has allowed us to easily integrate log collection into all of our services and quickly detect unexpected changes in system data to declare security incidents."
"I find the greatest feature is being able to search across logs from various microservices."
"The most valuable aspects of the product include the APM and profiler."
"The seamless integration between Datadog and hundreds of apps makes onboarding new products and teams a breeze."
"Datadog has a lot of features to be able to drill down deep into the swath of logs that our platforms generate."
"The ease with which we can filter, use metrics, and give accounts to customers, then let the customer filter, set up metrics, and alerts. This has been a big win for us."
"We have been able to set very specific CPU and memory alerts, at the very base level, then we started to pull real business value, like 99th percentile response rates for our API calls."
"It has scaled great. I haven't run into any problems anywhere that I've used it. They have handled everything that we have needed them to."
"The visualization is very good."
"It is very quick to react. I can set it to check anomalies or suspicious behavior every 30 seconds. It is very fast."
"I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users."
"ELK documentation is very good, so never needed to contact technical support."
"The cost is reasonable. It's not overly pricey."
"Elastic Security is a highly flexible platform that can be implemented anywhere."
"The most valuable feature is the speed, as it responds in a very short time."
"The feature that we have found the most valuable is scalability."
"It would also be nice if we had more insight into our own usage of Datadog (agents and custom metrics). They provide a usage page which does help, but it is not in real-time."
"We'd like Datadog to make the log storage cheaper."
"We need more visibility into the error tracking dashboard."
"It could use some additional features when working with metrics like Grafana or like New Relic has. Datadog does not use library technologies like Dynatrace does. Datadog has machine learning too, but it does not have this option in all layers of monitoring like infrastructure service process in applications."
"Could be a little more user friendly."
"Datadog needs more local Asia-Pacific support, and if they don't have a SaaS solution in Asia-Pacific, they should offer an on-prem version. I'm told that's not possible."
"I often have issues with the UI in my browser."
"The parallel editing of the dashboards should not cause users to lose the work of another person."
"The solution could offer better reporting features."
"The tool needs to integrate with legacy servers. Big companies can have legacy servers that may not always be updated."
"The solution does not have a UI and this is one of the reasons we are looking for another solution."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."
"One limitation of Elastic Security is that it does not have built-in workflows for all tasks. For example, if you need a workflow for compliance, you will need to create a custom workflow."
"The tool should improve its scalability."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
Datadog is ranked 3rd in Log Management with 137 reviews while Elastic Security is ranked 5th in Log Management with 59 reviews. Datadog is rated 8.6, while Elastic Security is rated 7.6. The top reviewer of Datadog writes "Very good RUM, synthetics, and infrastructure host maps". On the other hand, the top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". Datadog is most compared with Dynatrace, Azure Monitor, New Relic, AWS X-Ray and Elastic Observability, whereas Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and Microsoft Defender for Endpoint. See our Datadog vs. Elastic Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
It depends on your requirement. If you are looking for a SIEM/log management solution ELK would be a better option.
But if you are looking for more of a monitoring solution Datadog would be better. Also, Datadog provides out-of-the-box integrations with a lot of cloud applications. ELK could be cost-effective but a bit challenging to configure & finetune.
Datadog: Unify logs, metrics, and traces from across your distributed infrastructure. Datadog is the leading service for cloud-scale monitoring. It is used by IT, operations, and development teams who build and operate applications that run on dynamic or hybrid cloud infrastructure. Start monitoring in minutes with Datadog!
Datadog features offered are:
200+ turn-key integrations for data aggregation
Clean graphs of StatsD and other integrations
Elasticsearch: Open Source, Distributed, RESTful Search Engine. Elasticsearch is a distributed, RESTful search and analytics engine capable of storing data and searching it in near real time. Elasticsearch, Kibana, Beats and Logstash are the Elastic Stack (sometimes called the ELK Stack).
Elasticsearch provides the following key features:
Distributed and Highly Available Search Engine.
Multi Tenant with Multi Types.
Various set of APIs including RESTful
Dear,
Unfortunately, I can't say much about Datadog but I have used ELK for a short period.
And I can tell you not everything works the way it should. For example, I noticed heavy CPU usage for a Windows client on MS AD servers. I advise you to consider this if it's important to you.
Good luck!
Where do you want to spend your money, on people or licenses?
ELK requires a long-term investment in engineering resources to manage the system and to provide the capability.
Datadog provides capabilities for you so you only need some administrators. What are the capabilities? Some critical ones include availability, scalability, consuming log files, platform upgrades, ...
If you are consuming smaller data sets (100's of GB) with shorter retention, the size and scaling are much easier making ELK easier.
Do you have admins or engineers? If your team doesn't have dedicated time & skills to spend developing solutions like elastic-alert you should look for a vendor to provide capabilities.
I expect some capabilities in Datadog you will not be able to replicate in ELK.... so that answer makes this obvious.
We are going to evaluate the same for our org. We do about 10 TB a day consumption in ELK and are looking to see if we can shift $$$ from engineers and infra to SaaS.
I have used both ELK and Datadog, and there are lots of variables to consider here. The three important points that I looked at are:
- Cost. In addition to service costs, you have to consider egress and ingress costs as well.
- Real-time observability that you need during development vs long-term Observability. Keep in mind, when you export data over the internet, it comes with the same reliability issues as any other service on the internet. Regardless of how Datadog classifies its service as real-time, it is not real-time, IMO. It very much depends on your definition of real-time.
- Deployment and maintenance complexity. When your ELK cluster grows it has some pain points you need to be aware of.
My general approach is to deploy ELK for development, tune the data, and then pivot toward commercial solutions if I need to. This gives you insight into your data and what you should be preserving and that way you are not paying high costs, when or if you do decide to take advantage of a commercial solution.
Can you tell me what you actually want to do so that I can help you?