We are mainly using it for analytics reports for the data taken from our call center. We are using the entire stack. We are using Kibana and Elasticsearch. Kibana is the front end for dashboards, reports, etc.
Business Intelligence at UTE
Supports different languages for querying the database and has a free version and community support
Pros and Cons
- "The flexibility and the support for diverse languages that it provides for searching the database are most valuable. We can use different languages to query the database."
- "It is hard to learn and understand because it is a very big platform. This is the main reason why we still have nothing in production. We have to learn some things before we get there."
What is our primary use case?
What is most valuable?
The flexibility and the support for diverse languages that it provides for searching the database are most valuable. We can use different languages to query the database.
What needs improvement?
It is hard to learn and understand because it is a very big platform. This is the main reason why we still have nothing in production. We have to learn some things before we get there.
I have reported and had discussions about several bugs at discuss.elastic.co, but that happens with many products. It is not only with this product.
For how long have I used the solution?
We have been using it for about one year, but it is not yet in our production environment.
Buyer's Guide
Elastic Search
December 2024
Learn what your peers think about Elastic Search. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,052 professionals have used our research since 2012.
What do I think about the stability of the solution?
It is reliable.
What do I think about the scalability of the solution?
If you use a cloud platform or a cloud environment, it is easy to scale.
For on-premises, we are using OpenShift. We are using a cluster on OpenShift, and we are facing some issues, but they are not related to Elastic. They are related to our infrastructure of OpenShift because OpenShift is deployed on VMware, and the storage of VMware doesn't allow us to take backup snapshots in a secure way. We are thinking of migrating this cluster of OpenShift to another platform.
Currently, we have a few users of this product because we have been using it only for one year, and we are the first ones in our company. In the future, we will have more people involved with the product.
How are customer service and support?
We have only used their community support from the discuss.elastic.co site.
What's my experience with pricing, setup cost, and licensing?
There is a free version, and there is also a hosted version for which you have to pay.
We're currently using the free version. If things go well, we might go for the paid version.
What other advice do I have?
It is a good choice, but you have to take your time to learn it. Its learning curve can be hard.
I would rate it an eight out of 10.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Consultant at a tech services company with 10,001+ employees
Stable, offers good value for money, and requires very little maintenance
Pros and Cons
- "The initial setup is very easy for small environments."
- "There are a lot of manual steps on the operating system. It could be simplified in the user interface."
What is our primary use case?
Our main use case is to centralize all the logs from the infrastructure environment and the data center.
What is most valuable?
The most valuable aspect of the solution is the visualization with Kibana. What we have not yet started, yet, we plan to do, is to use machine learning.
The initial setup is very easy for small environments.
There is very little maintenance needed.
The solution is stable.
The scalability is good.
The solution offers good value for the price.
What needs improvement?
They could simplify the Filebeat and Logstash configuration piece. There are a lot of manual steps on the operating system. It could be simplified in the user interface.
For how long have I used the solution?
I've been using the solution for about a year at this point.
What do I think about the stability of the solution?
The stability is really good. We use it in a fully virtualized environment, and that's not a real recommendation from Elastic. However, even with how it's stored, even if it's not a recommendation, for this small environment we have here, it's stable enough. It's working.
What do I think about the scalability of the solution?
We're in the very early stages of usage. We only have maybe 20 people on the solution currently. We are increasing this, however. There will be more.
The solution is easy to scale. You can add new Elasticsearch clusters. It should be noted that you have to separate the different roles from Elasticsearch to other devices, so you need a little bit more knowledge to do it right.
How are customer service and technical support?
We've been in touch with technical support a little bit as we're still in negotiation. Right now, we are running the basic product which is free of charge. We're in negotiation with the vendor for a license, where we will get proper support. We need it.
Which solution did I use previously and why did I switch?
I'm also familiar with Splunk, which is more expensive.
How was the initial setup?
In our case, it was a simple installation process. It was just set up in small environments, however, if it's getting larger, it will be more complex as then you have to split all the different roles onto different machines, to get the performance you need.
Therefore, for small environments, it's very easy. If you're doing a big environment, then it's much more complex.
The only maintenance needed is for updating the systems. We're working on it to make it all more or less automatic. All we need to do is to implement the updates when they arrive.
What about the implementation team?
We just handled the initial setup internally. We did not need the assistance of any integrators or consultants.
What's my experience with pricing, setup cost, and licensing?
It's a bit too expensive, however, it's not as expensive as Splunk, which is a good thing. It's okay. There are cheaper products that we know, however, this is a very rich product, and it's got a very wide functionality, and a wide range of functionalities which I don't see in the other products, especially not in the cheaper ones.
What other advice do I have?
I'm just a customer and an end-user.
Our company is always using the latest updates.
I'd advise new users that you need to do a POC or get a test installation. It's free of charge. It's important to ingest a lot of data so that you get a feeling of scalability and performance. To put something in your lab, for example, is very helpful. It's only when you have data in the system, that you can see the benefits of the Elastic environment.
I would absolutely recommend the solution to others. I'd rate it at a nine out of ten. I've been pleased with its capabilities overall.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Elastic Search
December 2024
Learn what your peers think about Elastic Search. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,052 professionals have used our research since 2012.
Solution Integration Architect at a insurance company with 51-200 employees
Helps with log analytics and indexing
Pros and Cons
- "The solution is valuable for log analytics."
- "The solution's integration and configuration are not easy. Not many people know exactly what to do."
What is our primary use case?
We use the solution for search engines and indexing.
What is most valuable?
The solution is valuable for log analytics.
What needs improvement?
The solution's integration and configuration are not easy. Not many people know exactly what to do.
For how long have I used the solution?
I have been working with the product for five years.
How was the initial setup?
The product's deployment took a couple of days to complete.
What about the implementation team?
The product's deployment was done in-house by myself.
What other advice do I have?
I would rate the product a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Solutions Architect at a tech services company with 51-200 employees
A competitively priced, fast solution with easy indexing, but room for improvement in the graph and reporting features and network monitoring
Pros and Cons
- "The solution has great scalability."
- "Both the graph feature and the reporting feature are a little bit lacking. The alerting also needs to be improved."
What is most valuable?
There are a lot of good things about this solution. First, it is an extremely fast search. We have quite an extensive number of logs, and we can search through billions of documents in just a few minutes, and get the results we're looking for.
The second is easy indexing. We can index almost anything that comes from a log. Anything produced in the system can be ingested in Elastic Search.
What needs improvement?
I want the solution to improve the graph feature because it is a little bit poor. Both the graph feature and the reporting feature are a little bit lacking. The alerting also needs to be improved.
As for new features, I would like to see more on the network monitoring side. I can see that a lot has been done in server management, security, and application. However, I would love to see the same attention given to network management. If we could go and harvest the network information and bring it into Elastic Search, it would be the perfect solution for achieving a NOC and SOC environment.
For how long have I used the solution?
I have been using this solution for five years.
What do I think about the stability of the solution?
We haven't had any stability issues at all. You just have to make sure that you are ingesting the right amount of data and maintaining your cluster by clearing up all of the data regularly. We input some script that tells the solution to drop any data it sees that is older than three months. It's as simple as that, and we're very happy with it.
If you size your nodes properly, and a node drops or there is a problem, the product will still function. Last night, one of the nodes in my cluster crashed. I went in to check it and restarted the node, and the data appeared and everything was fine. I cannot say the same for a lot of other solutions.
What do I think about the scalability of the solution?
The solution has great scalability. We started with one node, then went to three nodes, as recommended by Elastic. We then found ourselves with seven nodes, and eventually 11 nodes. Then we said, "Wait a minute, this is not going well because we keep adding data and running out of storage." That's when we decided to start dropping data after three months.
How are customer service and support?
I've seen a lot of improvement over the last five years. Five years ago, there was a little bit of tech support but it was not great. Recently, I opened some cases and the team gave me answers that included exactly what to do to resolve the problems. This shows that the support team has knowledge. It's not just someone who is sitting in the office and try to figure out the problem. When you give them a problem, they know exactly what's wrong and they'll offer the precise solution that will solve the problem. We have seen a lot of improvements in the last six months. I would rate the technical support as a four out of five because they are very knowledgeable.
How would you rate customer service and support?
Positive
How was the initial setup?
I would rate the initial setup process as a five out of five because it's the easiest product I've ever dealt with. When it needs to be upgraded, you just tell it to upgrade and the solution does it for you.
What's my experience with pricing, setup cost, and licensing?
We started with the open-source version and the price increases as you add nodes because it's node-based. The price kept increasing, so we decided to buy a license to get all the features and manage the clusters more efficiently. The price of Elastic Enterprise is very, very competitive. I think it was around $700. It was very cheap for our budget. We have other solutions from other vendors that are way more expensive.
The beauty of Elastic Search is that it's based on an open-source solution, so even if you don't want to keep your license, you can just switch it off and go back to the open-source version. You'll lose some of the features, but your data will still be there, and you'll still be able to manipulate it.
You can scale the pricing up and down, which is great flexibility for us because we are a government organization. When it comes to invoicing and payment, the government is a little slow. For example, we found that our license expired on December 31st, but the vendor still hadn't been paid, so they would not issue us a new license. We switched our license off and went back to open source mode until we were able to get our license again and switch back to Enterprise.
What other advice do I have?
One time, we had a remote customer who was complaining about response time, and we couldn't figure out where the problem was located. We created a small setup, just one node of Elastic Search, and we started using it to ingest the network traffic that was going from that customer to our main site. Once we started ingesting the network traffic, we saw exactly what the problem was. We were able to solve the problem, and it only took us an hour.
What sets this solution apart from its competitors is the innovation. For example, look at the number of releases they're doing. About every three to six months, you have a new release with new features, and it's great. The good thing is that even if you don't like the innovation, you still follow an upgrade line, which means you don't lose anything from the past. You just keep getting new stuff pumped into Elastic Search. As a result, it's becoming more like an overall operational solution, when before, it was just a place where you dumped your logs.
My advice to new users of this solution is to start with a specific use case that's a simple or complicated problem that you want to address. Start with that use case, address it straight away, and keep expanding. For example, we started with a network traffic use case, then expanded into Syslog management of a network device. Next, we expanded to an event management server, and then we went into application management. Now we are in security logs, and it keeps expanding.
I would rate this solution as a seven out of ten because there is still a lot missing regarding network management. Also, machine learning is still not clear to me. A lot of the things in machine learning can be addressed straight away with other features, like a watcher or alerting. At this point, I don't see the benefit of machine learning when it comes to IT infrastructure.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Owner & director at Pulsar ICT
Good processing power, very scalable, and able to handle all data formats
Pros and Cons
- "There's lots of processing power. You can actually just add machines to get more performance if you need to. It's pretty flexible and very easy to add another log. It's not like 'oh, no, it's going to be so much extra data'. That's not a problem for the machine. It can handle it."
- "The solution has quite a steep learning curve. The usability and general user-friendliness could be improved. However, that is kind of typical with products that have a lot of flexibility, or a lot of capabilities. Sometimes having more choices makes things more complex. It makes it difficult to configure it, though. It's kind of a bitter pill that you have to swallow in the beginning and you really have to get through it."
What is our primary use case?
We try to detect malicious files by the logs. The logs are all centralized including all our PCs, our callers, our servers, Linux, windows, Polaris names. We scan everything. Then we have pre-defined specific use cases that allow us to identify if there is an attack on the machine or indirectly by the endpoint. On top of that, we can check with users as we're not directly dealing with the configuration, so we can follow up on the alerts we receive. On top of that, we have the systems in place that allow us to detect if certain inexcusable items are on the system, such as malicious files. We can do this because we also retrieve the log files of the identifiers.
What is most valuable?
The fact that you can dump any type of format in the database without any specific reformatting is fantastic. It makes it very flexible in collecting information and that saves us a lot of time because otherwise, we would really need to define specifically what we're looking for and reformat everything. With this solution, that's not necessary. We can directly, and in a really standard raw format, dump the data into the database. Only afterwards do we need to define what specifically we're looking for, however, at that point, it's not a big deal to actually add an additional log and to collect additional information.
The solution is very scalable.
There's lots of processing power. You can actually just add machines to get more performance if you need to. It's pretty flexible and very easy to add another log. It's not like 'oh, no, it's going to be so much extra data'. That's not a problem for the machine. It can handle it.
What needs improvement?
The solution has quite a steep learning curve. The usability and general user-friendliness could be improved. However, that is kind of typical with products that have a lot of flexibility, or a lot of capabilities. Sometimes having more choices makes things more complex. It makes it difficult to configure it, though. It's kind of a bitter pill that you have to swallow in the beginning and you really have to get through it.
Once you begin to understand the concepts and how to actually look for data it's a very pleasant solution, but the learning curve is very steep in the beginning, to the point that they could improve it to make it a bit less intimidating to start. There needs to be a bit more intuition behind the architecture and the data search.
For how long have I used the solution?
This solution has been used for at least five years at the company.
What do I think about the stability of the solution?
It's very stable. The only thing that might happen is that sometimes when you do a search it will stress the machine a bit too much. If that happens, then it's a matter of, if you do it the wrong way, the machine gets stressed and then it slows down. However, it will not crash. It almost never crashes. You'll simply figure out that the machine is overwhelmed and take the stress off.
The problem, occasionally, is that it may become unresponsive, but it isn't really unresponsive, it's just that the system is overloaded. That can only happen if you do your database search in the wrong way. That's why, especially when you have a lot of data and are really concentrating a lot of data on a few machines, you have to be careful of what you're doing.
It's a very nice tool but you have to be a bit aware of how to deal with this, especially when you have a lot of data and you have limited processing capacity. If you have unlimited processing capacity you can do whatever you want with it. I personally can say that I've never seen a machine crash.
What do I think about the scalability of the solution?
The scalability of the product is good. It's our key system that generates alerts and does surveillance on a security level. This product is extensively used in our organization.
We have people of course, from the server team that makes sure that the logs get collected. And then we have the people that actually deal with the configuration of the ELK as well. That is a team of five or six people that we use now. Then, of course, we have all the teams that follow up on the alerts, and there, I would say, we have two or three different teams, which is between 10 and 20 people. That's just part of the people that work with the solution.
How are customer service and technical support?
I work on part of the team that deals with technical support issues. There's a good community around the solution. This is because the product is actually open-source. With a lot of typical issues, you can simply Google questions and you will find the answer. Of course, we do have a support contract with the company. I don't deal directly with that, however. We contact them directly if we really need to and we have maintenance contracts with them. Unfortunately, I can't really speak to how good or bad they are because I've never called them myself.
Which solution did I use previously and why did I switch?
Before we switched over to this, we used it in combination with an end product called QRadar, but both of them together were time-consuming.
How was the initial setup?
It's easy to install the servers, that's not really the problem. The difficulty is afterward. Users need to understand how to explore the data.
The server setup is the easy part. Even, let's say, moving the log into the machine or into the database is no problem. However, then you have all this data and you will really struggle to understand the information. That is sometimes not always obvious at the outset. In order to do that in an effective way, it requires a little bit of manipulating.
To install the servers, a minimum installation takes me a day or more. It's for the most part usually pretty fast.
What about the implementation team?
I myself have already had quite a lot of experience with the product. Therefore, I can set it up myself. Most customers or most IT departments will struggle to set it up due to the difficult learning curve in the beginning.
I would definitely recommend most users or companies, at least for the beginning, to get help troubleshooting problems. It will help them understand a little bit more about the steep learning curve. It really makes things much easier, and much more effective.
Which other solutions did I evaluate?
I have used different products myself due to the nature of my work. I'm a security consultant. I have been working with different customers who use different solutions, which means that I have used other things and can evaluate and compare them for clients.
I've worked with Splunk, for example. Splunk, for instance, on the level of data mining and inquiring, might be easier. It's a bit more intuitive. The downside of it is as soon as you start collecting a lot of data, it becomes extremely expensive to use Splunk. It's a very good product. However, typically, with the need to collect as many logs and as much data as possible, Splunk becomes expensive, and you can't put it in a budget easily. It's simply out of budget for many as soon as they start clicking. Also, the purpose of a security system is not the same.
With Splunk, some will not add additional logs because they don't often have the budget, especially when it immediately means that you're going to need to increase your costs enormously. That's not the purpose of a security system. For the system to be effective you must be able to have good surveillance and that means that you should not hesitate in adding your logs. Still, when the costs double, people hesitate and if they don't have the budget and cut the logs, things can get through. Fortunately, with ELK, you don't have that issue. With ELK you don't pay for gigabytes, or terabytes or the data that you use. That's the main advantage compared to Splunk. But Splunk, it has a less steep learning curve.
What other advice do I have?
I'm just using it as a customer
We tend to use the latest versions of the solution. We try to upgrade it on a regular basis.
I'd advise other companies considering implementing the solution to get a team in that knows the product and try to take advantage of their knowledge. It will help reduce the pain of the learning curve.
I'd rate the solution eight out of ten.
I would not give it a ten because of the steep learning curve. I know what the product is, but many do not, and for them it will be quite difficult to get started without becoming very frustrated in the process.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Security Architect at a computer software company with 51-200 employees
Highly extensible, feature rich, and useful online documentation
Pros and Cons
- "The most valuable features of Elastic Enterprise Search are it's cloud-ready and we do a lot of infrastructure as code. By using ELK, we're able to deploy the solution as part of our ISC deployment."
- "There is another solution I'm testing which has a 500 record limit when you do a search on Elastic Enterprise Search. That's the only area in which I'm not sure whether it's a limitation on our end in terms of knowledge or a technical limitation from Elastic Enterprise Search. There is another solution we are looking at that rides on Elastic Enterprise Search. And the limit is for any sort of records that you're doing or data analysis you're trying to do, you can only extract 500 records at a time. I know the open-source nature has a lot of limitations, Otherwise, Elastic Enterprise Search is a fantastic solution and I'd recommend it to anyone."
What is our primary use case?
Elastic Search is added advantage for us because we normally use it for our uptime monitoring and our log analysis. When we merge it with Splunk, it helps us correlate and do security monitoring.
Elastic Enterprise Search comes embedded within a solution that we have developed for our clients. It's a payment solution. We've recently shipped it with Elastic Enterprise Search embedded. All the logs and all the internal communications get captured by Elastic Enterprise Search. It makes it easy for the IT teams who are doing uptime monitoring and troubleshooting to have a look at it. We have the security teams develop their own monitoring metrics and logs, if they wish, based on their deployment.
The beauty of Elastic Enterprise Search is if they also have their own third-party tools, there's the ability to integrate and read off Elastic Enterprise Search and have any third-party tool process the logs as well. It is highly extensible.
What is most valuable?
The most valuable features of Elastic Enterprise Search are it's cloud-ready and we do a lot of infrastructure as code. By using ELK, we're able to deploy the solution as part of our ISC deployment.
The extensibility and configurability of the solution are great. Having the ability to mine for anything is useful. It's extensible and useful in terms of digesting any type of information. Since we do a lot of consulting, it means we are able to apply it to diverse environments without having to suffer the overhead of integration.
What needs improvement?
There is another solution I'm testing which has a 500 record limit when you do a search on Elastic Enterprise Search. That's the only area in which I'm not sure whether it's a limitation on our end in terms of knowledge or a technical limitation from Elastic Enterprise Search. There is another solution we are looking at that rides on Elastic Enterprise Search. And the limit is for any sort of records that you're doing or data analysis you're trying to do, you can only extract 500 records at a time. I know the open-source nature has a lot of limitations, Otherwise, Elastic Enterprise Search is a fantastic solution and I'd recommend it to anyone.
For how long have I used the solution?
I have been using Elastic Enterprise Search for approximately four years.
What do I think about the stability of the solution?
I have no complaints in terms of stability. However, you have to make sure you give Elastic Enterprise Search the minimum resources it requires. We have not seen any major issues that we would send back to the vendor or the solution maker. If there was an issue it most likely would be from the environment, depending on how it was deployed and how it was configured.
What do I think about the scalability of the solution?
Elastic Enterprise Search is scalable. In our environment, we deploy it in a containerized environment. For us, we've experienced the scalability of the solution because as we grow and expand, we spin up more containers that are interconnected. I don't see any issues with Elastic Enterprise Search from a scalability perspective.
How are customer service and support?
There's a lot of material available online. We tend to look online before we reach out for technical support. We have not needed to contact the support and this is a testament to how much information is available online.
What's my experience with pricing, setup cost, and licensing?
The solution is not expensive because users have the option of choosing the managed or the subscription model.
What other advice do I have?
Elastic Enterprise Search is a very good solution and they should keep doing good work.
I'm a very satisfied customer because almost everything I need comes out of the book. You already have machine learning, alerts, the ability to search, APIs, inbuilt security, and integration to third-party authentication.
I rate Elastic Enterprise Search a ten out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior DevOps Engineer at a financial services firm with 10,001+ employees
Offers certain log filtering capabilities and we can vet what we push into our database
Pros and Cons
- "The solution is quite scalable and this is one of its advantages."
- "There is an index issue in which the data starts to crash as it increases."
What is our primary use case?
While the solution is slated for making logging positions more centralized, at present we are gearing through it. A fully-fledged deployment of alignments is not yet in place.
We have adjusted the logs into the spec for a couple of our applications.
What is most valuable?
We consider all of the features to be valuable. With respect to 12B Kibana, all of the components fit in very well. Logsearch gives us certain log filtering capabilities and we can vet what we push into our database. This allows us only to log and ship limited items. Essentially, Logsearch plays a big role although not the most important one.
What needs improvement?
The solution itself needs improvement. There is an index issue in which the data starts to crash as it increases.
This leads to an impact on the solution's stability.
The index and part of the solution's stage have weak points.
In the next release, I would like to see better plugins when integrating with, say, Microsoft Teams.
The Kibana dashboard is quite user-friendly and we have had no issues involving our technical team. However, some technical knowledge is required, especially if one wishes to create dashboards and as it relates to index management.
For how long have I used the solution?
I have been Vusing ELK Elasticsearch for plus or minus two years.
What do I think about the stability of the solution?
ELK Elasticsearch is definitely a stable solution. It is the spec that surprises most of the other logging solutions in the market.
What do I think about the scalability of the solution?
The solution is quite scalable and this is one of its advantages. We are trying to add or plug on to Elasticsearch at present.
How are customer service and technical support?
We have been open to solutions and haven't really had a need to rely on technical support. We've relied mostly on support forums.
This said, I would rate the support well, as we initially interacted with the support team and made use of Google.
How was the initial setup?
The initial setup had a bit of a learning curve for us while we acclimated ourselves to the use of the solution. However, after a while, it became quite easy.
I would not say there was much complexity even at the outset, as we have an understanding of how to troubleshoot and do the installation.
There is more than enough documentation of the solution online. It is useful and you can find what you're looking for. There are also forums that can be of assistance.
What other advice do I have?
While I cannot say for sure, as our organization is structured so that we work in silos with everyone looking after his own infrastructure, I would estimate that we have approximately 200 employees making use of the solution.
My advice to others who are considering implementing the solution is that they first make a plan to figure out how they wish to cluster the solution and the amount of data that must be ingested. Much planning would be involved. It would be wise to start with the open-source solution, which comes with many advantages, and to move on to the Enterprise version if there should be a need for dedicated support.
I cannot posit whether management will wish to take this route, although this is definitely worth considering, as we are talking about a fully robust infinite solution across the board.
I rate ELK Elasticsearch an eight out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Technical Manager at a computer software company with 51-200 employees
A search and analytics engine that's very fast, but the price could be better
Pros and Cons
- "I like how it allows us to connect to Kafka and get this data in a document format very easily. Elasticsearch is very fast when you do text-based searches of documents. That area is very good, and the search is very good."
- "The price could be better. Kibana has some limitations in terms of the tablet to view event logs. I also have a high volume of data. On the initialization part, if you chose Kibana, you'll have some limitations. Kibana was primarily proposed as a log data reviewer to build applications to the viewer log data using Kibana. Then it became a virtualization tool, but it still has limitations from a developer's point of view."
What is our primary use case?
Elasticsearch is one of the NoSQL databases available. My application is a microservices application where the data gets published on a Kafka cube. It allows us to connect to Kafka and get this data in a document format very easily. I'm using Elasticsearch as my backend processing database, where I'm building and reporting using Kibana.
What is most valuable?
I like how it allows us to connect to Kafka and get this data in a document format very easily. Elasticsearch is very fast when you do text-based searches of documents. That area is very good, and the search is very good.
What needs improvement?
The price could be better. Kibana has some limitations in terms of the tablet to view event logs. I also have a high volume of data. On the initialization part, if you chose Kibana, you'll have some limitations. Kibana was primarily proposed as a log data reviewer to build applications to the viewer log data using Kibana. Then it became a virtualization tool, but it still has limitations from a developer's point of view.
For how long have I used the solution?
I have been using ELK Elasticsearch over the last two years.
What's my experience with pricing, setup cost, and licensing?
The price could be better.
What other advice do I have?
I would tell potential users that they have to locate the data source and understand the data. They will have to decide on whether they have to go for a NoSQL or a relational database.
If it's NoSQL, then what kind of data are you seeing? If it's more textual data, then you're going to read more. So, I would recommend Elasticsearch. Otherwise, you have other databases like MongoDB and Cassandra.
On a scale from one to ten, I would give ELK Elasticsearch a seven.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Download our free Elastic Search Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Popular Comparisons
Microsoft FAST
OpenText IDOL
IBM Watson Discovery
Lucidworks
Sinequa
Attivio
Exalead
Oracle Endeca
BA Insight
Buyer's Guide
Download our free Elastic Search Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- What are the advantages of ELK over Splunk?
- Splunk vs. Elastic Stack
- How to install an Elasticsearch cluster (with security enabled) on OpenShift?
- What would you choose for observability: Grafana observability platform or ELK stack?
- Alternatives to Google Search Appliance?
- When evaluating Indexing, what aspect do you think is the most important to look for?