Elastic Search Reviews

Our primary use case of this solution is for monitoring our logs and infrastructure. We are customers of ELK and I'm a system administrator. 

A positive feature of ELK is that it directly interacts with Elasticsearch. The UI is very nice, and performance wise it's quite good too. A key feature is that this is a reasonably priced monitoring solution.

We run this solution on multiple servers. ELK has three lanes which comprise a single package made up of Elasticsearch, Logstash, and Kibana. To my mind, this is not efficient because we have to individually deploy the different applications. In contrast, we're able to deploy Splunk with a singe application. Implementing the dashboards is also quite difficult. With Splunk and Nagios it's much easier to directly interact with Elasticsearch. I'd like to see some additional features in the front end which currently make it a bit difficult to implement and it should be simplified.

I've been using this solution for six months. 

This solution is stable. 

This is a scalable solution, we have eight to 10 users. We had initially planned to expand use of ELK because of its cheap price and the services that are included, but given the difficulty with implementation we've decided to go with Nagios instead. 

The technical support people are very knowledgeable but the response time is quite slow which is not very good. 

The initial setup of ELK is more difficult than the setup of other monitoring applications. I was able to carry out the deployment alone. 

For anyone looking to implement a monitoring product with almost no cost or at a cheaper price, I would suggest the ELK stack. However, it does require a high skill set because of the difficulty with implementation. 

I would rate this solution a six out of 10. 

I am using this product for a SIM solution.

Their anomaly detection engine is really good for example, compared to SolarWinds. You can ingest different pipelines. You have dashboards, it is visual, there are maps, you can create canvases. It's more visual than anything that I've ever used.

I have not been using the solution for many years to know exactly the improvements needed. However, they could simplify how the YML files have to be structured properly. If you want to ingest certain logs, you need to edit the YML file and connect it to your modules to start ingesting and parsing the end-user logs. Doing this is sometimes difficult and could be streamlined.

I have been using the product for approximately three months.

The customer service is very good.

I have used SolarWinds in the past.

The solution has a lot of features. They have machine learning jobs they can implement, I'm not there yet, but I can use anomaly detection to see there are various processes that can find users that aren't supposed to log onto certain machines. All of these features are visual and graphical. I can show it as a bar chart, a pie chart, I can Instagram, or I can split chart. The power to see everything on the front end is so much more powerful.

I rate ELK Elasticsearch a ten out of ten.

In my project, Elasticsearch is used to query terms for search and to provide data boards for our project team.

We have some important IT systems which provide support for our business processes. Money is a big issue. If something happens to the IT systems, we lose some money. 

We built Elasticsearch solutions to help us to search more quickly. After that, we can calculate how much money we can save by implementing Elasticsearch as a solution.

We had many reasons to implement Elasticsearch for search term solutions. Elasticsearch products provide enterprise landscape support for different areas of the company.

Elasticsearch is useful for different business processes, but there are some problems. We discuss these problems with the vendor and with our in-house team. We see the need for some improvements with Elasticsearch. 

We would like the Elasticsearch package to include training lessons for our staff.

Elasticsearch is stable. We have a normal relationship with the vendor and we have enough support.

Elasticsearch is very scalable. This was one of the most important points of our decision. We use Elasticsearch with about 1000 users. Now have two sets of solutions:

• One set works with the dashboard from the project team's site.
• A second set works with the enterprise department involved with two roles. 

As for the staff, we have an infrastructure team dedicated to Search. I can't answer quickly how many people we use for that. For maintenance, we employ about three to five experts.

We are planning to increase our Elasticsearch usage. We have the plan because some Elasticsearch systems integrate with other products and we must grow.

If we discuss technical support from the vendor, it's the first line of support and we don't need very quick response times in the first support line. 

If we discuss the second line of support, it must be conducted very quickly. About technical support from the vendor, it's not fast. It's normal.

I previously provided some activities with Splunk solutions. My colleague in another department also used Splunk.

We did not have difficult trouble installing and configuring Elasticsearch. The setup is straightforward.

The implementation depends on what part of the solution. In some areas and for some Elasticsearch installation tasks, we wanted third-party consultation support.

We don't integrate Elasticsearch on enough systems to complete the estimate of ROI.

For the next project, we might buy the license, but we don't use it now. I don't know exactly what the license fee for Elasticsearch is currently.

This is a difficult question because we had a specific reason for choosing Elasticsearch. Different solutions provide different benefits. We compare these and choose one solution over another. 

Overall, it depends on the manufacturers. We compared Elasticsearch with other products like Riverbed, for example.

In general, we have many advantages from the features of Elasticsearch, but there are questions mostly about money, not about technical features, that are of concern.

I would rate Elasticsearch eight/nine out of ten. We have enough possibilities and features with Elasticsearch for our business requirements.

Our primary use case for this solution is to operate an integration platform for a warehouse management system.

This has improved our organization because we articulated Kubernetes, Docker, and GitHub with amazing simplicity in the scaling up of our service.

The most valuable feature for us is the analytics that we can configure and view using Kibana.

This product could be improved with additional security, and the addition of support for machine learning devices.

We are internal integrators. We are in the bigger group as of now, but other groups, our clients, are affiliates from our group. They are our internal clients. 

The solution is currently on-premises.

I was mostly responsible for the SOC team, and I helped them create the detection rules for the production. I wanted to know how it could be implemented in different kinds of products, like Sentinel.

The most valuable features are the detection and correlation features.

Something that could be improved is better integrations with Cortex and QRadar, for example. 

I have been using this solution for no more than one year. 

Not really, because I'm not the engineer and so most problems appear during the installations or maintenance and I'm not in developing infrastructure operations.

The price of Elasticsearch is fair. It is a more expensive solution, like QRadar. The price for Elasticsearch is not much more than other solutions we have.

I would say that Elasticsearch is better than all the other solutions. QRadar is getting better, but it is still behind Elasticsearch in my opinion.

I would rate this solution 8 out of 10.

I would recommend Elasticsearch if you don't have bigger budget limitations to use other enterprise solutions or if you want to avoid the vendor lock-in.

Elasticsearch helps us to store the data in key value pairs and, based on that, we can produce visualisations in Kibana. It helps us to analyse the logs based on the location, user, and other log parameters.

It needs email notification, similar to what Logentries has. Because of the notification issue, we moved to Logentries, as it provides a simple way to receive notification whenever a server encounters an error or unexpected conditions (which we have defined using RegEx).

No stability issues.

Not really any scalability issues, but we have set up a cron job to delete old logs so that we don’t hit the disk space issues. It would be helpful if such a feature were added to the UI, where old logs could be deleted automatically. (Don’t know if this feature is already there).

ELK documentation is very good, so we have never needed to contact technical support.

We used Logentries. Because of open source we moved to ELK, considering it as part of a cost-cutting strategy and evaluation. But due to the lack of a notification feature, we again moved to Logentries.

Slightly complex, especially when you are configuring a machine which is on a separate IP, rather than on a single machine. In my case, Elasticsearch, Kibana and Logstash were on different machines. Along with that, we added a proxy server (nginx) ahead of the Kibana server. We used the proxy server for user authentication so that only known users would be able to access the Kibana dashboard. ELK's free version doesn't have user authentication, and this forced us to go with this alternative. We have four machines in total.

When we were using the Amazon Elasticsearch Service we had one cluster of Elasticsearch which, by default, gave us the Kibana dashboard. We just added a proxy server for user authentication.

Graylog, Fluentd.

I give it a seven out of 10. They don't provide user authentication and authorisation (shield) as a part of their open source version.

Nice to implement, they have nicely written documentation.

We are using ELK Elasticsearch in a database. We use both Logstash and Kibana. Kibana is used for monitoring where the data is coming from.

The solution has good security features. I have been happy with the dashboards and interface.

There are some features lacking in ELK Elasticsearch.

I have been using ELK Elasticsearch for approximately two years.

We had some stability issues where we could not access the application.

We have approximately five people in my organization using ELK Elasticsearch.

All the installations were directly set up on the local servers.

The solution is free.

Elasticsearch is open source.

I rate ELK Elasticsearch an eight out of ten.

Various purposes, mainly log analysis.

This product has notably improved the way we store and use logs, from having a more user-friendly, centralized solution (for those who just needed a quick glance, without being masters of sed and awk) to implementing various mechanisms for machine-learning from our logs, and sending alerts for anomalies.

The three major features which won us over to Elasticsearch were:

• The well written documentation
• The already available integrations with multiple other tools related to our needs (like Logstash, Kibana)
• The easy with which scalability was achieved.

There are some areas in which Elasticsearch could improve: 

By honoring Unix environmental variables and not relying only on those provided by Java (e.g. installing plugins over the Unix http proxy). 

Performance improvement could come from skipping background refresh on search idle shards (which is already being addressed in the upcoming seventh version).

Until now, we have not run into any issues running Elasticsearch that were not based on bad capacity planning based by us.

Elasticsearch is a very easy to scale product, compared to other similar technologies.

To date, we haven't had the chance to use Elasticsearch's technical support.

We cannot disclose the previous solution, but we are much happier with Elasticsearch.

Our initial setup was very easy to do.

We evaluated HBase and Cassadnra.