Elastic Search Reviews

Elasticsearch is one of the NoSQL databases available. My application is a microservices application where the data gets published on a Kafka cube. It allows us to connect to Kafka and get this data in a document format very easily. I'm using Elasticsearch as my backend processing database, where I'm building and reporting using Kibana.

I like how it allows us to connect to Kafka and get this data in a document format very easily. Elasticsearch is very fast when you do text-based searches of documents. That area is very good, and the search is very good.

The price could be better. Kibana has some limitations in terms of the tablet to view event logs. I also have a high volume of data. On the initialization part, if you chose Kibana, you'll have some limitations. Kibana was primarily proposed as a log data reviewer to build applications to the viewer log data using Kibana. Then it became a virtualization tool, but it still has limitations from a developer's point of view.

I have been using ELK Elasticsearch over the last two years.

The price could be better.

I would tell potential users that they have to locate the data source and understand the data. They will have to decide on whether they have to go for a NoSQL or a relational database. 

If it's NoSQL, then what kind of data are you seeing? If it's more textual data, then you're going to read more. So, I would recommend Elasticsearch. Otherwise, you have other databases like MongoDB and Cassandra.

On a scale from one to ten, I would give ELK Elasticsearch a seven.

I am using this product for a SIM solution.

Their anomaly detection engine is really good for example, compared to SolarWinds. You can ingest different pipelines. You have dashboards, it is visual, there are maps, you can create canvases. It's more visual than anything that I've ever used.

I have not been using the solution for many years to know exactly the improvements needed. However, they could simplify how the YML files have to be structured properly. If you want to ingest certain logs, you need to edit the YML file and connect it to your modules to start ingesting and parsing the end-user logs. Doing this is sometimes difficult and could be streamlined.

I have been using the product for approximately three months.

The customer service is very good.

I have used SolarWinds in the past.

The solution has a lot of features. They have machine learning jobs they can implement, I'm not there yet, but I can use anomaly detection to see there are various processes that can find users that aren't supposed to log onto certain machines. All of these features are visual and graphical. I can show it as a bar chart, a pie chart, I can Instagram, or I can split chart. The power to see everything on the front end is so much more powerful.

I rate ELK Elasticsearch a ten out of ten.

In my project, Elasticsearch is used to query terms for search and to provide data boards for our project team.

We have some important IT systems which provide support for our business processes. Money is a big issue. If something happens to the IT systems, we lose some money. 

We built Elasticsearch solutions to help us to search more quickly. After that, we can calculate how much money we can save by implementing Elasticsearch as a solution.

We had many reasons to implement Elasticsearch for search term solutions. Elasticsearch products provide enterprise landscape support for different areas of the company.

Elasticsearch is useful for different business processes, but there are some problems. We discuss these problems with the vendor and with our in-house team. We see the need for some improvements with Elasticsearch. 

We would like the Elasticsearch package to include training lessons for our staff.

Elasticsearch is stable. We have a normal relationship with the vendor and we have enough support.

Elasticsearch is very scalable. This was one of the most important points of our decision. We use Elasticsearch with about 1000 users. Now have two sets of solutions:

• One set works with the dashboard from the project team's site.
• A second set works with the enterprise department involved with two roles. 

As for the staff, we have an infrastructure team dedicated to Search. I can't answer quickly how many people we use for that. For maintenance, we employ about three to five experts.

We are planning to increase our Elasticsearch usage. We have the plan because some Elasticsearch systems integrate with other products and we must grow.

If we discuss technical support from the vendor, it's the first line of support and we don't need very quick response times in the first support line. 

If we discuss the second line of support, it must be conducted very quickly. About technical support from the vendor, it's not fast. It's normal.

I previously provided some activities with Splunk solutions. My colleague in another department also used Splunk.

We did not have difficult trouble installing and configuring Elasticsearch. The setup is straightforward.

The implementation depends on what part of the solution. In some areas and for some Elasticsearch installation tasks, we wanted third-party consultation support.

We don't integrate Elasticsearch on enough systems to complete the estimate of ROI.

For the next project, we might buy the license, but we don't use it now. I don't know exactly what the license fee for Elasticsearch is currently.

This is a difficult question because we had a specific reason for choosing Elasticsearch. Different solutions provide different benefits. We compare these and choose one solution over another. 

Overall, it depends on the manufacturers. We compared Elasticsearch with other products like Riverbed, for example.

In general, we have many advantages from the features of Elasticsearch, but there are questions mostly about money, not about technical features, that are of concern.

I would rate Elasticsearch eight/nine out of ten. We have enough possibilities and features with Elasticsearch for our business requirements.

ELK provides 

• good end to end log monitoring
• Logstash grok pattern
• elasticserach indexing
• easily configurable Kibana dashboards
• feature rich and appealing Kibana UI, as its USP.

The product offers a powerful, cost effective solution for proprietary log management and is easy to understand and start with. This saves cost as well as enhances usability.

The open source version should ship basic security versions with it. Alerting is an important feature which is not available in the open source stack.

About two years.

Stability issues can be seen with Logstash and can be addressed using Kafka. Also, data collections may not be 100% optimal using Filebeat and could be further improved.

The product is highly scalable, especially on the database side (elasticserach).

Have worked on the open source version and, hence, I don't have much information about tech support.

I have not worked with another solution.

The setup is straightforward for PoC, but becomes complex while scaling it or deploying it for production.

Yes, I evaluated GrayLog and Fluentd, but ELK was more feature rich.

The ELK open source stack is rich in features but lacks the essential security features.

ELK is one of the best open source alternatives for log management. If alerting and security features can be built by the team internally, on top of the stack, then the product is for sure going to add a lot of value to business.

We use the product for log management. 

The products comes with REST APIs. 

Elastic Search needs to improve authentication. It also needs to work on the Kibana visualization dashboard. 

I have been using the product for six years. 

I rate the product's stability a nine out of ten. 

I rate Elastic Search's scalability a ten out of ten. 

The technical team needs to improve their response time. 

Positive

The tool's deployment is easy. It took us one day to deploy a seven-node Elastic Search cluster. 

Elastic Search is open-source, but you need to pay for support, which is expensive. 

The solution suits medium to large companies better. I rate it a nine out of ten. 

I am using it to get some hands-on experience and learn the product by searching, building use cases, test cases, dashboards, and visualizations.

With hands-on experience, you learn more about the product and how it works.

It should be easier to use. It has been getting better because many functions are pre-defined, but it still needs improvement.

If you have a large enterprise environment, it is costing a lot of money and it's not a full-blown SIEM. It has SIEM features but a lot is missing. You need to involve other products to make a SIEM out of it.

Some of the other products needed were Apache, Kafka, and ticket tools. It was custom made and not what I had expected in the end.

I would like to see them get closer to a full-blown orchestrated SIEM, and create predefined modules to bring you to using it as a SIEM faster, and on the fly instead of having to tweak the Grok filter for weeks.

I would like to see more pre-defined modules.

I have been using Elasticsearch for two weeks.

We are not using the latest version, but not an old version.

It's a stable solution and we have not had any issues.

The scalability is fine.

I have contacted technical support, once or twice. The experience was okay.

The initial setup was okay, not as easy as Splunk but it was manageable.

The pricing model is questionable and needs to be addressed because when you would like to have the security they charge per machine. If you are building any cluster and you are paying €6,000 per machine, that is expensive.

I think that Elasticsearch is a good product and cheaper than Splunk.

I like this solution, but it has too much hands-on time required tweaking to get it up and running.

I have no plans to continue using this product. Currently, I am focused on SIEMonster because I signed a partnership and I would like to sell a total product. It doesn't make sense to spread across multiple products. 

I would like to earn money out of it, so I'm focusing currently on SIEMonster.

I think that Elasticsearch is a good product and cheaper than Splunk.

When I check Gartner, I don't see mention of Elasticsearch, it seems they need to make some improvements.

I would rate this solution a seven out of ten.

I'm a data scientist and we're a customer of ELK. We use the solution for multiple projects, mainly based around customer analytics.

I value the feature that allows me to share dashboards with different people with different levels of access. They can perform their own queries, like adjusting the time filter or hitting some other filters. It's very useful.

In terms of product improvement, ratio aggregation is not supported in this solution. I can do aggregations, but taking a ratio of two metrics is not supported. That's a common use case that I have come across. And if I want to do bulk coding then that's something that is not very convenient. I would like those things to be included in the next version. 

I've been using this solution for three years. 

Occasionally when you're handling large data you get some out of memory exceptions from time to time. It happens when you're doing pairing. Sometimes a few shots will fail. These are all typically when you're doing things on cloud on a large scale they tend happen.

It's a scalable solution. For now, we have about 10 users and we plan to increase that number. We use it regularly. 

I haven't needed to contact technical support. The forums are pretty good and most of the things that I need to ask are already answered so no need for support. The documentation and forums were enough. 

I haven't used other solutions. 

The initial setup is straightforward, it took about an hour. I did the setup myself. Some others also did it themselves and we had developers who put it up in the cloud for the others. 

We are currently using the Open Source version, so we didn't need to offset any licensing. For now, it's just the cost of maintaining the server. 

Our tech team did the research and I don't know if there were other options considered. 

You can test the product for your use case on their user free trial, they offer a seven or 14-day free trial, You can put it up on cloud and just push your data to check if your use cases are being handled or not. It's a quick test of the waters. 

I would rate this product an eight out of 10. 

Our primary use case for this solution is to operate an integration platform for a warehouse management system.

This has improved our organization because we articulated Kubernetes, Docker, and GitHub with amazing simplicity in the scaling up of our service.

The most valuable feature for us is the analytics that we can configure and view using Kibana.

This product could be improved with additional security, and the addition of support for machine learning devices.