Elastic Search Reviews

We use this solution to collect log data and analyze it. We have an on-premises deployment.

The special text processing features in this solution are very important for me.

As a system, it is easy to use.

This is not a robust system, so in terms of resilience, they have to make some improvements. From time to time the system goes down and we have to start again, after adjusting some configuration parameters.

Technical support can be improved.

The interface would be improved with the inclusion of dashboards to assist in analyzing problems because it is very difficult. Better dashboards or a better configuration system would be very good.

This is not exactly a stable solution, which is why we are considering another compatible tool, and whether we go on with Elasticsearch or change it.

I follow their forum and blogs, and I have also asked questions directly to their technical department. I would say that support is moderate. It is not very good or very bad, but in between.

We did not use another solution prior to this one.

The initial setup of this solution is easy and straightforward.

The deployment is both easy and quick.

We have an in-house team that handles deployment.

Two people are enough for deployment and maintenance.

We did not evaluate other options before choosing this solution, but due to issues with stability, I'm now trying out PostgreSQL for comparison.

My advice for anybody considering this solution is that it is an easy to use tool, but for work that is not complex. If on the other hand, the work is more complex, with more data and perhaps a clustering environment, then they may have to consider something more stable and more robust.

I would rate this solution a seven out of ten.

Our primary use case for this solution is to operate an integration platform for a warehouse management system.

This has improved our organization because we articulated Kubernetes, Docker, and GitHub with amazing simplicity in the scaling up of our service.

The most valuable feature for us is the analytics that we can configure and view using Kibana.

This product could be improved with additional security, and the addition of support for machine learning devices.

In my project, Elasticsearch is used to query terms for search and to provide data boards for our project team.

We have some important IT systems which provide support for our business processes. Money is a big issue. If something happens to the IT systems, we lose some money. 

We built Elasticsearch solutions to help us to search more quickly. After that, we can calculate how much money we can save by implementing Elasticsearch as a solution.

We had many reasons to implement Elasticsearch for search term solutions. Elasticsearch products provide enterprise landscape support for different areas of the company.

Elasticsearch is useful for different business processes, but there are some problems. We discuss these problems with the vendor and with our in-house team. We see the need for some improvements with Elasticsearch. 

We would like the Elasticsearch package to include training lessons for our staff.

Elasticsearch is stable. We have a normal relationship with the vendor and we have enough support.

Elasticsearch is very scalable. This was one of the most important points of our decision. We use Elasticsearch with about 1000 users. Now have two sets of solutions:

• One set works with the dashboard from the project team's site.
• A second set works with the enterprise department involved with two roles. 

As for the staff, we have an infrastructure team dedicated to Search. I can't answer quickly how many people we use for that. For maintenance, we employ about three to five experts.

We are planning to increase our Elasticsearch usage. We have the plan because some Elasticsearch systems integrate with other products and we must grow.

If we discuss technical support from the vendor, it's the first line of support and we don't need very quick response times in the first support line. 

If we discuss the second line of support, it must be conducted very quickly. About technical support from the vendor, it's not fast. It's normal.

I previously provided some activities with Splunk solutions. My colleague in another department also used Splunk.

We did not have difficult trouble installing and configuring Elasticsearch. The setup is straightforward.

The implementation depends on what part of the solution. In some areas and for some Elasticsearch installation tasks, we wanted third-party consultation support.

We don't integrate Elasticsearch on enough systems to complete the estimate of ROI.

For the next project, we might buy the license, but we don't use it now. I don't know exactly what the license fee for Elasticsearch is currently.

This is a difficult question because we had a specific reason for choosing Elasticsearch. Different solutions provide different benefits. We compare these and choose one solution over another. 

Overall, it depends on the manufacturers. We compared Elasticsearch with other products like Riverbed, for example.

In general, we have many advantages from the features of Elasticsearch, but there are questions mostly about money, not about technical features, that are of concern.

I would rate Elasticsearch eight/nine out of ten. We have enough possibilities and features with Elasticsearch for our business requirements.

Various purposes, mainly log analysis.

This product has notably improved the way we store and use logs, from having a more user-friendly, centralized solution (for those who just needed a quick glance, without being masters of sed and awk) to implementing various mechanisms for machine-learning from our logs, and sending alerts for anomalies.

The three major features which won us over to Elasticsearch were:

• The well written documentation
• The already available integrations with multiple other tools related to our needs (like Logstash, Kibana)
• The easy with which scalability was achieved.

There are some areas in which Elasticsearch could improve: 

By honoring Unix environmental variables and not relying only on those provided by Java (e.g. installing plugins over the Unix http proxy). 

Performance improvement could come from skipping background refresh on search idle shards (which is already being addressed in the upcoming seventh version).

Until now, we have not run into any issues running Elasticsearch that were not based on bad capacity planning based by us.

Elasticsearch is a very easy to scale product, compared to other similar technologies.

To date, we haven't had the chance to use Elasticsearch's technical support.

We cannot disclose the previous solution, but we are much happier with Elasticsearch.

Our initial setup was very easy to do.

We evaluated HBase and Cassadnra.

ELK has helped my team leverage a powerful and efficient capability that is comparable to more costly solutions.

The ability to aggregate log and machine data into a searchable index reduces time to identify and isolate issues for an application. Saves time in triage and incident response by eliminating manual steps to access and parse logs on separate systems, within large infrastructure footprints.

Enterprise scaling of what have been essentially separate, free open source software (FOSS) products has been a challenge, but the folks at Elastic have published new add-ons (X-Pack and ECE) to help large companies grow ELK to required scales.

No issues with stability.

We encountered issues with scalability.

Not applicable, for my team's experience with ELK. Being a FOSS, there is limited support from Elastic without a service – support, consulting, training. There is wealth of information on the web and a growing community of users to lean on for support, though.

Yes, we had a previous solution but we did not switch. We use multiple log analysis engines. Where we have funds to support commercial, off-the-shelf tools (COTS), we have seen more immediate benefits. Where we must go with low/no-cost FOSS, we use ELK.

Initial setups were complex years ago, but they are more straightforward in the current offering. ELK is essentially a collection of products that each requires infrastructure and expertise to set up independently, and connecting them to gain a functional tool requires still more expertise.

This is a free, open source software (FOSS) tool, which means no cost on the front-end. There are no free lunches in this world though. Technical skill to implement and support are costly on the back-end with ELK, whether you train/hire internally or go for premium services from Elastic.

Splunk, Sumo Logic, and IBM’s Operation Analytics.

Try it out. There is little to lose but time.

Elasticsearch helps us to store the data in key value pairs and, based on that, we can produce visualisations in Kibana. It helps us to analyse the logs based on the location, user, and other log parameters.

It needs email notification, similar to what Logentries has. Because of the notification issue, we moved to Logentries, as it provides a simple way to receive notification whenever a server encounters an error or unexpected conditions (which we have defined using RegEx).

No stability issues.

Not really any scalability issues, but we have set up a cron job to delete old logs so that we don’t hit the disk space issues. It would be helpful if such a feature were added to the UI, where old logs could be deleted automatically. (Don’t know if this feature is already there).

ELK documentation is very good, so we have never needed to contact technical support.

We used Logentries. Because of open source we moved to ELK, considering it as part of a cost-cutting strategy and evaluation. But due to the lack of a notification feature, we again moved to Logentries.

Slightly complex, especially when you are configuring a machine which is on a separate IP, rather than on a single machine. In my case, Elasticsearch, Kibana and Logstash were on different machines. Along with that, we added a proxy server (nginx) ahead of the Kibana server. We used the proxy server for user authentication so that only known users would be able to access the Kibana dashboard. ELK's free version doesn't have user authentication, and this forced us to go with this alternative. We have four machines in total.

When we were using the Amazon Elasticsearch Service we had one cluster of Elasticsearch which, by default, gave us the Kibana dashboard. We just added a proxy server for user authentication.

Graylog, Fluentd.

I give it a seven out of 10. They don't provide user authentication and authorisation (shield) as a part of their open source version.

Nice to implement, they have nicely written documentation.

• Fast search
• Relevant results returned
• Autocomplete/fuzzy search

• Search 
• To implement the main requirements regarding my support portal.

Machine learning on search.

No issues. It is very stable.

No issues. It is easy to scale with the cluster node model.

I would rate technical support with a nine out of 10. Support is very reactive and proactive.

We did have a previous solution. It was a monster to install and configure.

The initial setup was straightforward.

The pricing and license model are clear: node-based model. 

We evaluated Solr.

The search product is a product exposing API. Therefore, be comfortable in developing your own front-end to integrate the Search API.

We use ELK primarily for enterprise monitoring and analytics through log ingestion. The data collected in Elasticsearch will be used for near real-time monitoring, analytics, and machine learning.

All new applications have been onboarded and used by the application teams. The initial feedback has been positive, and its capabilities seem to be a descent fit for our needs.

ELK being an open source certainly provided a platform for our organization to get involved. 

X-Pack provides good features, like authorization and alerts. An X-Pack license is more affordable than Splunk.

Logstash has been a challenge and needs improvements in data ingestion reconciliation. The Kibana Cross Cluster feature is long awaited and I hope 6.0 will address it without issues.

ELK has been considered as an alternative to Splunk to reduce licensing costs.