My primary use case is to check market prices.
Desarrollador Java Senior Full Stack at Optimissa Capital Markets Consulting
Strong search function improved our speed
Pros and Cons
- "The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."
- "The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics."
What is our primary use case?
How has it helped my organization?
The main benefit of using this solution is that it improves your speed as you don't have to waste time searching for answers.
What is most valuable?
The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for.
What needs improvement?
The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics.
Buyer's Guide
Elastic Security
December 2024
Learn what your peers think about Elastic Security. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
What do I think about the stability of the solution?
I have found some bugs, but overall the stability is fine.
What do I think about the scalability of the solution?
The scalability is fine.
How are customer service and support?
Technical support is good, they're able to answer all of our questions.
How was the initial setup?
The initial setup wasn't difficult, but that varies depending on the number of servers you have.
What's my experience with pricing, setup cost, and licensing?
This tool is affordable, and its price is ok.
What other advice do I have?
I would rate this solution eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Associate Director - Solutions at a comms service provider with 1,001-5,000 employees
Good indexing of logs, cost-effective, and stable
Pros and Cons
- "I like the indexing of the logs."
- "Better integration with third-party APMs would be really good."
What is our primary use case?
We use this solution for the Microsoft deployment of auto-management.
What is most valuable?
I like the indexing of the logs.
For how long have I used the solution?
I have been using ELK Logstash for one year.
What do I think about the stability of the solution?
This product is quite stable and I've not seen any type of issue with it so far.
What do I think about the scalability of the solution?
With respect to scalability, you have to properly plan. Generally, I don't see any issues with scalability.
How are customer service and technical support?
We have not used technical support because we always had talent within the company for end-user support.
Which solution did I use previously and why did I switch?
This was a solution that our client chose, and they were not using a different one prior to this.
How was the initial setup?
I do not think that we had any issues with the deployment. Overall, I would say that the process is of medium complexity.
What about the implementation team?
The support team assisted us with the deployment. I don't think that we had any issues with the team.
What's my experience with pricing, setup cost, and licensing?
Compared to other products such as Dynatrace, this is one of the cheaper options.
Which other solutions did I evaluate?
Our client provided us with this option after they had already been through a selection process.
What other advice do I have?
My advice is that this is a good product to use if you are financially contained, and you want to start with something small. Later, if you need to scale then you can look at other options.
I would rate this solution an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Buyer's Guide
Elastic Security
December 2024
Learn what your peers think about Elastic Security. Get advice and tips from experienced pros sharing their opinions. Updated: December 2024.
824,053 professionals have used our research since 2012.
Presales Solutions Architect (Cyber Security) at a tech services company with 11-50 employees
Offers scalability and useful log management, but faces challenges in alert management
Pros and Cons
- "The most valuable feature is the scalability. We are in Indonesia, more engineers understand Elastic Security here. So it is easier to scale and also develop. In features, the discovery to query all the logs is very important to us. It is very easy, especially with the query function and the feature to generate alerts and create tools. Sometimes we use the alert security dashboard to monitor our clients."
- "I think because we are a cybersecurity company, the thing that can be improved is the prebuilt tools, especially quality. Compared to its competitor, they still have fewer prebuilt security rules. Elastic Security, in terms of generating alerts, cannot group the same products into one another. Even though the alerts are the same, they still generate them one by one. So, it is very noisy in our dashboard. I would like the Elastic Security admin to group all the same alarms into one alarm so that our dashboard is not noisy."
What is our primary use case?
Our use case for Elastic Security is for log management and security information for the management team.
What is most valuable?
The most valuable feature is the scalability. We are in Indonesia, more engineers understand Elastic Security here. So it is easier to scale and also develop. In features, the discovery to query all the logs is very important to us. It is very easy, especially with the query function and the feature to generate alerts and create tools. Sometimes we use the alert security dashboard to monitor our clients.
What needs improvement?
I think because we are a cybersecurity company, the thing that can be improved is the prebuilt tools, especially quality. Compared to its competitor, they still have fewer prebuilt security rules. Elastic Security, in terms of generating alerts, cannot group the same products into one another. Even though the alerts are the same, they still generate them one by one. So, it is very noisy in our dashboard. I would like the Elastic Security admin to group all the same alarms into one alarm so that our dashboard is not noisy.
For how long have I used the solution?
I have been working with Elastic Security for around one or two years in my current company.
What do I think about the stability of the solution?
I would rate the stability of the solution a seven out of ten and there are a lot of glitches.
What do I think about the scalability of the solution?
Elastic Security has very good scalability.
How are customer service and support?
I have had no direct communication with the support team but my technical team says that they are not helpful.
How would you rate customer service and support?
Neutral
How was the initial setup?
The setup process is very complex if you are new to it. But if you already understand how Elastic Security works and how the architect works, I think it is quite simple.
What's my experience with pricing, setup cost, and licensing?
The pricing is in the middle. I think it is not an expensive experience if we compare it with big names, for example, QRadar, and also Oxide. I think Elastic Security is quite cheap. I would rate the pricing of this solution a five out of ten.
What other advice do I have?
I think they are doing a pretty good job in terms of the user interface and also the user experience. I think in terms of the basic features and also the user experience, it is enough for us to support our daily operations.
Overall, I would rate the solution a seven out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Works at a comms service provider with 51-200 employees
Good visualization, but more automation is needed
Pros and Cons
- "The visualization is very good."
- "There are connectors to gather logs for Windows PCs and Linux PCs, but if we have to get the logs from Syslog then we have to do it manually, and this should be automated."
What is our primary use case?
We are a service provider, and use this solution to work with our customers.
We use this solution for collecting firewall logs and then supplying them to the log analyzer.
We are running Fortinet FortiGate for our firewall, and these are the logs that we are analyzing. Normally, we have a problem with the visualization part.
How has it helped my organization?
This solution helps us because we can find all of the logs in one place. We can easily find a specific log in a specific time period.
What is most valuable?
The visualization is very good.
What needs improvement?
There are connectors to gather logs for Windows PCs and Linux PCs, but if we have to get the logs from Syslog then we have to do it manually, and this should be automated.
It would be good if I could get technical support for specific devices. I think that Windows should have some specific connectors. When we implemented a new product, we had to create it manually.
What do I think about the stability of the solution?
The stability of this solution is fine.
What do I think about the scalability of the solution?
This solution is scalable.
We have approximately two hundred users and we do not plan to increase usage at this time.
How are customer service and technical support?
We had not contacted technical support for this solution.
Which solution did I use previously and why did I switch?
We have used other SIEM solutions in our company.
How was the initial setup?
On week is enough for the deployment.
What about the implementation team?
We performed the integration ourselves.
What's my experience with pricing, setup cost, and licensing?
We are using the free, open-source version of this solution.
Which other solutions did I evaluate?
We did not evaluate other options before choosing this solution.
What other advice do I have?
We are interested in learning more about plugins for specific firewalls or other products.
The only problem with this solution is the development part, where we have to do it manually.
I would rate this solution a six out of ten.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Manager Analytics at a financial services firm with 501-1,000 employees
A simple and easy-to-use solution for IT monitoring and anomaly detection
Pros and Cons
- "It's simple and easy to use."
- "This solution cannot do predictive maintenance, so we have to build our own modules for doing it."
What is our primary use case?
The primary use case of this solution is for IT monitoring, predictive maintenance, and anomaly detection.
What is most valuable?
It's simple and easy to use.
What needs improvement?
This solution cannot do predictive maintenance, so we have to build our own modules for doing it.
It doesn't do advanced analytics. They should have some advance analytics in this solution.
With Kibana, we wanted it to be easier to use. The data visualization is there but it should be easier to use.
Also, they should start proving APIs for doing ML and AI.
For how long have I used the solution?
I have been using this solution for two months.
What do I think about the stability of the solution?
This solution is stable and so far, we have had no issues.
What do I think about the scalability of the solution?
The scalability is very good. We are running it on an eight-node machine so far, and with eight nodes we have had no issues.
How are customer service and technical support?
We haven't contacted support. They do have the support and we have spoken with them over email. We might need their assistance next month.
What other advice do I have?
Anyone who wants to do IT log monitoring, realtime and who wants to do the anomaly detection, should go with this solution.
So far from what we have seen, I would rate this solution a nine out of ten.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Professional Services Manager at PT Korelasi Persada Indonesia
It's easy to integrate and highly customizable
Pros and Cons
- "Elastic is straightforward, easy to integrate, and highly customizable."
- "The Integration module could be improved. It is a pain to build integration with any product. We have to do parking and so on. It's not like other commercial solutions that use profile integration. I would also see more detection features on the SIEM side."
What is most valuable?
Elastic is straightforward, easy to integrate, and highly customizable.
What needs improvement?
The Integration module could be improved. It is a pain to build integration with any product. We have to do parking and so on. It's not like other commercial solutions that use profile integration. I would also see more detection features on the SIEM side.
What do I think about the scalability of the solution?
Elastic is easily scalable.
How are customer service and support?
Elastic support is good.
How was the initial setup?
Elastic's initial setup is quite straightforward.
What's my experience with pricing, setup cost, and licensing?
Elastic is still priced far less than other commercial products.
What other advice do I have?
I rate Elastic SIEM eight out of 10. Elastic is easy, lightweight, and highly scalable, but you need to be skilled at scripting to use it. If you're going to use the product, you need to ensure your engineers have the scripting ability.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Senior Tech Engineer at a tech services company with 1,001-5,000 employees
Easy to set up, reasonably priced, and offers good integration
Pros and Cons
- "The cost is reasonable. It's not overly pricey."
- "This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage."
What is our primary use case?
In general, the solution is working together with Open Shift's deployment for the continuous delivery of many projects. This product takes the metrics and checks the log for components that Open Shift deploys. We work with the observation team that monitors the entire company to understand what can be observed and analyzed.
What is most valuable?
The solution is able to handle searches quickly and efficiently. It's much faster than other solutions we've tried. It spends far less time on searches related to capacity and indexing information.
The possibility to stack, locate, and search with your indexing feature at a high rate of speed is its best feature.
It helps that the solution can work together with the infrastructure agents to get the metrics we need.
The integration is quite good.
The initial setup is not difficult. It's easy to set up and customize. It's a strong selling point for the solution.
It's easy to collect the data.
The documentation is big. It's very well documented.
It's working and easy to work with.
The cost is reasonable. It's not overly pricey.
What needs improvement?
This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage.
We need to be able to monitor from any location in the world and any location in the company. We find that solutions such as Dynatrace and Datadog offer much more functionality, perhaps due to the fact that they are more mature.
The solution needs to integrate more AI capabilities, specifically to assist in anomaly detection.
The instrumentation of APM can be enhanced; can be better. It's not automated. It's a very manual process. This ends up being more costly for us. Dynatrace and Datadog are better in this area.
The support on offer could be much better.
For how long have I used the solution?
I've been using the solution for the last six months at this point. It hasn't been an extremely long amount of time just yet.
What do I think about the stability of the solution?
The stability has been pretty good. It's reliable. There aren't bugs or glitches. it doesn't crash or freeze. I'd describe it as 95% stable overall.
What do I think about the scalability of the solution?
We haven't really done any scaling. We only have had an environment with a small cluster on-premises and we can't really test it for scalability. We have no more than four servers for the platform and never really needed to expand anything.
The solution may be used by around 1,000 people in our organization.
How are customer service and technical support?
Technical support could be a lot better. They should offer online chat functionality so that we can get answers to questions right away. It would make troubleshooting a lot faster and less cumbersome.
We've had some troubles, and when we do, we need to open a ticket to get it resolved, which takes some time.
That said, it does offer very good documentation and their knowledge is very good when you do interact with them.
How was the initial setup?
The initial setup is easy. It's not complex or difficult. It's pretty straightforward.
It's very easy to set everything up and configure it on-premises.
The deployment only took an hour or two. We only deployed to one environment. It was pretty fast.
What's my experience with pricing, setup cost, and licensing?
The cost is pretty low. It is not open-source, however.
What other advice do I have?
We are just customers and end-users.
I would advise others to use this solution. It's relatively low cost and the implementation is quick, giving you results faster.
I would rate the solution at an eight out of ten overall.
Which deployment model are you using for this solution?
On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Founder & Chief Executive Officer at a consultancy with 11-50 employees
Has good scalability and is consistently stable
Pros and Cons
- "The feature that we have found the most valuable is scalability."
- "The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there."
What is our primary use case?
We are using ELK Logstash for application log management and fault detection.
What is most valuable?
The feature that we have found the most valuable is scalability.
What needs improvement?
The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward.
The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there.
For how long have I used the solution?
We have been using ELK Logstash for nearly three years.
What do I think about the stability of the solution?
It's quite stable. We have not seen it going down at all for the last three years. It's working well consistently.
What do I think about the scalability of the solution?
Scalability is very good.
How are customer service and technical support?
We have not taken the technical support at all, so we have been supporting ourselves. We are using the open-source edition, and we are supporting ourselves.
How was the initial setup?
The initial setup was very straightforward for us because we are a software development company. We understand how to compile the source code. We can compile the source code, and we can deploy it. It was pretty straightforward for us.
What other advice do I have?
You should know this solution pretty well. You need to be clear beforehand for what you are going to use this product. This is not something that you can use generally for anything and everything. You should be really clear in terms of your requirements.
I would rate ELK Logstash a nine out of ten.
Which deployment model are you using for this solution?
Private Cloud
Disclosure: My company has a business relationship with this vendor other than being a customer: partner
Buyer's Guide
Download our free Elastic Security Report and get advice and tips from experienced pros
sharing their opinions.
Updated: December 2024
Product Categories
Log Management Security Information and Event Management (SIEM) Endpoint Detection and Response (EDR) Security Orchestration Automation and Response (SOAR) Extended Detection and Response (XDR)Popular Comparisons
Splunk Enterprise Security
Datadog
IBM Security QRadar
Elastic Observability
Graylog
LogRhythm SIEM
Sumo Logic Security
Security Onion
Fortinet FortiAnalyzer
syslog-ng
Google Cloud's operations suite (formerly Stackdriver)
USM Anywhere
Elastic Stack
Buyer's Guide
Download our free Elastic Security Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
- What are the advantages of ELK over Splunk?
- What would you choose for observability: Grafana observability platform or ELK stack?
- When evaluating Log Management tools and software, what aspect do you think is the most important to look for?
- Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
- Which Windows event log monitoring tool do you recommend?
- What is the difference between log management and SIEM?
- Splunk vs. Elastic Stack
- How can Cloudtrail logs be used effectively to improve log monitoring?
- Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?