Elastic Search Reviews

The main use case for Elastic Search is mainly for log management.

I appreciate the indexing capabilities and the speed of indexing in their product, which demonstrates how quickly logs are collected and stored. The search capabilities are also valuable.

The architecture of Elastic Search could be improved as it is complicated for most general users to build up the environment and maintain the cluster.

Currently, I do not have suggestions for additional functions that could be added to the product.

I have been working with Elastic Search for about two years.

I usually use Elastic Search on-premises, which introduces complexity in deployment. Using the cloud version would reduce the complexity of setting up.

I would rate the stability for Elastic Search as eight out of ten.

I would rate the scalability as eight.

I would rate technical support from Elastic Search as three out of ten.

The main issue is a general sum of all factors. Being based in Hong Kong means I can only assess the service in my region and cannot speak for other regions based on my experience.

Negative

I am currently working with multiple solutions including Elastic Search, Splunk, and Graylog.

The initial setup for Elastic Search is complex.

The real-time analytics capabilities depend on whether you use the paid version or open-source version.

I work with SME users of Elastic Search, though the solution can technically support enterprise customers.

I have not extensively used AI technology with Elastic Search.

I can recommend Elastic Search to other users.

The pricing for Elastic Search rates as four out of ten. Overall, I would rate Elastic Search as seven out of ten.

We have a distributed login environment. We have logs in databases and some in files. We use the solution to centralize everything. It's good for monitoring. 

The solution is useful for observing logs. The observability is good. 

It's good for collecting various types of logs. The metrics on offer are great.

We also collect logs from VMs, and we can look at the CPU and RAM situation to see what is being used. 

The APM for our ITSM tools is helpful. It provides good visibility.

It is scalable.

The solution offers good stability.

The initial setup is easy.

We'd like to see more integration in the future, especially around service desks or other ITSM tools. 

I've been using the solution for two or three years. 

The solution is stable and reliable. There are no bugs or glitches. It doesn't crash or freeze. 

It is scalable. It's not a problem if you need to expand it. 

We have about 20 people using the solution right now. We're using it in a test environment right now. Once we deploy to production, 300 to 400 people will use it. 

We have never used technical support. 

Our help desk also uses Grafana. We'll use this solution more widely eventually. 

The initial setup is very easy.

We took about a month to deploy the solution. 

We might need about ten people to handle the deployment and maintenance. We're still in the test environment right now. 

We handled the setup ourselves. We did not need outside assistance. 

I'm not sure of the exact licensing costs. I don't deal with that aspect of the solution. 

I'm using the latest version of the solution. I started with version 7.1, and now I use 8.6.

I'd recommend the solution to other users. 

I'd rate the solution nine out of ten. The features and tools are overall very good. 

We use the solution mainly for logs today. There are other teams that use it for other use cases. We just use it for logging and logging search and these kinds of things.

The search capabilities are the best that we could find. It's great for searching for any text with wild cards inside the logs. It's very good. We have a very good performance, even with billions of registries.

The solution is stable and reliable. 

We have an issue with the volume of data that we can handle. When we have a lot of data, like 30 days of logs, the product becomes slow, and we had to reduce it to seven days. Now, we have only seven days of logging.

Logging and tracing are different and we have a problem when it comes to tracing things. If we could have some feature related to tracing between microservices or between any sort of logging, that would be nice.

We've been using the solution for three or four years. We've used it since 2019.

This is a very stable solution. It's reliable. There are no bugs or glitches. It doesn't crash or freeze.

It's scalable in the sense of pods or quantity or numbers of requests, yet not so scalable when considering persistence. We can't handle too much long-term data.

We have at least 500 people using the solution right now.

As a bank, we have some constraints around using and adding new tools. It's very difficult to change stacks. Therefore, we have no plans to stop using the solution anytime soon. 

I've never directly worked with technical support. We have our own support comprised of our own employees. I do not deal with external support services.

We did no previously use a different solution. 

I can't speak to the initial setup. The infrastructure team handled the setup. I did not implement it directly.

It is my understanding we needed three or four engineers to handle the deployment and maintenance process. 

I do not have any details about the cost or licensing. That said, the cost is public, and likely, someone can search for the approximate costs online. 

We are a customer.

I'm not sure which version we're using. I'm from the development team. The people who are doing the configuring work would know the version.

I'd rate the solution seven out of ten. It is a good solution, yet not quite perfect.

It's a cloud-based service. At that time, we were using AWS, so we could get the same Elasticsearch capabilities from AWS. It was mostly a PaaS service that we could access. We had the Elasticsearch specific server and database hosted on an AWS instance, and then we fed the data to it and tried to fine-tune the algorithm to give the necessary search intelligence that we needed.

We're not using the latest version. We're using a version that was released one year ago.

The whole organization has about half a million users, but at any point of time, a hundred users might be using it.

The AI-based attribute tagging is a valuable feature. It passes through text data and identifies the tag-words and keywords and connects them to various attributes in the whole system. The system was supposed to run through a lot of existing data in terms of which tag-words would reflect which keywords. There was a model built on top of that. We were building a machine-learning model, which passed through all of the data and did the necessary attribute tagging. We couldn't find attribute tagging in other services.

We initially tried to do it in-house, but we couldn't get the accuracy that we wanted. Elasticsearch was quite efficient in terms of getting accuracy with the limited amount of data that we had. We had 10,000 to 20,000 records. Based on that, we had a good amount of accuracy, which we were happy with. There's a lot we can do with customization.

The documentation regarding customization could be better. Other than that, Elasticsearch has very good documentation. We can get a lot of information from forums.

I have worked with this solution for six months. 

The solution is stable.

As far as what we could accomplish, it was scalable, but we didn't have a lot of data that needed to be processed. We had 10,000 records and it was scalable.

We have reached out to tech support when we have had queries, and they respond in time. We didn't have an escalation process, but we had a lot of queries.

We chose Elasticsearch because we could build a model in a short amount of time. It allows us to build a whole setup in one month and get 93% accuracy. Even if you look at the complex AI-based features that we built within a shorter span, we could build that model with high accuracy, which wasn't possible with other search enterprise vendors that we used.

Setup was a little complex, but we had in-house expertise.

The solution needs regular fine-tuning in terms of the data model. As we get more and more data into the system, the predictability and accuracy of the output keeps changing. On the application and DB side, it was fine. Not a lot of maintenance was required.

Deployment was done in-house.

The solution is affordable. Previously, we wasted a lot of time by building our own system, which we could have avoided by moving to Elasticsearch earlier.

I would rate Elasticsearch as eight out of ten. 

Elasticsearch provides a lot of possibilities. You need to understand your requirements and how Elasticsearch can fulfill them. Somebody might be looking at a simple keyword service or attribute tagging. If you don't understand exactly what you're looking for, you'll get lost in their options and waste a lot of time.

The primary use case for Elasticsearch is to serve as a non-SQL database platform to replace traditional SQL processes. It is used in situations where unstructured data needs to be studied and searched.

Elasticsearch has been helpful due to its ability to handle unstructured data effectively compared to SQL. It provides a fast and interesting search capability which is advantageous for our needs.

The most valuable feature of Elasticsearch is its convenience in handling unstructured data, making it easy to use.

Elasticsearch could be improved in terms of scalability. If the database becomes too large, its efficiency is not as good as SQL. Additionally, the initial setup could be a little easier.

We have been using Elasticsearch for about two to three years.

We have faced shutdown issues, but these are mostly related to problems with our own machines and not due to Elasticsearch itself.

Elasticsearch is not scalable when dealing with very large databases. The efficiency decreases for huge databases because it deals with unstructured data, which presents an inherent problem.

The initial setup is of medium difficulty since it requires some understanding of the disk and related concepts.

Elasticsearch can be expensive. It requires some support and unlocking of features.

I recommend Elasticsearch for anyone looking to build a simple database, as it should be a top choice.

I'd rate the solution seven out of ten.

Using real-time search functionality to support operational decisions has been helpful. However, it is not functioning correctly, as the real-time search consumes significant system resources.

The search feature is one of the valuable features of Elasticsearch.

There are areas for improvement in Elasticsearch.

The real-time search functionality is not operational due to its impact on system resources. There are some stability issues.

My overall experience with support was positive.

Neutral

The initial setup is complex.

I do not have specific details about the implementation team. The process might require certain expertise.

The pricing is not cheap and is expensive.

I compared the differences between Elastic and other SIEM solutions.

I am more like an implementer than a customer.

I'd rate the solution seven out of ten.

We use the solution to monitor our website and APIs request and response cycle, also for log aggregation. We also used it for APM and searching for slow and database queries. 

It helped a lot in identifying bottlenecks and events happening simultaneously among several services, since we can aggregate the logs into a single repository of data

I am impressed with the product's Logstash. The tool is fast and customizable. You can build beautiful dashboards Kibana using Logstash as data source. It is useful and reliable. 

It was not possible to use authentication three years back. You needed to buy the product's services for authentication. 

I have been working with the product for three years. 

The tool itself is stable but depends on your infrastructure. If you have slow disks, the searches tend to take more time. If you need more data retention, be sure to keep an eye on disk space. Otherwise, the service crashes easily.

The tool's scalability is tied to your infrastructure. You need to have the money and resources to scale your infrastructure. To scale up, you need faster disks and more servers.  My company had 15 users using the product for a small API, and the cost was not so high.

The product's tech support is very helpful and skilled.

Positive

The product's setup is difficult, since you need at least 5 servers in a distributed topology to achieve its full potential: 3 machines for elasticsearch, 1 for logstash and another for kibana

In house

"The tool is an open-source product, but you have to self-host it and you need specialized personnel to maintain it.

If you are self hosting the solution, you need to take care of indexes and understand cluster sharding and distributed systems' election system

Elastic Search significantly improved our blog management at the organization. It played a crucial role in enhancing our cybersecurity efforts by allowing me to identify the geographical origins of web traffic. This feature was instrumental in identifying and mitigating potential threats from various actors. The ability to pinpoint the source of the traffic helped in quickly addressing security concerns and filtering out potential threats.

The most valuable features are its user-friendly interface and seamless navigation. The abundance of tutorials and helpful mocktails significantly contributed to the ease of managing the system. The user interface stood out for its accessibility, making it straightforward to perform tasks and queries. The availability of resources, such as tutorials and mocktails, not only facilitated my learning process but also enhanced the overall usability of Elastic Search. Additionally, the ability to seamlessly integrate Elastic agents into our system not only enhanced our overall efficiency but also facilitated smooth integration with the cloud. The versatility of adding Elastic agents and leveraging the source components provided a comprehensive solution for managing and optimizing our system.

Elastic Search could benefit from a more user-friendly onboarding process for beginners. Creating a module or series specifically designed for those new to Elastic Search would be valuable, starting with the basics and gradually introducing the integration of Elastic Search with emerging technologies like AI. Additionally, it would be helpful to see improvements in mailing integration and potentially offer a more accessible pricing tier for individuals or students who are just starting to explore security and monitoring aspects. A tier tailored for the average user, focusing on simplicity and affordability, could attract a broader audience and encourage long-term use.

I would rate the stability of Elastic Search at a solid nine out of ten. Throughout my usage, I didn't encounter any failures, errors, or unexpected shutdowns. It was a reliable experience, and the fact that it didn't stop working unexpectedly was a relief.

It is quite scalable.

I used a different solution before switching to Elastic Search because Elastic Search offered a wider range of features. The other solution focused on monitoring app usage, Elastic Search stood out with its extensive modules, cloud deployment options, and flexible monitoring capabilities. Despite Splunk being a bigger name, I found Elastic Search to be more versatile and enjoyed using it.

Initially, deploying Elastic Search was a bit challenging for me as it was my first time using the Elastic Stack. Setting it up to monitor traffic on multiple VMs, including an enterprise-level VM, posed some configuration hiccups, especially when connecting to the cloud. I had to rely on online resources and Google searches to troubleshoot and figure things out. While I eventually got through it, the process felt overwhelming with lots of information to digest at once. As for maintenance, during the short period I used it for a lab, there wasn't much to handle beyond shutting it down and reinstalling it at the end. I can't speak to long-term maintenance since my usage was relatively brief.

Elastic Search has provided a valuable return on investment by enhancing effectiveness and aiding in learning about security features. It has saved me an estimated couple of hundred dollars in both time and money.

Elastic Search is a bit pricey, especially for individuals or small learners interested in cybersecurity. It could be more affordable for personal use, making it accessible to a broader audience learning about network security and traffic monitoring.

My advice to anyone who is evaluating Elastic Search is to explore the user-friendly website and navigate to the documentation or resources section. Start with a basic overview of the components, and how they work together, and try simple tasks like searching or detecting. The key is to begin with something straightforward. Utilize the documentation to understand how to get started and explore the various integrations Elastic Search offers. Overall, I would rate it as an eight out of ten.