Elastic Search Reviews

For me, the primary use case of Elasticsearch is log analysis, as it is a text-based search tool. To explain how it works, let's consider its role at the backend. Elasticsearch operates on keywords used to fetch data. This is in contrast to some databases, where operations might be based on a key order or a primary key, allowing for various maintenance and analysis tasks.

Many people use Elasticsearch to store their application logs in JSON format. These logs are indexed, facilitating efficient search and analysis. Additionally, Elasticsearch integrates well with tools like Grafana and Kibana, enabling users to create diverse dashboards for data visualization.

There's also the text-based search scenario. For instance, if a user wants to search for something using a specific keyword, Elasticsearch excels in this area by creating multiple indices. 

Elasticsearch is a versatile tool that can store and retrieve information effectively, making it suitable for various applications across different industries.

Elasticsearch is a quick search engine tool. A good use case is saving metadata of your systems for data cataloging. Various systems, like those opened in metadata and similar applications, use Elasticsearch to store their text data. However, the major use case for many is to store application logs and build different dashboards on top of it.

The use of Elasticsearch is very specific. It is not helpful for storing your OLTP data. Elasticsearch's specific use is when you need to provide text-based search functionality. That's when Elasticsearch becomes relevant. 

For instance, for log analysis or searching values, Elasticsearch performs very well. However, there are challenges with performance management and scalability, particularly how developers manage these aspects. 

For example, Kubernetes is a popular choice as it offers the needed features to run your application and allows performance optimization in response to increased system load, and managing itself. If you plan to deploy Elasticsearch with limited or predefined resources, it may not be the ideal setup. 

Therefore, it's better to create ultimate commerce capabilities for it. This is the challenge people are facing in the market and the solution for it. So, this answer combines two aspects: the challenge and its solution.

I have been using Elasticsearch for almost a year now. I'm comfortable working with it and understand its functionalities. 

In our organization, it's not so much about the number of people as it is about the number of products utilizing it. Currently, we use Elasticsearch in more than 12 products. 

It's become essential for any component that requires text-based functionality. Besides that, it's also used for logging to analyze application performance, peak times, etc. Elasticsearch is a basic component of the architecture for each of these products.

Most of our deployments are not exposed to the Internet or public networks; they're restricted to closed networks. We don’t frequently upgrade from previous versions unless a specific use case arises. 

In such cases, we usually turn to the developer community for support. 

Another scenario is when running the application in a careful mode, where the main requirement is to change the image name in the configuration. Then, we check for any changes or incompatibilities with previous versions. Upgrades can sometimes introduce issues if they’re not compatible with existing configuration files, but it's generally not too problematic to handle.

Deploying in Kubernetes is not complex. There are many resources in the market, like DevOps guys and guides, which make the process straightforward. The deployment can be done in a matter of minutes. You basically run a configuration file to set up your application, define replicas, and so on. It shouldn't take much time; even with an expert, it's a matter of a few hours. 

However, the key lies in following best practices and configuring your files properly. If you follow the best practices, you'll likely face fewer issues. But if not, problems are inevitable. 

It’s crucial to analyze these practices, considering factors like bandwidth, data volume, user interaction, and how it's read by different applications. These considerations help in managing resources and scalability, including scaling up and down your Elasticsearch container. These points are vital for running Elasticsearch efficiently, especially for text-based search applications.

You can deploy it as required. Elasticsearch is versatile; you can run it on Kubernetes, in the cloud, or on-premises. There is no limitation in terms of deployment options.

The cost varies based on factors like usage volume, network load, data storage size, and service utilization. If your usage isn't too extensive, the cost will be lower. 

However, if you're dealing with high volumes, you'll need to reconsider the cost-effectiveness. If there are no challenges or bottlenecks in buying a service from a cloud service provider, that might be a viable option. 

But if you're concerned about price or issues like exposing your data to the public cloud, then deploying on-premises and conducting stress testing becomes important. It’s a part of the learning and development process, not just a deployment for production. 

You need to pass through testing processes in the development environment and then move to staging and production. This involves various tests to understand user access patterns, data push, and performance assessment. Deploying on your own requires considering all these factors. On the other hand, if you use a cloud service, many of these concerns aren't your responsibility.

If you're interested in using Elasticsearch as a search tool and for cloud data integration, comparing it with alternatives like Amazon Cloud Search or Azure Search is valid. Many cloud service providers that offer text-search services are utilizing Elasticsearch. They've implemented best practices and resolved a myriad of issues experienced by companies using Azure, AWS, or GCP. 

These providers have integrated Elasticsearch into their cloud offerings effectively. Choosing their services might be preferable due to lower operational costs on your side. 

In case of any disaster or issue, their development and DevOps teams are available to support you. However, if you face limitations, like client requirements prohibiting data storage in public or private clouds, then deploying Elasticsearch on-premises would be your alternative.

I would definitely rate it an eight out of ten,  which is very good. The reason is the active community continuously working on it, and the support from contributors and the support team is notable. Because Elasticsearch is very specific in its use cases. 

It excels in text-based search and creating dashboards for application logs. It provides results and functionality that are hard to find in alternative tools. So, if you have a use case that fits, Elasticsearch is a great service without any direct alternatives.

We use it for locating and retrieving documents, particularly in scenarios where the data lacks a predefined structure. These documents may encompass various types of information, such as logs or other records.

It is highly valuable because of its simplicity in maintenance, where most tasks are handled for you, and it offers a plethora of built-in features.

Currently, their focus seems to be on expanding integrations and introducing more external tools, somewhat diverging from enhancing the core product. While integrating with tools like agents for ingesting data from sources like firewalls is valuable, I believe prioritizing improvements to the core product would be more beneficial. For instance, the development of a multi-step query engine could significantly enhance user experience. The ability to execute queries, receive results, and then perform subsequent queries based on those results is a fundamental feature that, while achievable through code, seems to be lacking as a built-in capability. While they possess a robust infrastructure, the current upgrade process isn't seamless and can result in downtime. As a customer, this can be frustrating, especially when there are methods like replicating to a new instance, performing the upgrade, and then transitioning back, which could potentially minimize downtime. This is crucial in a cloud service where ensuring availability is paramount, considering the significant investment in such services.

I have been working with it for two years.

It offers good stability capabilities.

It is a scalable tool, but it's not impressive. The challenge arises when scaling out becomes prohibitively expensive. Instead of offering end-users the flexibility to specify the number of instances, there's a tendency to provide preconfigured packages. This approach may not be ideal, particularly for those seeking smaller scale-ups.

Their documentation is commendable as it provides a clear understanding of their offerings. Also, the accessibility to their support further enhances user-friendliness, making it a straightforward and user-friendly experience. While it may be slow, their competence in what they do is evident. I would rate it eight out of ten.

Positive

The initial setup was straightforward.

Setting up the system initially is quite straightforward, but when it comes to upgrades, the process becomes more challenging. It was an in-house deployment. The primary focus is on designing the solution, considering factors like the importance of replication, cluster size, speed, and disk space. I appreciate their approach of guiding you through these considerations, making it easier to grasp the bigger picture. This initial design phase is a complex but crucial step. Once that's sorted, the subsequent steps are relatively straightforward—just a few clicks to establish the baseline. If you're working on a standard deployment, it's a hassle-free process.

The pricing structure depends on the scalability steps. It begins as quite affordable and maintains affordability for a while. However, there's a turning point where it transitions from being reasonably priced to becoming notably expensive.

We've explored a few alternatives, but I believe Elasticsearch, particularly with Elastic and Elastic Cloud, stands out as the current industry standard. Opting for a widely used platform is advantageous due to the larger community it attracts. A substantial user base means more people to consult, numerous information sources, and a wealth of case studies. While there are smaller, medium, and even large alternatives, having around eighty percent of the community share provides a significant pool of expertise and resources to tap into.

The main reason we opted for it is because the installation is straightforward, and maintenance is made easy as they handle that aspect for you. The extensive knowledge base offers substantial assistance, making it less reliant on individual expertise. I believe it's a solid product, especially for beginners. While it's not free, it's well-suited for more complex tasks. Keep in mind that for intricate functionalities, you might need to develop and create tools beyond what Elastic Cloud offers. If you're considering a cloud-based solution for schema-less documents, Elasticsearch is a solid choice. On the other hand, if you have the resources to handle on-premises installation, I would recommend it for companies with the capability to manage the deployment themselves. Overall, I would rate it eight out of ten.

Public Cloud

We save credentials, new account information, logs from Palantir Panorama, Firefox logs, traffic logs, GlobalProtect logs from our servers, and Active Directory new users. We're still improving this, but not very fast.

I appreciate that Elastic Enterprise Search is easy to use and that we have people on our team who are able to manage it effectively.

We are keeping an eye on other products like QRadar and Splunk in case they offer features that would benefit our company.

We currently use the free version of Elastic Search for some of our logs. However, if we were to use it more extensively, we would need to consider the pricing of the paid plans.

Another area of improvement is stability. 

 I have been using this solution for five years now.

I would rate the stability a seven out of ten. We faced a few issues. 

I would rate the scalability a seven out of ten. 

We don't use the support because we use the free version.

We were able to handle the deployment ourselves. We have one administrator and three users for this solution. So, there are four people in total. 

I use the free version. We use the free version for some logs, but not extensive use.

Overall, I would rate the solution a seven out of ten. The free version is not very useful.

On-premises

We are using the solution for our products. We are keeping some DBs where we are doing pattern searches. On the application side, we are keeping those in Elastic and a huge amount of data for our different product lines.

The way we access it is great.

The scalability that Elastic is providing is quite useful. 

We can do a lot of archiving. 

It is stable. 

The technical support is quite good. 

The cost is too high once you deploy the solution. 

They're making changes in their architecture too frequently. We'd like less frequent updates. 

I've been using the solution for five or six years. 

The solution is quite stable. There are no bugs or glitches. It doesn't crash. It is reliable. 

It's a scalable solution. We can expand it if needed. We have 50 to 60 users on the solution right now. We do not have plans to increase usage at this time. 

We've dealt with technical support in the past and have had very positive experiences. We are satisfied with the level of support we get. 

Positive

The initial setup has a moderate amount of difficulty. It's not simple and not overly complex. 

Since we are paying more for the license, we have not seen a very high ROI. 

The developer and tester licenses are one thing that is not hurting us. However, the deployment license cost is very, very high for Elastic.

We did look at other options five or six years ago. We chose Elastic for multiple reasons in the end. 

I would recommend the solution to others. 

I'd rate the solution nine out of ten. 

Public Cloud

We use the solution for log gathering, analyzing, and dashboard creation (with Kibana).

For example, several clients require the ability to store and search logs freely without the constrictions that would be in place if a traditional database was used. 

Elasticsearch is perfect for these use cases since it is a non-SQL database with advanced querying capabilities based on the Lucene search engine. 

There is excellent support and a large community that answers possible questions online in detail and very quickly. I was amazed at the help I got several times.

It gave us a tool to perform queries on unstructured data that had no fixed schema/form. This alone was a great asset, especially when dealing with clients that have large datasets from various sources that each follow their own format. 

It gives us the possibility to store and query this data and also do this efficiently and securely and without delays. 

Moreover, its learning curve was not steep. Therefore, no training was required - or at least no significant amount of time was consumed for training activities.

The ability to store unstructured data and perform fast searches that could be customized in detail is quite helpful. This is also a direct request from more and more customers. The Lucene search engine provides the needed speed. In larger projects with multiple nodes, disaster recovery and prevention is an asset (and it is needless to explain why). 

AI and machine learning capabilities have also emerged as a direct result of requests from customers. The addition of these features is useful and also can provide advanced security capabilities (such as tracking unusual behavior detection in logs).

Dashboards could be more flexible, and it would be nice to provide more drill-down capabilities. 

Although the discover function offers exploratory capabilities and one can search for various patterns in logs, the ability to do this from the dashboard function would be very useful. It would make the procedure more simple for the end user, and require less training. It would also be pretty much self-explanatory (drill down and explore specific parts of the diagram/dashboard). 

Also, more predictive analytics would be a nice-to-have feature.

I have been using the product for about two years.

The stability can be impressive.

The scalability is very good.

Technical support is excellent!

Positive

I have used Prometheus and Grafana. They do not offer the capabilities of ELK and their focus is different.

The setup is straightforward - although Logstash needed extra care in Windows VM installations.

We handled the setup in-house.

We have seen an ROI of 50% at least.

I'd advise people to involve a team with people from different departments in order to predict the correct scale.

Loki seems to be an alternative with fewer capabilities.

Logstash seems to have a very small capability to report errors, and that makes it difficult to troubleshoot. It would be nice to get some indication so as to save time.

Public Cloud

We use Elastic Enterprise Search to develop robust and competitive projects. 

We provide clients with a chance to upload a file. They have all the accounts and transactions that they want to do and we have a limit of 10,000. In two minutes, they can have the 10,000 transactions in their accounts.

I would like to see Elastic Enterprise Search focus on interbank transfers, maybe in another way of payments. We have a feature focused on online interbank transfers. But, it would be good to see current payments for workers. They could also provide this same product to the retail clients. The price support could be improved as well. 

We have been using Elastic Enterprise Search for about a year and a half.

Elastic Enterprise Search is stable. On a scale of one to 10, with one being not very stable and 10 being very stable, I give Elastic Enterprise Search a nine. 

Elastic Enterprise Search is scalable. On a scale of one to 10, with one being not scalable and 10 being very scalable, I give Elastic Enterprise Search a 10. 

Elastic Enterprise Search's tech support is good but it could be improved. 

Positive

The initial setup is difficult. On a scale of one to 10, with one being very difficult and 10 being very easy, I would rate Elastic Enterprise Search a two. 

We are continuously integrating new features. Everything we added this month took about a day each to deploy. We have 22 software engineers on the project, along with two tech leads and one solution architect.

The price we pay for Elastic Enterprise Search is very high. We have a complicated banking project with a lot of components, developers, and features. 

On a scale of one to 10, with one being very cheap and 10 being very expensive, I would rate this solution an nine. Their pricing system is highly complex. 

It has helped by notifying me when something happens. I deploy my team to the infrastructure to fix the application. However, receiving alerts before something happens would be more beneficial.

New Relic is very similar to Elasticsearch in functionality; it's easier to use.

New Relic could be more flexible, similar to Elasticsearch. It could improve on providing notifications before something happens instead of when something happens.

It is a stable and good platform.

It's scalable. There's no need to worry about the environment. You just configure it, and it runs without issues.

I haven't used their support, however, a colleague I talked to about this platform with has used it.

Positive

The initial setup is not complex. The only part that may require specific knowledge is communicating your cloud environment with New Relic and managing the cloud environment configurations.

Comparing the costs between New Relic and Elasticsearch is difficult as New Relic's cost is for processing metrics, whereas Elasticsearch's cost is for storage.

I recommend New Relic, however, it depends on the specific use case you have. I'd rate the solution eight out of ten.

Public Cloud

Other

Elastic has a lot of products. The one I'm most familiar with is Elastic Observability. It's designed to monitor our applications within an organization. It gives managers visibility into the activity and functionality of applications within the network. I've worked with it both on-premises and in the cloud. It helps us monitor applications and identify any issues. For example, we can see if an application is calling on a database if there are any delays or errors, and what might be causing those problems. It can also give us a proper view of the number of transactions done on the database and other information. It's not just pulling data for us; it's giving us real-time insights into the activities and functionalities of our applications within our network environment.

When users understand the root cause of the problem, they spend less time resolving it. The number one benefit is end-to-end stability. It provides deep visibility into your cloud and distributed applications, from microservices to serverless architectures. It quickly identifies and resolves the root causes of issues, like gaining visibility into all your cloud-based and on-prem applications. It also simplifies issue resolution, leading to faster resolution times and optimized performance. It is achieved through numerous tools, metrics, and application performance fine-tuning systems, ensuring a smooth user experience. That's why many enterprises seek this kind of solution. It provides valuable insights into potential security vulnerabilities, enabling pre-emptive measures and safeguards for your data assets. Then there's data-driven decision-making, which is very important! It breaks down data silos by ingesting all the telemetry data (metrics, logs, etc.) into a single, scalable platform with a contextual data model. This flexibility allows you to collect and visualize any data from any source. Essentially, it pulls data from all sources and guides you in making data-driven decisions for capacity planning, resource allocation, and risk mitigation. Finally, it also fosters collaboration across IT teams.

There are potential improvements based on our client feedback, like unifying the licensing cost structure, which might be helpful for clients. This room for improvement is from my perspective as a salesperson. Because when I give customers the pricing information, they might wonder why there are two different licensing models, unlike competitors like BeyondTrust or Delinea. Delinea also has the same thing with the code.

I have been with this solution for more than six months.

It's very, very stable. Most times, I go through the demo sites, which allows understanding of functionalities and use cases and all of that. I would rate the stability a nine out of ten.

It is a scalable solution. I would rate the scalability a nine out of ten.

The customer service and support are very nice.

Positive

I have experience with Delinea, ManageEngine, BeyondTrust, IBM and WALLIX. But compared to Elastic, they lack the same level of artificial intelligence capabilities. It's like an all-encompassing package with tons of features. One of those features is the ability to pinpoint the root cause of any problem, whether it's code issues (like it was not written properly), developer errors, or anything else. It goes beyond just surface-level troubleshooting and digs deep to give you the real why. That's what sets it apart from the others. Imagine an application is having some issues. Elastic can tell if it's faulty code, a developer mistake, or anything else. It gives you the true root cause, not just the surface-level symptoms. That's its strength and why it stands out as the industry standard.

The initial setup is not complex to me. I've seen it displayed before in a demo presentation with Jakadaz. The solution is not difficult to use. It's very easy. Even as a non-technical person, I could interact with the application.

The deployment doesn't take long because we have experts who can help. It's available both in the cloud and on-premises, so it depends on the customer's choice.

It is a cost-effective solution. It is not expensive.

I would rate it a nine out of ten for now. It has a lot of features compared to other solutions. Its comprehensiveness and range of features are what make it stand out for application monitoring. I highly recommend it. It's very good because it's efficient, highly scalable, and has high availability. Additionally, cost-effectiveness is crucial in Nigeria due to exchange rates. Organizations need solutions that are affordable, and Elasticsearch fits the bill. I would absolutely recommend it to any organization.

Hybrid Cloud