Elastic Search Reviews

We use the product for log analytics and metrics features. 

We can easily collect all the data and view historical trends using the product. We can view the applications and identify the issues effectively.

They could improve some of the platform's infrastructure management capabilities. There should be better visualization and insights about the cost of the SaaS services, which are not effective. Additionally, there needs to be more native integrations to merge the data.

We have been using Elastic Search for about a year.

I rate the stability a ten out of ten.

It is a highly scalable application. We have 15 users in our management team. I rate the scalability an eight out of ten.

I have experience working with Splunk in the past.

The initial setup for the SaaS platform is quite easy. We took assistance from an engineer for the onboarding. Thus, it was straightforward for us. However, there could be a better integration with AWS.

I rate the process a seven out of ten.

I rate Elastic Search's pricing an eight out of ten.

By integrating Deepgram insights with the product, we've gained visibility into logging, service behavior, and cost optimization.

I rate Elastic Search a nine out of ten.

We use the solution for search engines and indexing. 

The solution is valuable for log analytics. 

The solution's integration and configuration are not easy. Not many people know exactly what to do.  

I have been working with the product for five years. 

The product's deployment took a couple of days to complete. 

The product's deployment was done in-house by myself. 

I would rate the product a nine out of ten. 

We are internal integrators. We are in the bigger group as of now, but other groups, our clients, are affiliates from our group. They are our internal clients. 

The solution is currently on-premises.

I was mostly responsible for the SOC team, and I helped them create the detection rules for the production. I wanted to know how it could be implemented in different kinds of products, like Sentinel.

The most valuable features are the detection and correlation features.

Something that could be improved is better integrations with Cortex and QRadar, for example. 

I have been using this solution for no more than one year. 

Not really, because I'm not the engineer and so most problems appear during the installations or maintenance and I'm not in developing infrastructure operations.

The price of Elasticsearch is fair. It is a more expensive solution, like QRadar. The price for Elasticsearch is not much more than other solutions we have.

I would say that Elasticsearch is better than all the other solutions. QRadar is getting better, but it is still behind Elasticsearch in my opinion.

I would rate this solution 8 out of 10.

I would recommend Elasticsearch if you don't have bigger budget limitations to use other enterprise solutions or if you want to avoid the vendor lock-in.

We use ELK Elasticsearch for storing application data logs.

Elasticsearch includes a graphical user interface (GUI) called Kibana. The GUI features are extremely beneficial to us.

Elasticsearch includes mechanisms for ingesting data into the cluster. So it would be great if those mechanisms could be simplified.

Improving machine learning capabilities would be beneficial.

I have been working with ELK Elasticsearch for four years.

We are using the latest version.

We have no issues with the stability of ELK Elasticsearch, it's quite reliable.

ELK Elasticsearch is a scalable product

This solution is used by five to ten people in our organization.

ELK Elasticsearch is used on a daily basis.

We have not contacted technical support.

We had a couple of issues that we were able to resolve by looking up the public information that is available on the internet.

There is a lot of community support for this solution.

The initial setup was straightforward and quite simple.

The installation took between six and eight hours to complete.

There is no maintenance required other than regular updates.

We completed the implementation internally.

Although the ELK Elasticsearch software is open-source, we buy the hardware.

The distributed installation is the way to go.

I would rate ELK Elasticsearch a nine out of ten.

Elasticsearch is one of the NoSQL databases available. My application is a microservices application where the data gets published on a Kafka cube. It allows us to connect to Kafka and get this data in a document format very easily. I'm using Elasticsearch as my backend processing database, where I'm building and reporting using Kibana.

I like how it allows us to connect to Kafka and get this data in a document format very easily. Elasticsearch is very fast when you do text-based searches of documents. That area is very good, and the search is very good.

The price could be better. Kibana has some limitations in terms of the tablet to view event logs. I also have a high volume of data. On the initialization part, if you chose Kibana, you'll have some limitations. Kibana was primarily proposed as a log data reviewer to build applications to the viewer log data using Kibana. Then it became a virtualization tool, but it still has limitations from a developer's point of view.

I have been using ELK Elasticsearch over the last two years.

The price could be better.

I would tell potential users that they have to locate the data source and understand the data. They will have to decide on whether they have to go for a NoSQL or a relational database. 

If it's NoSQL, then what kind of data are you seeing? If it's more textual data, then you're going to read more. So, I would recommend Elasticsearch. Otherwise, you have other databases like MongoDB and Cassandra.

On a scale from one to ten, I would give ELK Elasticsearch a seven.

We use this solution for log management. We collect many logs from Windows systems to later analyze them for security checks and audit purposes.

I have found the sort capability of Elastic very useful for allowing us to find the information we need very quickly.

The reports could improve.

I have been using this solution for approximately three years.

The solution is very stable and reliable.

The stability is good but we have only done vertical scaling and not horizontal at this time. We collection approximately 1,000 EPS and have three people using the solution in my organization.

There has been enough support available online for what we have been using the solution for.

The initial setup was easy because we used containers. It can be challenging to implement.

We did the implementation ourselves.

We are using the free open-sourced version of this solution.

I would recommend those wanting to implement this solution use integrators or consultants. However, we did not have any problems with the installation it can be difficult.

I rate ELK Elasticsearchan eight out of ten.

I am using it to get some hands-on experience and learn the product by searching, building use cases, test cases, dashboards, and visualizations.

With hands-on experience, you learn more about the product and how it works.

It should be easier to use. It has been getting better because many functions are pre-defined, but it still needs improvement.

If you have a large enterprise environment, it is costing a lot of money and it's not a full-blown SIEM. It has SIEM features but a lot is missing. You need to involve other products to make a SIEM out of it.

Some of the other products needed were Apache, Kafka, and ticket tools. It was custom made and not what I had expected in the end.

I would like to see them get closer to a full-blown orchestrated SIEM, and create predefined modules to bring you to using it as a SIEM faster, and on the fly instead of having to tweak the Grok filter for weeks.

I would like to see more pre-defined modules.

I have been using Elasticsearch for two weeks.

We are not using the latest version, but not an old version.

It's a stable solution and we have not had any issues.

The scalability is fine.

I have contacted technical support, once or twice. The experience was okay.

The initial setup was okay, not as easy as Splunk but it was manageable.

The pricing model is questionable and needs to be addressed because when you would like to have the security they charge per machine. If you are building any cluster and you are paying €6,000 per machine, that is expensive.

I think that Elasticsearch is a good product and cheaper than Splunk.

I like this solution, but it has too much hands-on time required tweaking to get it up and running.

I have no plans to continue using this product. Currently, I am focused on SIEMonster because I signed a partnership and I would like to sell a total product. It doesn't make sense to spread across multiple products. 

I would like to earn money out of it, so I'm focusing currently on SIEMonster.

I think that Elasticsearch is a good product and cheaper than Splunk.

When I check Gartner, I don't see mention of Elasticsearch, it seems they need to make some improvements.

I would rate this solution a seven out of ten.

I am using this product for a SIM solution.

Their anomaly detection engine is really good for example, compared to SolarWinds. You can ingest different pipelines. You have dashboards, it is visual, there are maps, you can create canvases. It's more visual than anything that I've ever used.

I have not been using the solution for many years to know exactly the improvements needed. However, they could simplify how the YML files have to be structured properly. If you want to ingest certain logs, you need to edit the YML file and connect it to your modules to start ingesting and parsing the end-user logs. Doing this is sometimes difficult and could be streamlined.

I have been using the product for approximately three months.

The customer service is very good.

I have used SolarWinds in the past.

The solution has a lot of features. They have machine learning jobs they can implement, I'm not there yet, but I can use anomaly detection to see there are various processes that can find users that aren't supposed to log onto certain machines. All of these features are visual and graphical. I can show it as a bar chart, a pie chart, I can Instagram, or I can split chart. The power to see everything on the front end is so much more powerful.

I rate ELK Elasticsearch a ten out of ten.