Elastic Search Reviews

In my project, Elasticsearch is used to query terms for search and to provide data boards for our project team.

We have some important IT systems which provide support for our business processes. Money is a big issue. If something happens to the IT systems, we lose some money. 

We built Elasticsearch solutions to help us to search more quickly. After that, we can calculate how much money we can save by implementing Elasticsearch as a solution.

We had many reasons to implement Elasticsearch for search term solutions. Elasticsearch products provide enterprise landscape support for different areas of the company.

Elasticsearch is useful for different business processes, but there are some problems. We discuss these problems with the vendor and with our in-house team. We see the need for some improvements with Elasticsearch. 

We would like the Elasticsearch package to include training lessons for our staff.

Elasticsearch is stable. We have a normal relationship with the vendor and we have enough support.

Elasticsearch is very scalable. This was one of the most important points of our decision. We use Elasticsearch with about 1000 users. Now have two sets of solutions:

• One set works with the dashboard from the project team's site.
• A second set works with the enterprise department involved with two roles. 

As for the staff, we have an infrastructure team dedicated to Search. I can't answer quickly how many people we use for that. For maintenance, we employ about three to five experts.

We are planning to increase our Elasticsearch usage. We have the plan because some Elasticsearch systems integrate with other products and we must grow.

If we discuss technical support from the vendor, it's the first line of support and we don't need very quick response times in the first support line. 

If we discuss the second line of support, it must be conducted very quickly. About technical support from the vendor, it's not fast. It's normal.

I previously provided some activities with Splunk solutions. My colleague in another department also used Splunk.

We did not have difficult trouble installing and configuring Elasticsearch. The setup is straightforward.

The implementation depends on what part of the solution. In some areas and for some Elasticsearch installation tasks, we wanted third-party consultation support.

We don't integrate Elasticsearch on enough systems to complete the estimate of ROI.

For the next project, we might buy the license, but we don't use it now. I don't know exactly what the license fee for Elasticsearch is currently.

This is a difficult question because we had a specific reason for choosing Elasticsearch. Different solutions provide different benefits. We compare these and choose one solution over another. 

Overall, it depends on the manufacturers. We compared Elasticsearch with other products like Riverbed, for example.

In general, we have many advantages from the features of Elasticsearch, but there are questions mostly about money, not about technical features, that are of concern.

I would rate Elasticsearch eight/nine out of ten. We have enough possibilities and features with Elasticsearch for our business requirements.

Various purposes, mainly log analysis.

This product has notably improved the way we store and use logs, from having a more user-friendly, centralized solution (for those who just needed a quick glance, without being masters of sed and awk) to implementing various mechanisms for machine-learning from our logs, and sending alerts for anomalies.

The three major features which won us over to Elasticsearch were:

• The well written documentation
• The already available integrations with multiple other tools related to our needs (like Logstash, Kibana)
• The easy with which scalability was achieved.

There are some areas in which Elasticsearch could improve: 

By honoring Unix environmental variables and not relying only on those provided by Java (e.g. installing plugins over the Unix http proxy). 

Performance improvement could come from skipping background refresh on search idle shards (which is already being addressed in the upcoming seventh version).

Until now, we have not run into any issues running Elasticsearch that were not based on bad capacity planning based by us.

Elasticsearch is a very easy to scale product, compared to other similar technologies.

To date, we haven't had the chance to use Elasticsearch's technical support.

We cannot disclose the previous solution, but we are much happier with Elasticsearch.

Our initial setup was very easy to do.

We evaluated HBase and Cassadnra.

ELK has helped my team leverage a powerful and efficient capability that is comparable to more costly solutions.

The ability to aggregate log and machine data into a searchable index reduces time to identify and isolate issues for an application. Saves time in triage and incident response by eliminating manual steps to access and parse logs on separate systems, within large infrastructure footprints.

Enterprise scaling of what have been essentially separate, free open source software (FOSS) products has been a challenge, but the folks at Elastic have published new add-ons (X-Pack and ECE) to help large companies grow ELK to required scales.

No issues with stability.

We encountered issues with scalability.

Not applicable, for my team's experience with ELK. Being a FOSS, there is limited support from Elastic without a service – support, consulting, training. There is wealth of information on the web and a growing community of users to lean on for support, though.

Yes, we had a previous solution but we did not switch. We use multiple log analysis engines. Where we have funds to support commercial, off-the-shelf tools (COTS), we have seen more immediate benefits. Where we must go with low/no-cost FOSS, we use ELK.

Initial setups were complex years ago, but they are more straightforward in the current offering. ELK is essentially a collection of products that each requires infrastructure and expertise to set up independently, and connecting them to gain a functional tool requires still more expertise.

This is a free, open source software (FOSS) tool, which means no cost on the front-end. There are no free lunches in this world though. Technical skill to implement and support are costly on the back-end with ELK, whether you train/hire internally or go for premium services from Elastic.

Splunk, Sumo Logic, and IBM’s Operation Analytics.

Try it out. There is little to lose but time.

Elasticsearch helps us to store the data in key value pairs and, based on that, we can produce visualisations in Kibana. It helps us to analyse the logs based on the location, user, and other log parameters.

It needs email notification, similar to what Logentries has. Because of the notification issue, we moved to Logentries, as it provides a simple way to receive notification whenever a server encounters an error or unexpected conditions (which we have defined using RegEx).

No stability issues.

Not really any scalability issues, but we have set up a cron job to delete old logs so that we don’t hit the disk space issues. It would be helpful if such a feature were added to the UI, where old logs could be deleted automatically. (Don’t know if this feature is already there).

ELK documentation is very good, so we have never needed to contact technical support.

We used Logentries. Because of open source we moved to ELK, considering it as part of a cost-cutting strategy and evaluation. But due to the lack of a notification feature, we again moved to Logentries.

Slightly complex, especially when you are configuring a machine which is on a separate IP, rather than on a single machine. In my case, Elasticsearch, Kibana and Logstash were on different machines. Along with that, we added a proxy server (nginx) ahead of the Kibana server. We used the proxy server for user authentication so that only known users would be able to access the Kibana dashboard. ELK's free version doesn't have user authentication, and this forced us to go with this alternative. We have four machines in total.

When we were using the Amazon Elasticsearch Service we had one cluster of Elasticsearch which, by default, gave us the Kibana dashboard. We just added a proxy server for user authentication.

Graylog, Fluentd.

I give it a seven out of 10. They don't provide user authentication and authorisation (shield) as a part of their open source version.

Nice to implement, they have nicely written documentation.

• Fast search
• Relevant results returned
• Autocomplete/fuzzy search

• Search 
• To implement the main requirements regarding my support portal.

Machine learning on search.

No issues. It is very stable.

No issues. It is easy to scale with the cluster node model.

I would rate technical support with a nine out of 10. Support is very reactive and proactive.

We did have a previous solution. It was a monster to install and configure.

The initial setup was straightforward.

The pricing and license model are clear: node-based model. 

We evaluated Solr.

The search product is a product exposing API. Therefore, be comfortable in developing your own front-end to integrate the Search API.

We use ELK primarily for enterprise monitoring and analytics through log ingestion. The data collected in Elasticsearch will be used for near real-time monitoring, analytics, and machine learning.

All new applications have been onboarded and used by the application teams. The initial feedback has been positive, and its capabilities seem to be a descent fit for our needs.

ELK being an open source certainly provided a platform for our organization to get involved. 

X-Pack provides good features, like authorization and alerts. An X-Pack license is more affordable than Splunk.

Logstash has been a challenge and needs improvements in data ingestion reconciliation. The Kibana Cross Cluster feature is long awaited and I hope 6.0 will address it without issues.

ELK has been considered as an alternative to Splunk to reduce licensing costs.

ELK provides 

• good end to end log monitoring
• Logstash grok pattern
• elasticserach indexing
• easily configurable Kibana dashboards
• feature rich and appealing Kibana UI, as its USP.

The product offers a powerful, cost effective solution for proprietary log management and is easy to understand and start with. This saves cost as well as enhances usability.

The open source version should ship basic security versions with it. Alerting is an important feature which is not available in the open source stack.

About two years.

Stability issues can be seen with Logstash and can be addressed using Kafka. Also, data collections may not be 100% optimal using Filebeat and could be further improved.

The product is highly scalable, especially on the database side (elasticserach).

Have worked on the open source version and, hence, I don't have much information about tech support.

I have not worked with another solution.

The setup is straightforward for PoC, but becomes complex while scaling it or deploying it for production.

Yes, I evaluated GrayLog and Fluentd, but ELK was more feature rich.

The ELK open source stack is rich in features but lacks the essential security features.

ELK is one of the best open source alternatives for log management. If alerting and security features can be built by the team internally, on top of the stack, then the product is for sure going to add a lot of value to business.

We are using ELK Elasticsearch in a database. We use both Logstash and Kibana. Kibana is used for monitoring where the data is coming from.

The solution has good security features. I have been happy with the dashboards and interface.

There are some features lacking in ELK Elasticsearch.

I have been using ELK Elasticsearch for approximately two years.

We had some stability issues where we could not access the application.

We have approximately five people in my organization using ELK Elasticsearch.

All the installations were directly set up on the local servers.

The solution is free.

Elasticsearch is open source.

I rate ELK Elasticsearch an eight out of ten.