I can describe a project where we use Elasticsearch, Logstash, and Kibana (ELK stack) for our archiving objectives. I work in the security department of a Fintech company in the payment industry. We use the ELK stack to connect our internal systems with the bank's systems and we used Beats for data collection. We then store and forward this data to Elasticsearch for indexing and analysis, visualize and create alerts using Kibana based on categorized access logs, identifying and blocking malicious traffic or payloads.
Logsign provides us with the capability to execute multiple queries according to our requirements. The indexing is very high, making it effective for storing and retrieving logs. The real-time analytics with Elastic benefits us due to the huge traffic volume in our organization, which reaches up to 60,000 requests per second. With logs of approximately 25 GB per day, manually analyzing traffic behavior, payloads, headers, user agents, and other details is impractical.
I don't see improvements at the moment. The current setup is working well for me, and I'm satisfied with it. Integrating with different platforms is also fine, and I'm not recommending any changes or enhancements right now.
I have been using Elastic Search for the past year.
It is scalable. We have multiple NGINX nodes and use horizontal scaling to handle traffic. Our system can handle the Indian UPI settlement and process sixty-seven thousand requests per second.
We subscribed to NGINX for technical support, and they were helpful during the installation phase. There is a lack of community support for GRPC, which needs improvement.
The deployment is easier for experienced but beginners may face difficulties during installation. They could easily outline the recommended steps for deployment.
we are using a licensed version of the product.
We are fully satisfied with the usage and support, rating it 8 out of 10. I recommend NGINX for managing traffic due to its multiple functionalities like load balancing, proxy management, and caching.