We performed a comparison between Datadog and Elastic Security (formerly ELK Logstash) based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Datadog and Elastic Security have a similar user rating for ease of deployment, and users of both felt that the solutions were expensive. Users felt Elastic Security took too long to respond when it came to service and support. In terms of features, reviewers of Datadog had a problem with stability and felt there wasn’t enough monitoring through their dashboard. Reviewers of Elastic Security said they had difficulty retrieving data and felt the solution should offer predictive maintenance.
"The most valuable aspect is the APM which can monitor the metrics and latencies."
"The solution has helped out organization gain improved visibility."
"The solution is sufficiently stable."
"The fact that everything is under a single pane of glass is really valuable, as developers don't have to spend their time copying correlation IDs across tools to find what they need."
"Sometimes it's more user friendly for development teams. There are some parts of Datadog that are more understandable for development teams. For example, the APM in Datadog works more manually and works like the tools in New Relic or Grafana, or Elastic. It is easier to understand for software development teams."
"The interface and the integrations make it so easy to connect to the cloud or to the on-premise environment."
"Having a wealth of information has helped us investigate outages, and having historical data helps us tune our system."
"It has scaled great. I haven't run into any problems anywhere that I've used it. They have handled everything that we have needed them to."
"I like that it's a SIEM platform. I like that I can sell Elastic Security quickly. Elastic Security has a large community that can support users."
"The feature that we have found the most valuable is scalability."
"It's a good platform and the very best in the current market. We looked at the Forester report from December 2022 where it was said to be a leader."
"The scalability is good. It can be scaled easily in the production environment."
"We like Elastic Security because it's a REST API-based solution. That's the primary reason we use it."
"The most valuable thing is that this solution is widely used for work management and research. It's easy to jump into the security use case with the same technology."
"Just the ability to do a lot more than just up-down is nice, which a lot of people take for granted."
"ELK documentation is very good, so never needed to contact technical support."
"The Log Explorer could be better. I don't think it has log manipulation as Splunk does."
"The correlation between the logs and the metrics needs improvement as most cases, we might use another logging tool (that is cheaper in cost) which we then have to link together."
"Its pricing model can be improved. Its settings should be improved for a better understanding of billing. They should also provide some alerts when there is an increase in the usage. For example, if there is 20% more increase from one week to another, the customer should get an alert."
"It would be ideal if the product offered a bit more monitoring from our dashboard."
"The parallel editing of the dashboards should not cause users to lose the work of another person."
"Sometimes it’s difficult to customize certain queries to find specific things, specifically with the logging solution."
"At the beginning, when we started throwing logs at it, there was a bit of hiccup. However, this was during their beta period, so hiccups were expected."
"It would also be nice if we had more insight into our own usage of Datadog (agents and custom metrics). They provide a usage page which does help, but it is not in real-time."
"We set up a cron job to delete old logs so that we wouldn't hit a disk space issue. Such a feature should be available in the UI, where old logs can be deleted automatically. (Don’t know if this feature is already there)."
"Elastic has one problem. In the past, Elastic Security was free. Now, they currently only offer the basic license or a certain period of time."
"The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there."
"The Integration module could be improved. It is a pain to build integration with any product. We have to do parking and so on. It's not like other commercial solutions that use profile integration. I would also see more detection features on the SIEM side."
"With Elastic Security, the challenge arises from the fact that there is a learning curve in relation to queries and understanding the query language provided to extract usable data."
"Better integration with third-party APMs would be really good."
"Its documentation should be a bit better. I have to spend at least a couple of hours to find the solution for a simple thing. When we buy Elastic, training is not included for free with Elastic. We have to pay extra for the training. They should include training in the price."
"We'd like to see some more artificial intelligence capabilities."
Datadog is ranked 2nd in Log Management with 136 reviews while Elastic Security is ranked 5th in Log Management with 58 reviews. Datadog is rated 8.6, while Elastic Security is rated 7.6. The top reviewer of Datadog writes "Very good RUM, synthetics, and infrastructure host maps". On the other hand, the top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". Datadog is most compared with Dynatrace, Azure Monitor, New Relic, AWS X-Ray and AppDynamics, whereas Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel and Microsoft Defender for Endpoint. See our Datadog vs. Elastic Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
It depends on your requirement. If you are looking for a SIEM/log management solution ELK would be a better option.
But if you are looking for more of a monitoring solution Datadog would be better. Also, Datadog provides out-of-the-box integrations with a lot of cloud applications. ELK could be cost-effective but a bit challenging to configure & finetune.
Datadog: Unify logs, metrics, and traces from across your distributed infrastructure. Datadog is the leading service for cloud-scale monitoring. It is used by IT, operations, and development teams who build and operate applications that run on dynamic or hybrid cloud infrastructure. Start monitoring in minutes with Datadog!
Datadog features offered are:
200+ turn-key integrations for data aggregation
Clean graphs of StatsD and other integrations
Elasticsearch: Open Source, Distributed, RESTful Search Engine. Elasticsearch is a distributed, RESTful search and analytics engine capable of storing data and searching it in near real time. Elasticsearch, Kibana, Beats and Logstash are the Elastic Stack (sometimes called the ELK Stack).
Elasticsearch provides the following key features:
Distributed and Highly Available Search Engine.
Multi Tenant with Multi Types.
Various set of APIs including RESTful
Dear,
Unfortunately, I can't say much about Datadog but I have used ELK for a short period.
And I can tell you not everything works the way it should. For example, I noticed heavy CPU usage for a Windows client on MS AD servers. I advise you to consider this if it's important to you.
Good luck!
Where do you want to spend your money, on people or licenses?
ELK requires a long-term investment in engineering resources to manage the system and to provide the capability.
Datadog provides capabilities for you so you only need some administrators. What are the capabilities? Some critical ones include availability, scalability, consuming log files, platform upgrades, ...
If you are consuming smaller data sets (100's of GB) with shorter retention, the size and scaling are much easier making ELK easier.
Do you have admins or engineers? If your team doesn't have dedicated time & skills to spend developing solutions like elastic-alert you should look for a vendor to provide capabilities.
I expect some capabilities in Datadog you will not be able to replicate in ELK.... so that answer makes this obvious.
We are going to evaluate the same for our org. We do about 10 TB a day consumption in ELK and are looking to see if we can shift $$$ from engineers and infra to SaaS.
I have used both ELK and Datadog, and there are lots of variables to consider here. The three important points that I looked at are:
- Cost. In addition to service costs, you have to consider egress and ingress costs as well.
- Real-time observability that you need during development vs long-term Observability. Keep in mind, when you export data over the internet, it comes with the same reliability issues as any other service on the internet. Regardless of how Datadog classifies its service as real-time, it is not real-time, IMO. It very much depends on your definition of real-time.
- Deployment and maintenance complexity. When your ELK cluster grows it has some pain points you need to be aware of.
My general approach is to deploy ELK for development, tune the data, and then pivot toward commercial solutions if I need to. This gives you insight into your data and what you should be preserving and that way you are not paying high costs, when or if you do decide to take advantage of a commercial solution.
Can you tell me what you actually want to do so that I can help you?