We performed a comparison between Datadog and Elastic Security (formerly ELK Logstash) based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.
Comparison Results: Datadog and Elastic Security have a similar user rating for ease of deployment, and users of both felt that the solutions were expensive. Users felt Elastic Security took too long to respond when it came to service and support. In terms of features, reviewers of Datadog had a problem with stability and felt there wasn’t enough monitoring through their dashboard. Reviewers of Elastic Security said they had difficulty retrieving data and felt the solution should offer predictive maintenance.
"APM and tracing are super useful."
"Most of the features in the way Datadog does monitoring are commendable and that is the reason we choose it. We did some comparisons before picking Datadog. Datadog was recommended based on the features provided."
"Sometimes it's more user friendly for development teams. There are some parts of Datadog that are more understandable for development teams. For example, the APM in Datadog works more manually and works like the tools in New Relic or Grafana, or Elastic. It is easier to understand for software development teams."
"We've been able to glean from the monitors what servers are down, and can alert the team in Slack."
"The RUM solution has improved our ability to triage faster and hand more capabilities to our customer support."
"We really like the charts and visualization."
"We enjoy the multistep API tests."
"Datadog has so far been a breeze to use and set up."
"The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for."
"The most valuable features of the solution are the prevention methods and the incident alerts."
"The solution is quite stable. The performance has been good."
"Elastic Security allows us to deliver visibility in a few hours, which makes our customers more confident in our service."
"We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive."
"It's open-source and free to use."
"The cost is reasonable. It's not overly pricey."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"Deploying the agents is still very manual."
"Delta traces on the Golang profiler are extremely expensive concerning memory utilization."
"The ease of implementation needs improvement."
"I'm not sure if Datadog can monitor K8s deployments in real-time. For instance, being able to see a deployment step by step visually. This would be helpful if there were any incidents during the deployment."
"Datadog could make their use cases more visible either through their docs or tutorial videos."
"We need a lot of modules since we collect all data logs from all operating systems."
"Graph filters for logs need to be set manually which works well for JSON but not for unstructured logs."
"I would love to see more metrics or analytics in IoT devices."
"We'd like to see some more artificial intelligence capabilities."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"Elastic Security has a steep learning curve, so it takes some time to tune it and set it up for your environment. There are some costs associated with logging things that don't have value. So you need to be cautious to only log things that make sense and keep them around for as long as you need. You shouldn't hold onto things just because you think you might need them."
"Elastic Security provides a huge amount of searchable data, which is a great advantage in itself but is costly in terms of the number of servers used."
"There isn't really a very good user experience. You need a lot of training."
"There is room for improvement in the Kibana dashboard and in the asset management for the program."
"The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics."
"We are paying dearly for the guy who is working on the ELK Stack. That knowledge is quite rare and hard to come by. For difficulty and availability of resources, I would rate it a five out of 10."
Datadog is ranked 2nd in Log Management with 108 reviews while Elastic Security is ranked 8th in Log Management with 20 reviews. Datadog is rated 8.6, while Elastic Security is rated 7.4. The top reviewer of Datadog writes "Easy to set up and good UI but needs better customization capabilities". On the other hand, the top reviewer of Elastic Security writes "Integrates into the overall ELK Stack, scans for vulnerabilities well and offers good performance". Datadog is most compared with Dynatrace, New Relic, Azure Monitor, Splunk Enterprise Security and Zabbix, whereas Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Graylog, Microsoft Sentinel and Microsoft Defender for Endpoint. See our Datadog vs. Elastic Security report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
It depends on your requirement. If you are looking for a SIEM/log management solution ELK would be a better option.
But if you are looking for more of a monitoring solution Datadog would be better. Also, Datadog provides out-of-the-box integrations with a lot of cloud applications. ELK could be cost-effective but a bit challenging to configure & finetune.
Datadog: Unify logs, metrics, and traces from across your distributed infrastructure. Datadog is the leading service for cloud-scale monitoring. It is used by IT, operations, and development teams who build and operate applications that run on dynamic or hybrid cloud infrastructure. Start monitoring in minutes with Datadog!
Datadog features offered are:
200+ turn-key integrations for data aggregation
Clean graphs of StatsD and other integrations
Elasticsearch: Open Source, Distributed, RESTful Search Engine. Elasticsearch is a distributed, RESTful search and analytics engine capable of storing data and searching it in near real time. Elasticsearch, Kibana, Beats and Logstash are the Elastic Stack (sometimes called the ELK Stack).
Elasticsearch provides the following key features:
Distributed and Highly Available Search Engine.
Multi Tenant with Multi Types.
Various set of APIs including RESTful
Dear,
Unfortunately, I can't say much about Datadog but I have used ELK for a short period.
And I can tell you not everything works the way it should. For example, I noticed heavy CPU usage for a Windows client on MS AD servers. I advise you to consider this if it's important to you.
Good luck!
Where do you want to spend your money, on people or licenses?
ELK requires a long-term investment in engineering resources to manage the system and to provide the capability.
Datadog provides capabilities for you so you only need some administrators. What are the capabilities? Some critical ones include availability, scalability, consuming log files, platform upgrades, ...
If you are consuming smaller data sets (100's of GB) with shorter retention, the size and scaling are much easier making ELK easier.
Do you have admins or engineers? If your team doesn't have dedicated time & skills to spend developing solutions like elastic-alert you should look for a vendor to provide capabilities.
I expect some capabilities in Datadog you will not be able to replicate in ELK.... so that answer makes this obvious.
We are going to evaluate the same for our org. We do about 10 TB a day consumption in ELK and are looking to see if we can shift $$$ from engineers and infra to SaaS.
I have used both ELK and Datadog, and there are lots of variables to consider here. The three important points that I looked at are:
- Cost. In addition to service costs, you have to consider egress and ingress costs as well.
- Real-time observability that you need during development vs long-term Observability. Keep in mind, when you export data over the internet, it comes with the same reliability issues as any other service on the internet. Regardless of how Datadog classifies its service as real-time, it is not real-time, IMO. It very much depends on your definition of real-time.
- Deployment and maintenance complexity. When your ELK cluster grows it has some pain points you need to be aware of.
My general approach is to deploy ELK for development, tune the data, and then pivot toward commercial solutions if I need to. This gives you insight into your data and what you should be preserving and that way you are not paying high costs, when or if you do decide to take advantage of a commercial solution.
Can you tell me what you actually want to do so that I can help you?