"In traditional BI solutions, you need to wait a lot of time to have the ability to create visualizations with the data and to do searches. With this kind of platform, you have that information in real-time."
"Even if it's a relatively technical tool or platform, it's very intuitive and graphical. It's very appealing in terms of the user interface. The UI has a graphically interface with the raw data in a table. The table can be as big as you want it, depending on your use case. You can easily get a report combining your data, along with calculations and graphical dashboards. You don't need a lot of training, because the UI is relatively very intuitive."
"One of the biggest features of the UI is that you see the actual code of what you're doing in the graphical user interface, in a little window on the side. Whatever you're doing, you see the code, what's happening. And you can really quickly switch between using the GUI and using the code. That's really useful."
"Those 400 days of hot data mean that people can look for trends and at what happened in the past. And they can not only do so from a security point of view, but even for operational use cases. In the past, our operational norm was to keep live data for only 30 days. Our users were constantly asking us for at least 90 days, and we really couldn't even do that. That's one reason that having 400 days of live data is pretty huge. As our users start to use it and adopt this system, we expect people to be able to do those long-term analytics."
"The user experience [is] well thought out and the workflows are logical. The dashboards are intuitive and highly customizable."
"The user interface is really modern. As an end-user, there are a lot of possibilities to tailor the platform to your needs, and that can be done without needing much support from Devo. It's really flexible and modular. The UI is very clean."
"Devo provides a multi-tenant, cloud-native architecture. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This allows for global views and/or isolated views restricted by access controls by company or business unit."
"The strength of Devo is not only in that it is pretty intuitive, but it gives you the flexibility and creativity to merge feeds. The prime examples would be using the synthesis or union tables that give you phenomenal capabilities... The ability to use a synthesis or union table to combine all those feeds and make heads or tails of what's going on, and link it to go down a thread, is functionality that I hadn't seen before."
"The solution is sufficiently stable."
"Its integration is most valuable because you can integrate it with various service providers such as AWS, .Net, etc."
"Having a wealth of information has helped us investigate outages, and having historical data helps us tune our system."
"The most valuable feature of Datadog is its logs."
"The interface and the integrations make it so easy to connect to the cloud or to the on-premise environment."
"Datadog's ability to group and visualize the servers and the data makes it relatively easy for the root cause analysis."
"Its logs are most valuable."
"Datadog has given us near-live visibility across our entire cloud platform."
"The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
"The most valuable feature for me is Discover."
"ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
"The feature that we have found the most valuable is scalability."
"I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."
"The most valuable feature is the ability to collect authentication information from service providers."
"The solution is quite stable. The performance has been good."
"We've found the initial setup to be quite straightforward."
"Devo has a lot of cloud connectors, but they need to do a little bit of work there. They've got good integrations with the public cloud, but there are a lot of cloud SaaS systems that they still need to work with on integrations, such as Salesforce and other SaaS providers where we need to get access logs."
"One major area for improvement for Devo... is to provide more capabilities around pre-built monitoring. They're working on integrations with different types of systems, but that integration needs to go beyond just onboarding to the platform. It needs to include applications, out-of-the-box, that immediately help people to start monitoring their systems. Such applications would include dashboards and alerts, and then people could customize them for their own needs so that they aren't starting from a blank slate."
"An admin who is trying to audit user activity usually cannot go beyond a day in the UI. I would like to have access to pages and pages of that data, going back as far as the storage we have, so I could look at every command or search or deletion or anything that a user has run. As an admin, that would really help. Going back just a day in the UI is not going to help, and that means I have to find a different way to do that."
"I would like to have the ability to create more complex dashboards."
"Technical support could be better."
"The Activeboards feature is not as mature regarding the look and feel. Its functionality is mature, but the look and feel is not there. For example, if you have some data sets and are trying to get some graphics, you cannot change anything. There's just one format for the graphics. You cannot change the size of the font, the font itself, etc."
"We only use the core functionality and one of the reasons for this is that their security operation center needs improvement."
"Some third-parties don't have specific API connectors built, so we had to work with Devo to get the logs and parse the data using custom parsers, rather than an out-of-the-box solution."
"I think better access to their engineers when we have a problem could be better."
"The setup was a bit complex."
"More pre-configured "Monitor Alerts" would be helpful."
"I'm still exploring the trial version, and it is fine. One thing that I haven't been able to figure out is how to retrieve a report. This is something that could be improved. I probably need to navigate to a place to access the reports."
"Could be a little more user friendly."
"It can have an artificial intelligence component. Even though I can seamlessly look at end-to-end security, it would be better to have alerts and notifications powered by an AI engine. I am not sure if they have an AI component. We have not reached out to them or looked at it, but this is something that I keep on talking about within our company in terms of features. Such a feature would be good to have, and it would further optimize my Security Ops team's abilities."
"The installation is easy for me. However, if you are new to this solution it might not be so easy."
"Datadog does not have the feature where you can monitor external websites or check the SSL secure for websites."
"We are paying dearly for the guy who is working on the ELK Stack. That knowledge is quite rare and hard to come by. For difficulty and availability of resources, I would rate it a five out of 10."
"Sometimes, the solution isn't the easiest to use."
"The process of designing dashboards is a little cumbersome in Kibana. Unless you are an expert, you will not be able to use it. The process should be pretty straightforward. The authentication feature is what we are looking for. We would love to have a central authentication system in the open-source edition without the need for a license or an enterprise license. If they can give at least a simple authentication system within a company. In a large organization, authentication is very essential for security because logs can contain a lot of confidential data. Therefore, an authentication feature for who accesses it should be there."
"The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics."
"The solution does not have a UI and this is one of the reasons we are looking for another solution."
"Upgrades currently released as stacks when it should be a plugin or an extension to save removal and reinstallation."
"In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts."
"This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage."
See how Devo allows you to free yourself from data management, and make machine data and insights accessible.
Datadog is ranked 3rd in Log Management with 26 reviews while ELK Logstash is ranked 7th in Log Management with 16 reviews. Datadog is rated 8.4, while ELK Logstash is rated 7.8. The top reviewer of Datadog writes "Provides insightful analytics and good visibility that assist with making architectural decisions". On the other hand, the top reviewer of ELK Logstash writes "It is quite comprehensive and you're able to do a lot of tasks". Datadog is most compared with Dynatrace, Splunk, New Relic APM, Azure Monitor and Amazon CloudWatch, whereas ELK Logstash is most compared with Splunk, Graylog, vRealize Log Insight, IBM QRadar and Elastic Beats. See our Datadog vs. ELK Logstash report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.
Datadog: Unify logs, metrics, and traces from across your distributed infrastructure. Datadog is the leading service for cloud-scale monitoring. It is used by IT, operations, and development teams who build and operate applications that run on dynamic or hybrid cloud infrastructure. Start monitoring in minutes with Datadog!
Datadog features offered are:
200+ turn-key integrations for data aggregation
Clean graphs of StatsD and other integrations
Elasticsearch: Open Source, Distributed, RESTful Search Engine. Elasticsearch is a distributed, RESTful search and analytics engine capable of storing data and searching it in near real time. Elasticsearch, Kibana, Beats and Logstash are the Elastic Stack (sometimes called the ELK Stack).
Elasticsearch provides the following key features:
Distributed and Highly Available Search Engine.
Multi Tenant with Multi Types.
Various set of APIs including RESTful
It depends on your requirement. If you are looking for a SIEM/log management solution ELK would be a better option.
But if you are looking for more of a monitoring solution Datadog would be better. Also, Datadog provides out-of-the-box integrations with a lot of cloud applications. ELK could be cost-effective but a bit challenging to configure & finetune.
Dear,
Unfortunately, I can't say much about Datadog but I have used ELK for a short period.
And I can tell you not everything works the way it should. For example, I noticed heavy CPU usage for a Windows client on MS AD servers. I advise you to consider this if it's important to you.
Good luck!
Where do you want to spend your money, on people or licenses?
ELK requires a long-term investment in engineering resources to manage the system and to provide the capability.
Datadog provides capabilities for you so you only need some administrators. What are the capabilities? Some critical ones include availability, scalability, consuming log files, platform upgrades, ...
If you are consuming smaller data sets (100's of GB) with shorter retention, the size and scaling are much easier making ELK easier.
Do you have admins or engineers? If your team doesn't have dedicated time & skills to spend developing solutions like elastic-alert you should look for a vendor to provide capabilities.
I expect some capabilities in Datadog you will not be able to replicate in ELK.... so that answer makes this obvious.
We are going to evaluate the same for our org. We do about 10 TB a day consumption in ELK and are looking to see if we can shift $$$ from engineers and infra to SaaS.
Can you tell me what you actually want to do so that I can help you?