Coming October 25: PeerSpot Awards will be announced! Learn more
Senior Consultant at sectecs
Consultant
Top 5Leaderboard
Stable with reasonable technical support, but it should be easier to use
Pros and Cons
  • "It's a stable solution and we have not had any issues."
  • "It should be easier to use. It has been getting better because many functions are pre-defined, but it still needs improvement."

What is our primary use case?

I am using it to get some hands-on experience and learn the product by searching, building use cases, test cases, dashboards, and visualizations.

With hands-on experience, you learn more about the product and how it works.

What needs improvement?

It should be easier to use. It has been getting better because many functions are pre-defined, but it still needs improvement.

If you have a large enterprise environment, it is costing a lot of money and it's not a full-blown SIEM. It has SIEM features but a lot is missing. You need to involve other products to make a SIEM out of it.

Some of the other products needed were Apache, Kafka, and ticket tools. It was custom made and not what I had expected in the end.

I would like to see them get closer to a full-blown orchestrated SIEM, and create predefined modules to bring you to using it as a SIEM faster, and on the fly instead of having to tweak the Grok filter for weeks.

I would like to see more pre-defined modules.

For how long have I used the solution?

I have been using Elasticsearch for two weeks.

We are not using the latest version, but not an old version.

What do I think about the stability of the solution?

It's a stable solution and we have not had any issues.

Buyer's Guide
Elastic Enterprise Search
September 2022
Learn what your peers think about Elastic Enterprise Search. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
632,539 professionals have used our research since 2012.

What do I think about the scalability of the solution?

The scalability is fine.

How are customer service and support?

I have contacted technical support, once or twice. The experience was okay.

How was the initial setup?

The initial setup was okay, not as easy as Splunk but it was manageable.

What's my experience with pricing, setup cost, and licensing?

The pricing model is questionable and needs to be addressed because when you would like to have the security they charge per machine. If you are building any cluster and you are paying €6,000 per machine, that is expensive.

Which other solutions did I evaluate?

I think that Elasticsearch is a good product and cheaper than Splunk.

What other advice do I have?

I like this solution, but it has too much hands-on time required tweaking to get it up and running.

I have no plans to continue using this product. Currently, I am focused on SIEMonster because I signed a partnership and I would like to sell a total product. It doesn't make sense to spread across multiple products. 

I would like to earn money out of it, so I'm focusing currently on SIEMonster.

I think that Elasticsearch is a good product and cheaper than Splunk.

When I check Gartner, I don't see mention of Elasticsearch, it seems they need to make some improvements.

I would rate this solution a seven out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Franco Fontana - PeerSpot reviewer
Business Intelligence at UTE
Real User
Top 5Leaderboard
Supports different languages for querying the database and has a free version and community support
Pros and Cons
  • "The flexibility and the support for diverse languages that it provides for searching the database are most valuable. We can use different languages to query the database."
  • "It is hard to learn and understand because it is a very big platform. This is the main reason why we still have nothing in production. We have to learn some things before we get there."

What is our primary use case?

We are mainly using it for analytics reports for the data taken from our call center. We are using the entire stack. We are using Kibana and Elasticsearch. Kibana is the front end for dashboards, reports, etc.  

What is most valuable?

The flexibility and the support for diverse languages that it provides for searching the database are most valuable. We can use different languages to query the database. 

What needs improvement?

It is hard to learn and understand because it is a very big platform. This is the main reason why we still have nothing in production. We have to learn some things before we get there.

I have reported and had discussions about several bugs at discuss.elastic.co, but that happens with many products. It is not only with this product.

For how long have I used the solution?

We have been using it for about one year, but it is not yet in our production environment.

What do I think about the stability of the solution?

It is reliable.

What do I think about the scalability of the solution?

If you use a cloud platform or a cloud environment, it is easy to scale. 

For on-premises, we are using OpenShift. We are using a cluster on OpenShift, and we are facing some issues, but they are not related to Elastic. They are related to our infrastructure of OpenShift because OpenShift is deployed on VMware, and the storage of VMware doesn't allow us to take backup snapshots in a secure way. We are thinking of migrating this cluster of OpenShift to another platform.

Currently, we have a few users of this product because we have been using it only for one year, and we are the first ones in our company. In the future, we will have more people involved with the product.

How are customer service and support?

We have only used their community support from the discuss.elastic.co site.

What's my experience with pricing, setup cost, and licensing?

There is a free version, and there is also a hosted version for which you have to pay.

We're currently using the free version. If things go well, we might go for the paid version.

What other advice do I have?

It is a good choice, but you have to take your time to learn it. Its learning curve can be hard. 

I would rate it an eight out of 10.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Buyer's Guide
Elastic Enterprise Search
September 2022
Learn what your peers think about Elastic Enterprise Search. Get advice and tips from experienced pros sharing their opinions. Updated: September 2022.
632,539 professionals have used our research since 2012.
Ayesha Imtiaz - PeerSpot reviewer
Senior Analyst at a tech services company with 10,001+ employees
Real User
Top 5Leaderboard
A very good product with good visualizations and stability
Pros and Cons
  • "I really like the visualization that you can do within it. That's really handy. Product-wise, it is a very good and stable product."
  • "They should improve its documentation. Their official documentation is not very informative. They can also improve their technical support. They don't help you much with the customized stuff. They also need to add more visuals. Currently, they have line charts, bar charts, and things like that, and they can add more types of visuals. They should also improve the alerts. They are not very simple to use and are a bit complex. They could add more options to the alerting system."

What is our primary use case?

We are primarily using it for monitoring. It is used for server monitoring.

What is most valuable?

I really like the visualization that you can do within it. That's really handy. Product-wise, it is a very good and stable product.

What needs improvement?

They should improve its documentation. Their official documentation is not very informative. They can also improve their technical support. They don't help you much with the customized stuff.

They also need to add more visuals. Currently, they have line charts, bar charts, and things like that, and they can add more types of visuals. 

They should also improve the alerts. They are not very simple to use and are a bit complex. They could add more options to the alerting system.

For how long have I used the solution?

I have been using this solution for one year.

What do I think about the stability of the solution?

Stability-wise, it is very good. Once the data starts coming in, it is very stable. I didn't find any big glitches in it.

How are customer service and technical support?

We contacted their technical support once. I didn't find them very good. They are there just to provide documentation and stuff. They don't help you much with the customized stuff. They could improve that. I would rate them a two out of five.

How was the initial setup?

It is complex because it is not Windows-based. It is Linux-based, so one must know Linux to deploy it properly. It is not a product that you can install with just multiple clicks. You need to understand it.

What was our ROI?

It seems good in terms of return on investment. It is a monitoring solution, and it triggers alerts before something happens. For example, it triggers an alert when the space in Windows reaches an 80% limit. I would say it is a good investment. We are able to fix things before they go wrong. If we didn't have Elasticsearch, things would go wrong, and we would be spending more time fixing them later on.

What other advice do I have?

I would advise others to first know Linux because it would most probably be on Linux. If you're good at Linux, you will be good at this as well.

I would rate ELK Elasticsearch an eight out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Kumar Mahadevan - PeerSpot reviewer
Kumar MahadevanIT Infrastructure Analyst at AG Group
Top 5LeaderboardReal User

You're right Ayesha. ELK stack is not for the faint of heart. One needs strong Linux admin skills and also to understand KQL, data structures, data pipelines, etc.



It is a very customizable product and if using an on-prem solution one needs to understand Sharding, Index Lifecycle management, etc.



Highly recommended.


HimanshuTejwani - PeerSpot reviewer
System Administrator and DevOps Engineer at a tech services company with 10,001+ employees
Real User
Top 5Leaderboard
Has a good UI with good performance although deployment requires multiple applications
Pros and Cons
  • "The UI is very nice, and performance wise it's quite good too."
  • "The different applications need to be individually deployed."

What is our primary use case?

Our primary use case of this solution is for monitoring our logs and infrastructure. We are customers of ELK and I'm a system administrator. 

What is most valuable?

A positive feature of ELK is that it directly interacts with Elasticsearch. The UI is very nice, and performance wise it's quite good too. A key feature is that this is a reasonably priced monitoring solution.

What needs improvement?

We run this solution on multiple servers. ELK has three lanes which comprise a single package made up of Elasticsearch, Logstash, and Kibana. To my mind, this is not efficient because we have to individually deploy the different applications. In contrast, we're able to deploy Splunk with a singe application. Implementing the dashboards is also quite difficult. With Splunk and Nagios it's much easier to directly interact with Elasticsearch. I'd like to see some additional features in the front end which currently make it a bit difficult to implement and it should be simplified.

For how long have I used the solution?

I've been using this solution for six months. 

What do I think about the stability of the solution?

This solution is stable. 

What do I think about the scalability of the solution?

This is a scalable solution, we have eight to 10 users. We had initially planned to expand use of ELK because of its cheap price and the services that are included, but given the difficulty with implementation we've decided to go with Nagios instead. 

How are customer service and technical support?

The technical support people are very knowledgeable but the response time is quite slow which is not very good. 

How was the initial setup?

The initial setup of ELK is more difficult than the setup of other monitoring applications. I was able to carry out the deployment alone. 

What other advice do I have?

For anyone looking to implement a monitoring product with almost no cost or at a cheaper price, I would suggest the ELK stack. However, it does require a high skill set because of the difficulty with implementation. 

I would rate this solution a six out of 10. 

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Thabiso Mofokeng - PeerSpot reviewer
IBM MQ Specialist / Administrator at a financial services firm with 10,001+ employees
Real User
Top 5Leaderboard
Useful log visualizations and highly stable
Pros and Cons
  • "The most valuable feature of Elastic Enterprise Search is the Discovery option for the visualization of logs on a GPU instead of on the server."
  • "Elastic Enterprise Search could improve its SSL integration easier. We should not need to go to the back-end servers to do configuration, we should be able to do it on the GUI."

What is our primary use case?

I am using Elastic Enterprise Search for the visualization of logs.

What is most valuable?

The most valuable feature of Elastic Enterprise Search is the Discovery option for the visualization of logs on a GPU instead of on the server.

What needs improvement?

Elastic Enterprise Search could improve its SSL integration easier. We should not need to go to the back-end servers to do configuration, we should be able to do it on the GUI. 

For how long have I used the solution?

I have been using Elastic Enterprise Search for two years.

What do I think about the stability of the solution?

Elastic Enterprise Search has been a stable solution for me for the whole time I have been using it.

What do I think about the scalability of the solution?

I am using Elastic Enterprise Search on-premise and it cannot scale. However, they do have a cloud option.

We have approximately 100 people using this solution in my organization. We use it on a daily basis.

Which solution did I use previously and why did I switch?

I have not used other similar solutions to Elastic Enterprise Search.

How was the initial setup?

The setup of Elastic Enterprise Search is not normally easy but I was running it on top of Docker which made it easy.

I rate the initial setup of Elastic Enterprise Search a three out of five.

What about the implementation team?

I have configured the solution myself and it has provided me with what I want. I do maintenance of the solution once every other week.

What's my experience with pricing, setup cost, and licensing?

The version of Elastic Enterprise Search I am using is open source which is free. The pricing model should improve for the enterprise version because it is very expensive.

Which other solutions did I evaluate?

We chose Elastic Enterprise Search over other solutions because the interface was easy to use.

What other advice do I have?

I rate Elastic Enterprise Search a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Technical Manager at a computer software company with 51-200 employees
Real User
Top 5Leaderboard
A search and analytics engine that's very fast, but the price could be better
Pros and Cons
  • "I like how it allows us to connect to Kafka and get this data in a document format very easily. Elasticsearch is very fast when you do text-based searches of documents. That area is very good, and the search is very good."
  • "The price could be better. Kibana has some limitations in terms of the tablet to view event logs. I also have a high volume of data. On the initialization part, if you chose Kibana, you'll have some limitations. Kibana was primarily proposed as a log data reviewer to build applications to the viewer log data using Kibana. Then it became a virtualization tool, but it still has limitations from a developer's point of view."

What is our primary use case?

Elasticsearch is one of the NoSQL databases available. My application is a microservices application where the data gets published on a Kafka cube. It allows us to connect to Kafka and get this data in a document format very easily. I'm using Elasticsearch as my backend processing database, where I'm building and reporting using Kibana.

What is most valuable?

I like how it allows us to connect to Kafka and get this data in a document format very easily. Elasticsearch is very fast when you do text-based searches of documents. That area is very good, and the search is very good.

What needs improvement?

The price could be better. Kibana has some limitations in terms of the tablet to view event logs. I also have a high volume of data. On the initialization part, if you chose Kibana, you'll have some limitations. Kibana was primarily proposed as a log data reviewer to build applications to the viewer log data using Kibana. Then it became a virtualization tool, but it still has limitations from a developer's point of view.

For how long have I used the solution?

I have been using ELK Elasticsearch over the last two years.

What's my experience with pricing, setup cost, and licensing?

The price could be better.

What other advice do I have?

I would tell potential users that they have to locate the data source and understand the data. They will have to decide on whether they have to go for a NoSQL or a relational database. 

If it's NoSQL, then what kind of data are you seeing? If it's more textual data, then you're going to read more. So, I would recommend Elasticsearch. Otherwise, you have other databases like MongoDB and Cassandra.

On a scale from one to ten, I would give ELK Elasticsearch a seven.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Disclosure: I am a real user, and this review is based on my own experience and opinions.
PeerSpot user
Executive VP Operation Aqua + South East Asia at a manufacturing company with 10,001+ employees
Real User
Useful log searching, highly scalable, and reliable
Pros and Cons
  • "The most valuable feature of Elastic Enterprise Search is the opportunity to search behind and between different logs."
  • "Elastic Enterprise Search can improve by adding some kind of search that can be used out of the box without too much struggle with configuration. With every kind of search engine, there is some kind of special function that you need to do. A simple out-of-the-box search would be useful."

What is our primary use case?

We are using Elastic Enterprise Search for monitoring and alerting. It will look for any kind of possible error that is on the infrastructure side and give notifications.

What is most valuable?

The most valuable feature of Elastic Enterprise Search is the opportunity to search behind and between different logs.

What needs improvement?

Elastic Enterprise Search can improve by adding some kind of search that can be used out of the box without too much struggle with configuration. With every kind of search engine, there is some kind of special function that you need to do. A simple out-of-the-box search would be useful.

In the next release, they could improve on the scheduling and alert features.

For how long have I used the solution?

I have been using Elastic Enterprise Search for a couple of years.

What do I think about the stability of the solution?

Elastic Enterprise Search is stable.

What do I think about the scalability of the solution?

Everything is managed by Amazon AWS, making Elastic Enterprise Search highly scalable.

We have approximately eight engineers using this solution in my company.

How are customer service and support?

I have not contacted support.

How was the initial setup?

The initial setup of Elastic Enterprise Search was straightforward.

What about the implementation team?

We did the implementation of Elastic Enterprise Search in-house with one person and it was up and running within a couple of days. There is detailed documentation that helped us.

There is fine-tuning needed, but that's never-ending because every time you add a new server, features, or tools inside you have to tune it a little bit better for the alerts.

What other advice do I have?

Elastic Enterprise Search is an open-source solution.

I rate Elastic Enterprise Search a ten out of ten.

Which deployment model are you using for this solution?

Public Cloud

If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?

Amazon Web Services (AWS)
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Flag as inappropriate
PeerSpot user
Sudeera Mudugamuwa - PeerSpot reviewer
Co-Founder at a tech services company with 1-10 employees
Real User
Top 20
Reliable, open-source, with good community support, and easy to install

What is our primary use case?

We use ELK Elasticsearch for storing application data logs.

What is most valuable?

Elasticsearch includes a graphical user interface (GUI) called Kibana. The GUI features are extremely beneficial to us.

What needs improvement?

Elasticsearch includes mechanisms for ingesting data into the cluster. So it would be great if those mechanisms could be simplified.

Improving machine learning capabilities would be beneficial.

For how long have I used the solution?

I have been working with ELK Elasticsearch for four years.

We are using the latest version.

What do I think about the stability of the solution?

We have no issues with the stability of ELK Elasticsearch, it's quite reliable.

What do I think about the scalability of the solution?

ELK Elasticsearch is a scalable product

This solution is used by five to ten people in our organization.

ELK Elasticsearch is used on a daily basis.

How are customer service and support?

We have not contacted technical support.

We had a couple of issues that we were able to resolve by looking up the public information that is available on the internet.

There is a lot of community support for this solution.

How was the initial setup?

The initial setup was straightforward and quite simple.

The installation took between six and eight hours to complete.

There is no maintenance required other than regular updates.

What about the implementation team?

We completed the implementation internally.

What's my experience with pricing, setup cost, and licensing?

Although the ELK Elasticsearch software is open-source, we buy the hardware.

What other advice do I have?

The distributed installation is the way to go.

I would rate ELK Elasticsearch a nine out of ten.

Which deployment model are you using for this solution?

On-premises
Disclosure: My company has a business relationship with this vendor other than being a customer: Partner
PeerSpot user