Elastic Security Reviews

I was using this product up until recently when I changed companies, but I have been asked to implement logging in my new role and this is one of the options that I am considering.

It was used in conjunction with Kibana to examine our logs and perform debugging. When a user complained about misbehavior in an application, we would research the logs, test, and try to find out where the bug is.

The most valuable feature for me is Discover. I have not used all of the features, so I can't say that this will be best for everyone.

I would like the process of retrieving archived data and viewing it in Kibana to be simplified.

We ran into trouble once or twice regarding problems with timestamps that came about because of issues with memory. Consequently, the correct data was not logged and it had to be done again.

I used this product for about eight months, up until about two months ago.

We were using this solution once or twice every couple of weeks when we encountered a bug. I found that it was stable.

I have not tested scalability. In my previous company, there were 20 people on the team, but only the backend developers were using ELK Logstash. This was perhaps 10 users.

We hosted this solution ourselves, so there was no technical support.

We have used Graylog in the past, but it was self-hosted and the experience wasn't great.

I did not do the initial setup myself.

My colleague deployed this solution for me.

This is an open-source product, so there are no costs.

When my colleague set up this application, it was configured such that every seven days, the data is archived into long-term storage. When I needed something from the archived logs, it was easy to retrieve and I could look through them again. This is something that I would suggest doing.

My suggestion for anybody who is implementing ELK Logstash is to make sure that the entire team knows how to use it. If only one person knows it and takes care of it, then it is not a very productive experience. On the other hand, if everybody is familiar with it, the experience will be much better.

This is definitely a product that I recommend using.

I would rate this solution an eight out of ten.

We use Logstash to retrieve data from our servers, from different sources, to our Elastic Stack. There, Elastic Search allows us to search it, and we can visualize the data with Kibana.

I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash.

Our system architect has noticed a slowdown of the solution, but I don't see a slowdown.

One thing they could add is a quick step to enable users who don't have a solid background to build a dashboard and quickly search, without difficulty.

We have been using Elastic Stack for about three years.

The solution is stable. We also monitor the Elastic Stack health and it's been a while since we have had an issue. The stability doesn't cause any problems. It's good. We haven't had any major issues.

For now, we haven't had any problems. I'm just a user. I'm not the one responsible for the total solution. I use Kibana for the dashboard to detect any errors in our servers.

But for the future, perhaps we will need to scale our solution because we deploy new components and we implement new servers on Azure. 

The solution is maintained by dedicated architects who provide us with a solid platform. There is no direct support from Elastic Stack. We don't have any issue or any problem which requires support.

I'm a system engineer. The architects who set up these solutions did it before I worked here.

I learned how to use it by doing searches and finding information about it.  I learned to use it very quickly. The documentation is very simple to use, as long as you have some technical background in computers.

Elastic Stack is an open-source tool. You don't have to pay anything for the components.

Think carefully about how you will build the solution so that it is a high-availability solution. That is the trick when using Elastic Stack. Examine what your needs are.

I would rate Logstash at eight out of 10. I think the solution is really complete, with the components it has. It is a good solution. 

The primary use of this solution is to gather authentication information and use it to determine which identity provider is breaking on which service provider. We store it as anonymized session information for each user.

The most valuable feature is the ability to collect authentication information from service providers.

Configuring the server is difficult and can be improved.

I would like to have a high availability set up that is easy to configure. Anything that supports high availability or ease of deployment in a highly available environment would help to improve this solution.

I had been using Logstash for about three years. I am no longer using it but the people that I used to work with are.

We did not have any issues in terms of stability or performance.

Scalability was not a problem for us.

We did not have to contact technical support.

The initial setup is pretty straightforward.

Our deployment took quite some time but it was not because of Logstash issues. It was a more complex situation because we didn't have access to all of the nodes that we wanted to forward. So, it took between 10 and 15 months to deploy, although it was for administrative reasons as opposed to technical ones.

I had my own team for working with this solution but it was not for a single company. Our team was associated with a European partner and it was distributed around European cities.

My advice for anybody who is implementing this system is to set it up so that you can manage it remotely.

Overall, this product does what it is supposed to do, although there is always room for improvement.

I would rate this solution a nine out of ten.

We are using Elastic Security as part of the Elastic Search component. The solution provides us with security, such as threat protection.

The most valuable features of Elastic Security are it is open-source and provides a high level of security.

Elastic Security could improve the documentation. It would help if they were more simple and clean.

I have used Elastic Security for approximately two years.

We have one person using this solution.

I have used the community support for Elastic Security. Sometimes the support is helpful and sometimes it is not.

I have used other similar solutions in the past.

The initial setup of Elastic Security is straightforward. However, the documentation could improve. The deployment can be done in approximately 15 minutes.

I have seen a return on investment using this solution.

The solution can take up to 20 minutes to maintain when needed.

I rate Elastic Security a seven out of ten.

In my previous organization, I used this for central log management, increasing developer productivity.

Elasticsearch Indexing and the Visualize tools of Kibana.

Authentication is not a default in Kibana. We need to have another tool to have authentication and authorization. These two should be part of Kibana.

No issues with stability.

We had issues with scalability. Logstash was not scaling and aggregation was getting delayed. We moved to Fluentd making our stack from ELK to EFK.

We were using the open source version. Community support is good.

Complex. We needed to analyze multiple factors, like benchmarking, performance of Logstash.

I rate it at eight out of 10. It is scalable (if used properly), durable, and performance tested.

If you are good to spend money, Splunk is way better for log management. There might be other use cases where you may need ELK.

Documentation is very good, so implementation is fine.

Email notification should be done the same way as Logentries does it. Because of the notification issue we moved to Logentries, as it provides a simple way to get notification whenever a server encounters an error or something unexpected happens (which we have defined using Regex).

We set up a cron job to delete old logs so that we wouldn't hit a disk space issue. Such a feature should be available in the UI, where old logs can be deleted automatically. (Don’t know if this feature is already there).

No issues with stability.

Not really, but we did set up a cron job to delete old logs so that we wouldn't hit a disk space issue.

ELK documentation is very good, so never needed to contact technical support.

We used Logentries, but because it is open-source we moved to ELK as a part of cost-cutting strategy and evaluation of ELK. But the lack of a notification feature caused us to go back to Logentries.

Slightly complex, especially when you are configuring machines which are on a separate IP rather than on a single machine. In my case Elasticsearch, Kibana, and Logstash were on different machines. Along with that, we added a proxy server (nginx) ahead of the Kibana server. We used the proxy server for user authentication so that only known users should be able to access the Kibana dashboard. ELK didn’t have a free version for user authentication and that made us go for the alternative. We have, in total, four machines.

I give it a seven out of 10. They don't provide user authentication and authorisation features (Shield) as a part of their open-source version.

My primary use case is to check market prices.

The main benefit of using this solution is that it improves your speed as you don't have to waste time searching for answers.

The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for.

The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics.

I have found some bugs, but overall the stability is fine.

The scalability is fine.

Technical support is good, they're able to answer all of our questions.

The initial setup wasn't difficult, but that varies depending on the number of servers you have.

This tool is affordable, and its price is ok.

I would rate this solution eight out of ten.

We use this solution for the Microsoft deployment of auto-management.

I like the indexing of the logs.

I have been using ELK Logstash for one year.

This product is quite stable and I've not seen any type of issue with it so far.

With respect to scalability, you have to properly plan. Generally, I don't see any issues with scalability.

We have not used technical support because we always had talent within the company for end-user support.

This was a solution that our client chose, and they were not using a different one prior to this.

I do not think that we had any issues with the deployment. Overall, I would say that the process is of medium complexity.

The support team assisted us with the deployment. I don't think that we had any issues with the team.

Compared to other products such as Dynatrace, this is one of the cheaper options.

Our client provided us with this option after they had already been through a selection process.

My advice is that this is a good product to use if you are financially contained, and you want to start with something small. Later, if you need to scale then you can look at other options.

I would rate this solution an eight out of ten.