Elastic Security Reviews

We use Logstash to retrieve data from our servers, from different sources, to our Elastic Stack. There, Elastic Search allows us to search it, and we can visualize the data with Kibana.

I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash.

Our system architect has noticed a slowdown of the solution, but I don't see a slowdown.

One thing they could add is a quick step to enable users who don't have a solid background to build a dashboard and quickly search, without difficulty.

We have been using Elastic Stack for about three years.

The solution is stable. We also monitor the Elastic Stack health and it's been a while since we have had an issue. The stability doesn't cause any problems. It's good. We haven't had any major issues.

For now, we haven't had any problems. I'm just a user. I'm not the one responsible for the total solution. I use Kibana for the dashboard to detect any errors in our servers.

But for the future, perhaps we will need to scale our solution because we deploy new components and we implement new servers on Azure. 

The solution is maintained by dedicated architects who provide us with a solid platform. There is no direct support from Elastic Stack. We don't have any issue or any problem which requires support.

I'm a system engineer. The architects who set up these solutions did it before I worked here.

I learned how to use it by doing searches and finding information about it.  I learned to use it very quickly. The documentation is very simple to use, as long as you have some technical background in computers.

Elastic Stack is an open-source tool. You don't have to pay anything for the components.

Think carefully about how you will build the solution so that it is a high-availability solution. That is the trick when using Elastic Stack. Examine what your needs are.

I would rate Logstash at eight out of 10. I think the solution is really complete, with the components it has. It is a good solution. 

The primary use of this solution is to gather authentication information and use it to determine which identity provider is breaking on which service provider. We store it as anonymized session information for each user.

The most valuable feature is the ability to collect authentication information from service providers.

Configuring the server is difficult and can be improved.

I would like to have a high availability set up that is easy to configure. Anything that supports high availability or ease of deployment in a highly available environment would help to improve this solution.

I had been using Logstash for about three years. I am no longer using it but the people that I used to work with are.

We did not have any issues in terms of stability or performance.

Scalability was not a problem for us.

We did not have to contact technical support.

The initial setup is pretty straightforward.

Our deployment took quite some time but it was not because of Logstash issues. It was a more complex situation because we didn't have access to all of the nodes that we wanted to forward. So, it took between 10 and 15 months to deploy, although it was for administrative reasons as opposed to technical ones.

I had my own team for working with this solution but it was not for a single company. Our team was associated with a European partner and it was distributed around European cities.

My advice for anybody who is implementing this system is to set it up so that you can manage it remotely.

Overall, this product does what it is supposed to do, although there is always room for improvement.

I would rate this solution a nine out of ten.

We are using Elastic Security as part of the Elastic Search component. The solution provides us with security, such as threat protection.

The most valuable features of Elastic Security are it is open-source and provides a high level of security.

Elastic Security could improve the documentation. It would help if they were more simple and clean.

I have used Elastic Security for approximately two years.

We have one person using this solution.

I have used the community support for Elastic Security. Sometimes the support is helpful and sometimes it is not.

I have used other similar solutions in the past.

The initial setup of Elastic Security is straightforward. However, the documentation could improve. The deployment can be done in approximately 15 minutes.

I have seen a return on investment using this solution.

The solution can take up to 20 minutes to maintain when needed.

I rate Elastic Security a seven out of ten.

In my previous organization, I used this for central log management, increasing developer productivity.

Elasticsearch Indexing and the Visualize tools of Kibana.

Authentication is not a default in Kibana. We need to have another tool to have authentication and authorization. These two should be part of Kibana.

No issues with stability.

We had issues with scalability. Logstash was not scaling and aggregation was getting delayed. We moved to Fluentd making our stack from ELK to EFK.

We were using the open source version. Community support is good.

Complex. We needed to analyze multiple factors, like benchmarking, performance of Logstash.

I rate it at eight out of 10. It is scalable (if used properly), durable, and performance tested.

If you are good to spend money, Splunk is way better for log management. There might be other use cases where you may need ELK.

Documentation is very good, so implementation is fine.

Email notification should be done the same way as Logentries does it. Because of the notification issue we moved to Logentries, as it provides a simple way to get notification whenever a server encounters an error or something unexpected happens (which we have defined using Regex).

We set up a cron job to delete old logs so that we wouldn't hit a disk space issue. Such a feature should be available in the UI, where old logs can be deleted automatically. (Don’t know if this feature is already there).

No issues with stability.

Not really, but we did set up a cron job to delete old logs so that we wouldn't hit a disk space issue.

ELK documentation is very good, so never needed to contact technical support.

We used Logentries, but because it is open-source we moved to ELK as a part of cost-cutting strategy and evaluation of ELK. But the lack of a notification feature caused us to go back to Logentries.

Slightly complex, especially when you are configuring machines which are on a separate IP rather than on a single machine. In my case Elasticsearch, Kibana, and Logstash were on different machines. Along with that, we added a proxy server (nginx) ahead of the Kibana server. We used the proxy server for user authentication so that only known users should be able to access the Kibana dashboard. ELK didn’t have a free version for user authentication and that made us go for the alternative. We have, in total, four machines.

I give it a seven out of 10. They don't provide user authentication and authorisation features (Shield) as a part of their open-source version.

My primary use case is to check market prices.

The main benefit of using this solution is that it improves your speed as you don't have to waste time searching for answers.

The most valuable feature is the search function, which allows me to go directly to the target to see the specific line a customer is searching for.

The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics.

I have found some bugs, but overall the stability is fine.

The scalability is fine.

Technical support is good, they're able to answer all of our questions.

The initial setup wasn't difficult, but that varies depending on the number of servers you have.

This tool is affordable, and its price is ok.

I would rate this solution eight out of ten.

We use this solution for the Microsoft deployment of auto-management.

I like the indexing of the logs.

I have been using ELK Logstash for one year.

This product is quite stable and I've not seen any type of issue with it so far.

With respect to scalability, you have to properly plan. Generally, I don't see any issues with scalability.

We have not used technical support because we always had talent within the company for end-user support.

This was a solution that our client chose, and they were not using a different one prior to this.

I do not think that we had any issues with the deployment. Overall, I would say that the process is of medium complexity.

The support team assisted us with the deployment. I don't think that we had any issues with the team.

Compared to other products such as Dynatrace, this is one of the cheaper options.

Our client provided us with this option after they had already been through a selection process.

My advice is that this is a good product to use if you are financially contained, and you want to start with something small. Later, if you need to scale then you can look at other options.

I would rate this solution an eight out of ten.

In general, the solution is working together with Open Shift's deployment for the continuous delivery of many projects. This product takes the metrics and checks the log for components that Open Shift deploys. We work with the observation team that monitors the entire company to understand what can be observed and analyzed. 

The solution is able to handle searches quickly and efficiently. It's much faster than other solutions we've tried. It spends far less time on searches related to capacity and indexing information.

The possibility to stack, locate, and search with your indexing feature at a high rate of speed is its best feature. 

It helps that the solution can work together with the infrastructure agents to get the metrics we need. 

The integration is quite good.

The initial setup is not difficult. It's easy to set up and customize. It's a strong selling point for the solution. 

It's easy to collect the data.

The documentation is big. It's very well documented.

It's working and easy to work with.

The cost is reasonable. It's not overly pricey.

This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage.

We need to be able to monitor from any location in the world and any location in the company. We find that solutions such as Dynatrace and Datadog offer much more functionality, perhaps due to the fact that they are more mature.

The solution needs to integrate more AI capabilities, specifically to assist in anomaly detection.

The instrumentation of APM can be enhanced; can be better. It's not automated. It's a very manual process. This ends up being more costly for us. Dynatrace and Datadog are better in this area.

The support on offer could be much better.

I've been using the solution for the last six months at this point. It hasn't been an extremely long amount of time just yet.

The stability has been pretty good. It's reliable. There aren't bugs or glitches. it doesn't crash or freeze. I'd describe it as 95% stable overall.

We haven't really done any scaling. We only have had an environment with a small cluster on-premises and we can't really test it for scalability. We have no more than four servers for the platform and never really needed to expand anything.

The solution may be used by around 1,000 people in our organization.

Technical support could be a lot better. They should offer online chat functionality so that we can get answers to questions right away. It would make troubleshooting a lot faster and less cumbersome.

We've had some troubles, and when we do, we need to open a ticket to get it resolved, which takes some time.

That said, it does offer very good documentation and their knowledge is very good when you do interact with them.

The initial setup is easy. It's not complex or difficult. It's pretty straightforward.

It's very easy to set everything up and configure it on-premises.

The deployment only took an hour or two. We only deployed to one environment. It was pretty fast.

The cost is pretty low. It is not open-source, however.

We are just customers and end-users.

I would advise others to use this solution. It's relatively low cost and the implementation is quick, giving you results faster. 

I would rate the solution at an eight out of ten overall.