ELK Elasticsearch Overview

ELK Elasticsearch is the #1 ranked solution in our list of top Search as a Service vendors. It is most often compared to Amazon Athena: ELK Elasticsearch vs Amazon Athena

What is ELK Elasticsearch?
Elasticsearch is a distributed, JSON-based search and analytics engine designed for horizontal scalability, maximum reliability, and easy management. Elasticsearch lets you perform and combine many types of searches — structured, unstructured, geo, metric — any way you want.
ELK Elasticsearch Buyer's Guide

Download the ELK Elasticsearch Buyer's Guide including reviews and more. Updated: April 2021

ELK Elasticsearch Customers
HotelTonight, Perceivant, Docker, Green Man Gaming, Xoom, AutoScout24, TheLadders, Center for Open Science, Parleys, Tango
ELK Elasticsearch Video

Pricing Advice

What users are saying about ELK Elasticsearch pricing:
  • "The basic license is free, but it comes with a lot of features that aren't free. With a gold license, we get active directory integration. With a platinum license, we get alerting."
  • "We are using the open-sourced version."
  • "We are using the Community Edition because Elasticsearch's licensing model is not flexible or suitable for us. They ask for an annual subscription. We also got the development consultancy from Elasticsearch for 60 days or something like that, but they were just trying to do the same trick. That's why we didn't purchase it. We are just using the Community Edition."
  • "We are using the free version and intend to upgrade."
  • "The pricing model is questionable and needs to be addressed because when you would like to have the security they charge per machine."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
Erik De Decker
Owner & director at Pulsar ICT
Real User
Top 10Leaderboard
Jun 20, 2020
Good processing power, very scalable, and able to handle all data formats

What is our primary use case?

We try to detect malicious files by the logs. The logs are all centralized including all our PCs, our callers, our servers, Linux, windows, Polaris names. We scan everything. Then we have pre-defined specific use cases that allow us to identify if there is an attack on the machine or indirectly by the endpoint. On top of that, we can check with users as we're not directly dealing with the configuration, so we can follow up on the alerts we receive. On top of that, we have the systems in place that allow us to detect if certain inexcusable items are on the system, such as malicious files. We… more »

Pros and Cons

  • "There's lots of processing power. You can actually just add machines to get more performance if you need to. It's pretty flexible and very easy to add another log. It's not like 'oh, no, it's going to be so much extra data'. That's not a problem for the machine. It can handle it."
  • "The solution has quite a steep learning curve. The usability and general user-friendliness could be improved. However, that is kind of typical with products that have a lot of flexibility, or a lot of capabilities. Sometimes having more choices makes things more complex. It makes it difficult to configure it, though. It's kind of a bitter pill that you have to swallow in the beginning and you really have to get through it."

What other advice do I have?

I'm just using it as a customer We tend to use the latest versions of the solution. We try to upgrade it on a regular basis. I'd advise other companies considering implementing the solution to get a team in that knows the product and try to take advantage of their knowledge. It will help reduce the pain of the learning curve. I'd rate the solution eight out of ten. I would not give it a ten because of the steep learning curve. I know what the product is, but many do not, and for them it will be quite difficult to get started without becoming very frustrated in the process.
Kiran BM
Chief Data Scientist at Everlytics Data Science Pte Ltd
Real User
Top 5Leaderboard
Nov 30, 2020
The go-to stack for machine- and sensor-generated data use cases. Easy to deploy and maintain. Elastic's ELK Elasticsearch, unlike AWS Elasticsearch, comes with batteries included.

What is our primary use case?

I'm involved in architecting and implementing Elasticsearch-based solutions, catering to various use cases including IIoT, cybersecurity, IT Ops, and general logging and monitoring. The intention of this article is not to compare AWS Elasticsearch with Elastic ELK Elasticsearch and at the end declare the winner. Elasticsearch by itself is one of the coolest and versatile Big Data stacks out there. If you are planning to use it in your organization or trying to evaluate if it is the right stack for your product/ solution, this article offers some insights from an architect's perspective.

Pros and Cons

  • "ELK Elasticsearch is 100% scalable as scalability is built into the design"
  • "The metadata gets stored along with indexes and isn't queryable."

What other advice do I have?

You can spin up Elastic ELK Elasticsearch fully-managed service either on AWS, GCP, or Azure, or have your own on-premises installation and dockerize it. Whereas the AWS Elasticsearch is available only on AWS. That's the hosting difference. Elastic ELK Elasticsearch comes with a support-only subscription, and there are a lot of updates happening. Kibana is constantly improved and there’s a new release every two weeks.
Learn what your peers think about ELK Elasticsearch. Get advice and tips from experienced pros sharing their opinions. Updated: April 2021.
475,291 professionals have used our research since 2012.
Kiran Raparti
Head of Technology Operations at a financial services firm with 11-50 employees
Real User
Top 5Leaderboard
Oct 30, 2020
Open-source with good community support but number of search queries is limited

What is our primary use case?

I run the function to review the usage for the team and for the organization itself. We use this product internally and then some of our business relationships with the other businesses that we have, they get their data from our data. It's more for collaborative data reporting that we have with them.

Pros and Cons

  • "The most valuable feature is the out of the box Kibana."
  • "I would like to be able to do correlations between multiple indexes."

What other advice do I have?

For anyone who is looking into implementing this solution, the only tip is to get your models for the type of actual use that you are looking at upfront in order to have a good run. I would rate ELK Elasticsearch a seven out of ten.
Murat ERAYDIN
Owner and CEO at Karmasis
Real User
Apr 6, 2021
Good search speed and easy to deploy, but complicated to scale and needs an ODBC driver and better licensing

What is our primary use case?

We are developing a SIEM application that is similar to QRadar, ArcSight, or Splunk. This application uses Elasticsearch as its search engine because we want to retrieve information fast. We are just using the basic search engine part of Elasticsearch. We have developed lots of things on top of Elasticsearch, such as security, correlation, reporting, etc.

Pros and Cons

  • "The search speed is most valuable and important."
  • "Its licensing needs to be improved. They don't offer a perpetual license. They want to know how many nodes you will be using, and they ask for an annual subscription. Otherwise, they don't give you permission to use it. Our customers are generally military or police departments or customers without connection to the internet. Therefore, this model is not suitable for us. This subscription-based model is not the best for OEM vendors. Another annoying thing about Elasticsearch is its roadmap. We are developing something, and then they say, "Okay. We have removed that feature in this release," and when we are adapting to that release, they say, "Okay. We have removed that one as well." We don't know what they will remove in the next version. They are not looking for backward compatibility from the customers' perspective. They just remove a feature and say, "Okay. We've removed this one." In terms of new features, it should have an ODBC driver so that you can search and integrate this product with existing BI tools and reporting tools. Currently, you need to go for third parties, such as CData, in order to achieve this. ODBC driver is the most important feature required. Its Community Edition does not have security features. For example, you cannot authenticate with a username and password. It should have security features. They might have put it in the latest release."

What other advice do I have?

The most important thing to keep in mind is that it is not as they advertise on their site. If you want to scale up and are looking for a big deployment, you must read everything. You also need support from the company itself. I would rate ELK Elasticsearch a seven out of ten.
HY
reviewer796698
Manager at a tech services company with 11-50 employees
Real User
Dec 16, 2019
Helps us keep firewall logs and collect traffic flow information

What is our primary use case?

What we use this ELK (Elasticsearch, Logstash, and Kibana) solution is mostly for keeping firewall logs and collecting traffic flow information.

Pros and Cons

  • "The product is scalable with good performance."
  • "The GUI is the part of the program which has the most room for improvement."

What other advice do I have?

The advice I would give to others considering this solution is that you have to have someone knowledgeable managing the system. You have to know the needs, know how to manage queries, and understand the visualization. You have to have someone working on it and dedicated to it so that you can manage it. It is not just plug-and-play. If you decide to run with it, the performance and the result can be very satisfactory. We did not have any issues with achieving what we tried to do. When we need certain data, we always find it. On a scale from one to ten where one is the worst and ten is the best…
DE
DAVIDEVANS
Cyber Security Professional at Defensive Cyber Security Center Germany
Real User
Top 20
May 12, 2020
Easily customizable dashboard and excellent technical support

What is our primary use case?

In terms of use case, we combine a lot of things with Elastic. It's two platforms, so with Elasticsearch, we're using the Beats, Kibana, and Suricata. It's a query engine and we use the information from our sensors. It gets ingested into that and we use the resources to get everything put on our dashboards. If something is detected, alerts come up right away and it's very, very accurate. The more ingest it receives, the better we can respond to threats. It's not just Elastic or Logstash, it's a combination of those and other tools that we would apply towards our threat detection and… more »

Pros and Cons

  • "Dashboard is very customizable."
  • "Could have more open source tools and testing."

What other advice do I have?

For anyone considering implementing this solution, I would say take a good hard look at your own infrastructure resources and scalability as you have to future proof everything. Whether it's scale or increase in customers building up through your actual hardware and your network infrastructure. You need to know it's capable of performing the tasks needed, because sometimes you outgrow yourself. So, I would say look at your resources and how it can be scaled. I would rate this solution a nine out of 10.
MM
reviewer844839
Data Scientist at a tech vendor with 51-200 employees
Real User
Dec 11, 2019
Enables me to share dashboards with different people with different levels of access

What is our primary use case?

I'm a data scientist and we're a customer of ELK. We use the solution for multiple projects, mainly based around customer analytics.

Pros and Cons

  • "I value the feature that allows me to share the dashboards to different people with different levels of access."
  • "Ratio aggregation is not supported in this solution."

What other advice do I have?

You can test the product for your use case on their user free trial, they offer a seven or 14-day free trial, You can put it up on cloud and just push your data to check if your use cases are being handled or not. It's a quick test of the waters. I would rate this product an eight out of 10.
SK
Steffen Klein
Senior Consultant at sectecs
Consultant
Top 5Leaderboard
Jan 6, 2021
Stable with reasonable technical support, but it should be easier to use

What is our primary use case?

I am using it to get some hands-on experience and learn the product by searching, building use cases, test cases, dashboards, and visualizations. With hands-on experience, you learn more about the product and how it works.

Pros and Cons

  • "It's a stable solution and we have not had any issues."
  • "It should be easier to use. It has been getting better because many functions are pre-defined, but it still needs improvement."

What other advice do I have?

I like this solution, but it has too much hands-on time required tweaking to get it up and running. I have no plans to continue using this product. Currently, I am focused on SIEMonster because I signed a partnership and I would like to sell a total product. It doesn't make sense to spread across multiple products. I would like to earn money out of it, so I'm focusing currently on SIEMonster. I think that Elasticsearch is a good product and cheaper than Splunk. When I check Gartner, I don't see mention of Elasticsearch, it seems they need to make some improvements. I would rate this solution a…
See 7 more ELK Elasticsearch Reviews