We just raised a $30M Series A: Read our story

ELK Elasticsearch OverviewUNIXBusinessApplication

ELK Elasticsearch is #1 ranked solution in top Search as a Service vendors and top Anomaly Detection Tools. IT Central Station users give ELK Elasticsearch an average rating of 8 out of 10. ELK Elasticsearch is most commonly compared to Amazon Athena:ELK Elasticsearch vs Amazon Athena. ELK Elasticsearch is popular among the large enterprise segment, accounting for 73% of users researching this solution on IT Central Station. The top industry researching this solution are professionals from a computer software company, accounting for 25% of all views.
What is ELK Elasticsearch?
Elasticsearch is a distributed, JSON-based search and analytics engine designed for horizontal scalability, maximum reliability, and easy management. Elasticsearch lets you perform and combine many types of searches — structured, unstructured, geo, metric — any way you want.
ELK Elasticsearch Buyer's Guide

Download the ELK Elasticsearch Buyer's Guide including reviews and more. Updated: November 2021

ELK Elasticsearch Customers
HotelTonight, Perceivant, Docker, Green Man Gaming, Xoom, AutoScout24, TheLadders, Center for Open Science, Parleys, Tango
ELK Elasticsearch Video

Archived ELK Elasticsearch Reviews (more than two years old)

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
BT
Engineer at IT Specialist LLC
Real User
Top 20
User interface is ok, helpful extensions are available, and there is good community support

What is our primary use case?

I use Elasticsearch with Logstash and Kibana.

What is most valuable?

The most valuable features are the data store and the X-pack extension. The user interface is ok. The integration of Elasticsearch, Logstash, and Kibana is very good.

What needs improvement?

The pricing of this product needs to be more clear because I cannot understand it when I review the website.

For how long have I used the solution?

I have been using this solution for about one year.

What do I think about the scalability of the solution?

This solution is scalable.

How are customer service and technical support?

I rely on the community for technical support.

How was the initial setup?

The initial setup of this solution is a little bit hard. I did not find it…

What is our primary use case?

I use Elasticsearch with Logstash and Kibana.

What is most valuable?

The most valuable features are the data store and the X-pack extension.

The user interface is ok.

The integration of Elasticsearch, Logstash, and Kibana is very good.

What needs improvement?

The pricing of this product needs to be more clear because I cannot understand it when I review the website.

For how long have I used the solution?

I have been using this solution for about one year.

What do I think about the scalability of the solution?

This solution is scalable.

How are customer service and technical support?

I rely on the community for technical support.

How was the initial setup?

The initial setup of this solution is a little bit hard. I did not find it hard, myself, but it was difficult for my colleague who had less experience.

The deployment takes between one and two hours.

What about the implementation team?

We implemented this solution ourselves.

What's my experience with pricing, setup cost, and licensing?

The pricing of this solution is not clear.

What other advice do I have?

This solution is ok for me and my business.

I would rate this solution an eight out of ten.

Disclosure: My company has a business relationship with this vendor other than being a customer: Reseller.
ITCS user
Murex Consultant at a tech services company
Real User
Helpful text processing features and is easy to use, but stability needs to be improved

Pros and Cons

  • "The special text processing features in this solution are very important for me."
  • "Better dashboards or a better configuration system would be very good."

What is our primary use case?

We use this solution to collect log data and analyze it. We have an on-premises deployment.

What is most valuable?

The special text processing features in this solution are very important for me.

As a system, it is easy to use.

What needs improvement?

This is not a robust system, so in terms of resilience, they have to make some improvements. From time to time the system goes down and we have to start again, after adjusting some configuration parameters.

Technical support can be improved.

The interface would be improved with the inclusion of dashboards to assist in analyzing problems because it is very difficult. Better dashboards or a better configuration system would be very good.

For how long have I used the solution?

I have been using this solution for six months.

What do I think about the stability of the solution?

This is not exactly a stable solution, which is why we are considering another compatible tool, and whether we go on with Elasticsearch or change it.

How are customer service and technical support?

I follow their forum and blogs, and I have also asked questions directly to their technical department. I would say that support is moderate. It is not very good or very bad, but in between.

Which solution did I use previously and why did I switch?

We did not use another solution prior to this one.

How was the initial setup?

The initial setup of this solution is easy and straightforward.

The deployment is both easy and quick.

What about the implementation team?

We have an in-house team that handles deployment.

Two people are enough for deployment and maintenance.

Which other solutions did I evaluate?

We did not evaluate other options before choosing this solution, but due to issues with stability, I'm now trying out PostgreSQL for comparison.

What other advice do I have?

My advice for anybody considering this solution is that it is an easy to use tool, but for work that is not complex. If on the other hand, the work is more complex, with more data and perhaps a clustering environment, then they may have to consider something more stable and more robust.

I would rate this solution a seven out of ten.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Learn what your peers think about ELK Elasticsearch. Get advice and tips from experienced pros sharing their opinions. Updated: November 2021.
552,305 professionals have used our research since 2012.
AP
User at Sincrobox SAC
User
Simple solution that provides valuable analytics

What is our primary use case?

Our primary use case for this solution is to operate an integration platform for a warehouse management system.

How has it helped my organization?

This has improved our organization because we articulated Kubernetes, Docker, and GitHub with amazing simplicity in the scaling up of our service.

What is most valuable?

The most valuable feature for us is the analytics that we can configure and view using Kibana.

What needs improvement?

This product could be improved with additional security, and the addition of support for machine learning devices.

For how long have I used the solution?

Still implementing.

What is our primary use case?

Our primary use case for this solution is to operate an integration platform for a warehouse management system.

How has it helped my organization?

This has improved our organization because we articulated Kubernetes, Docker, and GitHub with amazing simplicity in the scaling up of our service.

What is most valuable?

The most valuable feature for us is the analytics that we can configure and view using Kibana.

What needs improvement?

This product could be improved with additional security, and the addition of support for machine learning devices.

For how long have I used the solution?

Still implementing.
Disclosure: I am a real user, and this review is based on my own experience and opinions.
NK
System Analyst at S7
Real User
Provides enterprise landscape support for different areas of the company

Pros and Cons

  • "We had many reasons to implement Elasticsearch for search term solutions. Elasticsearch products provide enterprise landscape support for different areas of the company."
  • "We see the need for some improvements with Elasticsearch. We would like the Elasticsearch package to include training lessons for our staff."

What is our primary use case?

In my project, Elasticsearch is used to query terms for search and to provide data boards for our project team.

How has it helped my organization?

We have some important IT systems which provide support for our business processes. Money is a big issue. If something happens to the IT systems, we lose some money. 

We built Elasticsearch solutions to help us to search more quickly. After that, we can calculate how much money we can save by implementing Elasticsearch as a solution.

What is most valuable?

We had many reasons to implement Elasticsearch for search term solutions. Elasticsearch products provide enterprise landscape support for different areas of the company.

What needs improvement?

Elasticsearch is useful for different business processes, but there are some problems. We discuss these problems with the vendor and with our in-house team. We see the need for some improvements with Elasticsearch. 

We would like the Elasticsearch package to include training lessons for our staff.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Elasticsearch is stable. We have a normal relationship with the vendor and we have enough support.

What do I think about the scalability of the solution?

Elasticsearch is very scalable. This was one of the most important points of our decision. We use Elasticsearch with about 1000 users. Now have two sets of solutions:

  • One set works with the dashboard from the project team's site.
  • A second set works with the enterprise department involved with two roles. 

As for the staff, we have an infrastructure team dedicated to Search. I can't answer quickly how many people we use for that. For maintenance, we employ about three to five experts.

We are planning to increase our Elasticsearch usage. We have the plan because some Elasticsearch systems integrate with other products and we must grow.

How are customer service and technical support?

If we discuss technical support from the vendor, it's the first line of support and we don't need very quick response times in the first support line. 

If we discuss the second line of support, it must be conducted very quickly. About technical support from the vendor, it's not fast. It's normal.

Which solution did I use previously and why did I switch?

I previously provided some activities with Splunk solutions. My colleague in another department also used Splunk.

How was the initial setup?

We did not have difficult trouble installing and configuring Elasticsearch. The setup is straightforward.

What about the implementation team?

The implementation depends on what part of the solution. In some areas and for some Elasticsearch installation tasks, we wanted third-party consultation support.

What was our ROI?

We don't integrate Elasticsearch on enough systems to complete the estimate of ROI.

What's my experience with pricing, setup cost, and licensing?

For the next project, we might buy the license, but we don't use it now. I don't know exactly what the license fee for Elasticsearch is currently.

Which other solutions did I evaluate?

This is a difficult question because we had a specific reason for choosing Elasticsearch. Different solutions provide different benefits. We compare these and choose one solution over another. 

Overall, it depends on the manufacturers. We compared Elasticsearch with other products like Riverbed, for example.

What other advice do I have?

In general, we have many advantages from the features of Elasticsearch, but there are questions mostly about money, not about technical features, that are of concern.

I would rate Elasticsearch eight/nine out of ten. We have enough possibilities and features with Elasticsearch for our business requirements.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
DevOps/System Administrator at a consultancy with 1,001-5,000 employees
Real User
Allows us to implement machine-learning from our logs, and alerts for anomalies

Pros and Cons

  • "Gives us a more user-friendly, centralized solution (for those who just needed a quick glance, without being masters of sed and awk) as well as the ability to implement various mechanisms for machine-learning from our logs, and sending alerts for anomalies."
  • "Elasticsearch could improve by honoring Unix environmental variables and not relying only on those provided by Java (e.g. installing plugins over the Unix http proxy)."
  • "Performance improvement could come from skipping background refresh on search idle shards (which is already being addressed in the upcoming seventh version)."

What is our primary use case?

Various purposes, mainly log analysis.

How has it helped my organization?

This product has notably improved the way we store and use logs, from having a more user-friendly, centralized solution (for those who just needed a quick glance, without being masters of sed and awk) to implementing various mechanisms for machine-learning from our logs, and sending alerts for anomalies.

What is most valuable?

The three major features which won us over to Elasticsearch were:

  • The well written documentation
  • The already available integrations with multiple other tools related to our needs (like Logstash, Kibana)
  • The easy with which scalability was achieved.

What needs improvement?

There are some areas in which Elasticsearch could improve: 

By honoring Unix environmental variables and not relying only on those provided by Java (e.g. installing plugins over the Unix http proxy). 

Performance improvement could come from skipping background refresh on search idle shards (which is already being addressed in the upcoming seventh version).

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

Until now, we have not run into any issues running Elasticsearch that were not based on bad capacity planning based by us.

What do I think about the scalability of the solution?

Elasticsearch is a very easy to scale product, compared to other similar technologies.

How are customer service and technical support?

To date, we haven't had the chance to use Elasticsearch's technical support.

Which solution did I use previously and why did I switch?

We cannot disclose the previous solution, but we are much happier with Elasticsearch.

How was the initial setup?

Our initial setup was very easy to do.

Which other solutions did I evaluate?

We evaluated HBase and Cassadnra.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Randall Hinds
Program Manager - Enterprise Command Center at a financial services firm with 10,001+ employees
Real User
Aggregates log/machine data into a searchable index, reduces time to identify issues

Pros and Cons

  • "The ability to aggregate log and machine data into a searchable index reduces time to identify and isolate issues for an application. Saves time in triage and incident response by eliminating manual steps to access and parse logs on separate systems, within large infrastructure footprints."
  • "Enterprise scaling of what have been essentially separate, free open source software (FOSS) products has been a challenge, but the folks at Elastic have published new add-ons (X-Pack and ECE) to help large companies grow ELK to required scales."

How has it helped my organization?

ELK has helped my team leverage a powerful and efficient capability that is comparable to more costly solutions.

What is most valuable?

The ability to aggregate log and machine data into a searchable index reduces time to identify and isolate issues for an application. Saves time in triage and incident response by eliminating manual steps to access and parse logs on separate systems, within large infrastructure footprints.

What needs improvement?

Enterprise scaling of what have been essentially separate, free open source software (FOSS) products has been a challenge, but the folks at Elastic have published new add-ons (X-Pack and ECE) to help large companies grow ELK to required scales.

For how long have I used the solution?

Three to five years.

What do I think about the stability of the solution?

No issues with stability.

What do I think about the scalability of the solution?

We encountered issues with scalability.

How are customer service and technical support?

Not applicable, for my team's experience with ELK. Being a FOSS, there is limited support from Elastic without a service – support, consulting, training. There is wealth of information on the web and a growing community of users to lean on for support, though.

Which solution did I use previously and why did I switch?

Yes, we had a previous solution but we did not switch. We use multiple log analysis engines. Where we have funds to support commercial, off-the-shelf tools (COTS), we have seen more immediate benefits. Where we must go with low/no-cost FOSS, we use ELK.

How was the initial setup?

Initial setups were complex years ago, but they are more straightforward in the current offering. ELK is essentially a collection of products that each requires infrastructure and expertise to set up independently, and connecting them to gain a functional tool requires still more expertise.

What's my experience with pricing, setup cost, and licensing?

This is a free, open source software (FOSS) tool, which means no cost on the front-end. There are no free lunches in this world though. Technical skill to implement and support are costly on the back-end with ELK, whether you train/hire internally or go for premium services from Elastic.

Which other solutions did I evaluate?

Splunk, Sumo Logic, and IBM’s Operation Analytics.

What other advice do I have?

Try it out. There is little to lose but time.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Prabhanshu Pandit
Programmer at a tech services company
Real User
Allows us to store data in key value pairs and produce visualisations in Kibana, but lack of email notification is problematic

Pros and Cons

  • "Helps us to store the data in key value pairs and, based on that, we can produce visualisations in Kibana."
  • "It helps us to analyse the logs based on the location, user, and other log parameters."
  • "It needs email notification, similar to what Logentries has. Because of the notification issue, we moved to Logentries, as it provides a simple way to receive notification whenever a server encounters an error or unexpected conditions (which we have defined using RegEx​)."

What is most valuable?

Elasticsearch helps us to store the data in key value pairs and, based on that, we can produce visualisations in Kibana. It helps us to analyse the logs based on the location, user, and other log parameters.

What needs improvement?

It needs email notification, similar to what Logentries has. Because of the notification issue, we moved to Logentries, as it provides a simple way to receive notification whenever a server encounters an error or unexpected conditions (which we have defined using RegEx).

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

No stability issues.

What do I think about the scalability of the solution?

Not really any scalability issues, but we have set up a cron job to delete old logs so that we don’t hit the disk space issues. It would be helpful if such a feature were added to the UI, where old logs could be deleted automatically. (Don’t know if this feature is already there).

How are customer service and technical support?

ELK documentation is very good, so we have never needed to contact technical support.

Which solution did I use previously and why did I switch?

We used Logentries. Because of open source we moved to ELK, considering it as part of a cost-cutting strategy and evaluation. But due to the lack of a notification feature, we again moved to Logentries.

How was the initial setup?

Slightly complex, especially when you are configuring a machine which is on a separate IP, rather than on a single machine. In my case, Elasticsearch, Kibana and Logstash were on different machines. Along with that, we added a proxy server (nginx) ahead of the Kibana server. We used the proxy server for user authentication so that only known users would be able to access the Kibana dashboard. ELK's free version doesn't have user authentication, and this forced us to go with this alternative. We have four machines in total.

When we were using the Amazon Elasticsearch Service we had one cluster of Elasticsearch which, by default, gave us the Kibana dashboard. We just added a proxy server for user authentication.

Which other solutions did I evaluate?

Graylog, Fluentd.

What other advice do I have?

I give it a seven out of 10. They don't provide user authentication and authorisation (shield) as a part of their open source version.

Nice to implement, they have nicely written documentation.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
ITCS user
EChannel IT Architect at a tech vendor with 1,001-5,000 employees
Real User
It is easy to scale with the cluster node model

How has it helped my organization?

Fast search Relevant results returned Autocomplete/fuzzy search

What is most valuable?

Search  To implement the main requirements regarding my support portal.

What needs improvement?

Machine learning on search.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

No issues. It is very stable.

What do I think about the scalability of the solution?

No issues. It is easy to scale with the cluster node model.

How are customer service and technical support?

I would rate technical support with a nine out of 10. Support is very reactive and proactive.

Which solution did I use previously and why did I switch?

We did have a previous solution. It was a monster to install and…

How has it helped my organization?

  • Fast search
  • Relevant results returned
  • Autocomplete/fuzzy search

What is most valuable?

  • Search 
  • To implement the main requirements regarding my support portal.

What needs improvement?

Machine learning on search.

For how long have I used the solution?

One to three years.

What do I think about the stability of the solution?

No issues. It is very stable.

What do I think about the scalability of the solution?

No issues. It is easy to scale with the cluster node model.

How are customer service and technical support?

I would rate technical support with a nine out of 10. Support is very reactive and proactive.

Which solution did I use previously and why did I switch?

We did have a previous solution. It was a monster to install and configure.

How was the initial setup?

The initial setup was straightforward.

What's my experience with pricing, setup cost, and licensing?

The pricing and license model are clear: node-based model. 

Which other solutions did I evaluate?

We evaluated Solr.

What other advice do I have?

The search product is a product exposing API. Therefore, be comfortable in developing your own front-end to integrate the Search API.

Disclosure: I am a real user, and this review is based on my own experience and opinions.
Selvam Krishnan
Technology Delivery Lead - Enterprise Monitoring at a financial services firm with 10,001+ employees
Real User
Data collected will be used for near real-time monitoring, analytics, and machine learning

Pros and Cons

  • "X-Pack provides good features, like authorization and alerts."

    What is our primary use case?

    We use ELK primarily for enterprise monitoring and analytics through log ingestion. The data collected in Elasticsearch will be used for near real-time monitoring, analytics, and machine learning.

    How has it helped my organization?

    All new applications have been onboarded and used by the application teams. The initial feedback has been positive, and its capabilities seem to be a descent fit for our needs.

    What is most valuable?

    ELK being an open source certainly provided a platform for our organization to get involved. 

    X-Pack provides good features, like authorization and alerts. An X-Pack license is more affordable than Splunk.

    What needs improvement?

    Logstash has been a challenge and needs improvements in data ingestion reconciliation. The Kibana Cross Cluster feature is long awaited and I hope 6.0 will address it without issues.

    For how long have I used the solution?

    Less than one year.

    What's my experience with pricing, setup cost, and licensing?

    ELK has been considered as an alternative to Splunk to reduce licensing costs.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.
    it_user779379
    System Engineer at a tech services company with 10,001+ employees
    Real User
    Furnishes good end to end log monitoring, Logstash grok pattern capabilities

    What is most valuable?

    ELK provides 

    • good end to end log monitoring
    • Logstash grok pattern
    • elasticserach indexing
    • easily configurable Kibana dashboards
    • feature rich and appealing Kibana UI, as its USP.

    How has it helped my organization?

    The product offers a powerful, cost effective solution for proprietary log management and is easy to understand and start with. This saves cost as well as enhances usability.

    What needs improvement?

    The open source version should ship basic security versions with it. Alerting is an important feature which is not available in the open source stack.

    For how long have I used the solution?

    About two years.

    What do I think about the stability of the solution?

    Stability issues can be seen with Logstash and can be addressed using Kafka. Also, data collections may not be 100% optimal using Filebeat and could be further improved.

    What do I think about the scalability of the solution?

    The product is highly scalable, especially on the database side (elasticserach).

    How are customer service and technical support?

    Have worked on the open source version and, hence, I don't have much information about tech support.

    Which solution did I use previously and why did I switch?

    I have not worked with another solution.

    How was the initial setup?

    The setup is straightforward for PoC, but becomes complex while scaling it or deploying it for production.

    Which other solutions did I evaluate?

    Yes, I evaluated GrayLog and Fluentd, but ELK was more feature rich.

    What other advice do I have?

    The ELK open source stack is rich in features but lacks the essential security features.

    ELK is one of the best open source alternatives for log management. If alerting and security features can be built by the team internally, on top of the stack, then the product is for sure going to add a lot of value to business.

    Disclosure: I am a real user, and this review is based on my own experience and opinions.