ELK Logstash Pros and Cons

ELK Logstash is easy and fast, at least for the initial setup with the out of box uses.

The feature that helps us to create a report for the login testing of Logstash is the most valuable aspect of the solution.

It is the best open-source product for people working in SO, managing and analyzing logs.

I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash.

The visualization is very good.

The most valuable feature is the ability to collect authentication information from service providers.

It's simple and easy to use.

In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts.

The machine learning is not included in the free version. It is only included in the Platinum or Gold versions. It would be helpful if the machine learning features were available even on the free version of the solution. RSA and IBM are other solutions that also offer machine learning, which is interesting for us, but they cost money.

If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution.

One thing they could add is a quick step to enable users who don't have a solid background to build a dashboard and quickly search, without difficulty.

There are connectors to gather logs for Windows PCs and Linux PCs, but if we have to get the logs from Syslog then we have to do it manually, and this should be automated.

Anything that supports high availability or ease of deployment in a highly available environment would help to improve this solution.

This solution cannot do predictive maintenance, so we have to build our own modules for doing it.