ELK Logstash Overview

ELK Logstash is the #5 ranked solution in our list of Log Management Software. It is most often compared to Datadog: ELK Logstash vs Datadog

What is ELK Logstash?

Logstash is an open source, server-side data processing pipeline that ingests data from a multitude of sources simultaneously, transforms it, and then sends it to your favorite “stash.”

ELK Logstash is also known as Elastic Stack, ELK Stack.

ELK Logstash Buyer's Guide

Download the ELK Logstash Buyer's Guide including reviews and more. Updated: July 2021

ELK Logstash Customers

Sprint, Grab, Autopilot, Just Eat, Verizon Wireless, Green Man Gaming, Compare Group, Tango, Perceivant, Quizlet

ELK Logstash Video

Pricing Advice

What users are saying about ELK Logstash pricing:
  • "It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."
  • "This is an open-source product, so there are no costs."

Filter Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
CharlesNetshivhera
Senior DevOps Engineer at a financial services firm with 10,001+ employees
Real User
Top 5
It is quite comprehensive and you're able to do a lot of tasks

What is our primary use case?

It is currently deployed as a single instance, but we are currently looking at clusters. We are using it for a logging solution. I'm a developer and act as a server engineer for DevOps Engineers. It's used by developers and mobile developers. It could be used by quite a few different teams.

Pros and Cons

  • "The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
  • "We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."

What other advice do I have?

Do a POC first. They should compare solutions and also look at different log formats they're trying to ingest. See how it really fits with the use case. This goes for ELK and Graylog. You can trial the enterprise version. In terms of lessons learned it does need some time and resources. It also needs adequate planning. You need to follow the documentation clearly and properly. I would give this solution 8 out of 10.
SN
Associate Delivery Lead at a tech services company with 1,001-5,000 employees
Real User
Fast, easy and offers easy infrastructure monitoring abilities

What is our primary use case?

The primary use cases are for infrastructure monitoring networks, security analytics, and SIEM. We are evaluating it for business analytics as well.

Pros and Cons

  • "ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
  • "In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts."

What other advice do I have?

Based on my experience, it's quite easy and manageable with small scale implementations, and the time to market is quite fast. I can have good monitoring with a couple of use cases set up in less than four weeks. In terms of other advice, it depends what I am looking for. Am I looking at this as a platform or for a specific use case? If I see it as a platform, I would definitely say it's a good platform to work on. In that case, I would rate it an eight on a scale of one to ten.
Learn what your peers think about ELK Logstash. Get advice and tips from experienced pros sharing their opinions. Updated: July 2021.
521,637 professionals have used our research since 2012.
ER
IT at a tech vendor with 10,001+ employees
Real User
Top 20
Easy to set up with a helpful community and a good dashboard tutor

What is our primary use case?

We primarily use the solution to have a correlation on all the Windows event logs. We use it more for forensic purposes now. We are looking for something which will be a more proactive product for us and be able to detect any threats and take automatic action.

Pros and Cons

  • "The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes."
  • "The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."

What other advice do I have?

We're ELK customers. Mostly I'm a specialist on the infrastructure of the solution. The solution is perfect as long as you are using it for forensics. In terms of threat detection, it could be better. There could be another product that is more appropriate for that aspect. I'd rate the solution eight out of ten.
JC
Senior Tech Engineer at a tech services company with 1,001-5,000 employees
Real User
Top 20
Easy to set up, reasonably priced, and offers good integration

What is our primary use case?

In general, the solution is working together with Open Shift's deployment for the continuous delivery of many projects. This product takes the metrics and checks the log for components that Open Shift deploys. We work with the observation team that monitors the entire company to understand what can be observed and analyzed.

Pros and Cons

  • "The cost is reasonable. It's not overly pricey."
  • "This type of monitoring is not very mature just yet. We need more real-time information in a way that's easier to manage."

What other advice do I have?

We are just customers and end-users. I would advise others to use this solution. It's relatively low cost and the implementation is quick, giving you results faster. I would rate the solution at an eight out of ten overall.
LM
Devops/SRE tech lead at a transportation company with 201-500 employees
Real User
Top 20
Scalable with good logging functionality and good stability

What is our primary use case?

We do not use monitoring due to the fact that we use Prometheus for monitoring. We don't use APM and so on. We use ELK only for logging.

Pros and Cons

  • "The solution is quite stable. The performance has been good."
  • "The problem with ELK is it's difficult to administer. When you have a problem, it can be very, very difficult to rebuild indexes."

What other advice do I have?

We are a customer and an end-user. We do not have a business relationship with ELK. The solution is deployed on Kubernetes in Azure. I would advise other companies and users not to mix monitoring and logging. It's not the same purpose. Many people do monitoring by scanning logs. It's not a good idea. The good idea is to monitor separately. In case of incidents, you have to monitor metrics and logins for the root cause. It's important to separate this, and not treat them as the same thing. I'd rate the solution at an eight out of ten.
Steve Drill
VP Platform Engineering at Hydrogen
Real User
Top 5
Free to use, easy to set up, and quite stable

What is our primary use case?

ELK Stack is made up of Elasticsearch, Logstash, and Kibana. What we have is considered modified ELK Stack where instead of the Logstash we use Fluentd, but it serves the same purpose as basically a pipe to get the data into the Elasticsearch. We primarily use the solution for everything you could think of from error detection to general logging and auditing, to security awareness.

Pros and Cons

  • "We've found the initial setup to be quite straightforward."
  • "Sometimes, the solution isn't the easiest to use."

What other advice do I have?

We're just customers and end-users. We don't have a business relationship with the company. We're using the latest version of the solution. The product in general has come very far. It's gotten a lot better over the years. I'd recommend the solution to other organizations. I'd advise anyone to try it out. Overall, I would rate it at an eight out of ten. We've largely been very pleased with the product.
Sunil Chaudhari
AVP, Site Reliability Engineer at a financial services firm with 10,001+ employees
Real User
Top 10
Good monitoring and behavior prediction; troubleshooting tool could be improved

What is our primary use case?

Our primary use case of this solution is for application performance monitoring. We are customers of ELK.

Pros and Cons

  • "Enables monitoring of application performance and the ability to predict behaviors."
  • "Upgrades currently released as stacks when it should be a plugin or an extension to save removal and reinstallation."

What other advice do I have?

I would recommend this solution for an organization that doesn't require a highly secured environment, because they'll have to deal with the issues of VM upgrades and installations. If it's a highly secured environment like a bank, then I suggest ELK cloud instead of on-prem. I rate this solution a seven out of 10.
FS
Co Founder at Basheer Sharma Enterprises LLP
Real User
Simplifies process of bug identification and tracking using application log files

What is our primary use case?

I was using this product up until recently when I changed companies, but I have been asked to implement logging in my new role and this is one of the options that I am considering. It was used in conjunction with Kibana to examine our logs and perform debugging. When a user complained about misbehavior in an application, we would research the logs, test, and try to find out where the bug is.

Pros and Cons

  • "The most valuable feature for me is Discover."
  • "I would like the process of retrieving archived data and viewing it in Kibana to be simplified."

What other advice do I have?

When my colleague set up this application, it was configured such that every seven days, the data is archived into long-term storage. When I needed something from the archived logs, it was easy to retrieve and I could look through them again. This is something that I would suggest doing. My suggestion for anybody who is implementing ELK Logstash is to make sure that the entire team knows how to use it. If only one person knows it and takes care of it, then it is not a very productive experience. On the other hand, if everybody is familiar with it, the experience will be much better. This is…
See 8 more ELK Logstash Reviews