ELK Logstash Overview

ELK Logstash is the #4 ranked solution in our list of Log Management Software. It is most often compared to Graylog: ELK Logstash vs Graylog

What is ELK Logstash?

Logstash is an open source, server-side data processing pipeline that ingests data from a multitude of sources simultaneously, transforms it, and then sends it to your favorite “stash.”

ELK Logstash is also known as Elastic Stack, ELK Stack.

ELK Logstash Buyer's Guide

Download the ELK Logstash Buyer's Guide including reviews and more. Updated: January 2021

ELK Logstash Customers

Sprint, Grab, Autopilot, Just Eat, Verizon Wireless, Green Man Gaming, Compare Group, Tango, Perceivant, Quizlet

ELK Logstash Video

Pricing Advice

What users are saying about ELK Logstash pricing:
  • "It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."
  • "This is an open-source product, so there are no costs."
  • "We use the open-source version, so there is no charge for this solution."
  • "Elastic Stack is an open-source tool. You don't have to pay anything for the components."
  • "We are using the free, open-source version of this solution."

ELK Logstash Reviews

Filter by:
Filter Reviews
Industry
Loading...
Filter Unavailable
Company Size
Loading...
Filter Unavailable
Job Level
Loading...
Filter Unavailable
Rating
Loading...
Filter Unavailable
Considered
Loading...
Filter Unavailable
Order by:
Loading...
  • Date
  • Highest Rating
  • Lowest Rating
  • Review Length
Search:
Showingreviews based on the current filters. Reset all filters
CharlesNetshivhera
Senior DevOps Engineer at a financial services firm with 10,001+ employees
Real User
Top 5
Dec 9, 2020
It is quite comprehensive and you're able to do a lot of tasks

What is our primary use case?

It is currently deployed as a single instance, but we are currently looking at clusters. We are using it for a logging solution. I'm a developer and act as a server engineer for DevOps Engineers. It's used by developers and mobile developers. It could be used by quite a few different teams.

Pros and Cons

  • "The indexes allow you to get your results quickly. The filtering and log passing is the advantage of Logstash."
  • "We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised."

What other advice do I have?

Do a POC first. They should compare solutions and also look at different log formats they're trying to ingest. See how it really fits with the use case. This goes for ELK and Graylog. You can trial the enterprise version. In terms of lessons learned it does need some time and resources. It also needs adequate planning. You need to follow the documentation clearly and properly. I would give this solution 8 out of 10.
reviewer1174176
Associate Delivery Lead at a tech services company with 1,001-5,000 employees
Real User
Top 5
Mar 5, 2020
Fast, easy and offers easy infrastructure monitoring abilities

What is our primary use case?

The primary use cases are for infrastructure monitoring networks, security analytics, and SIEM. We are evaluating it for business analytics as well.

Pros and Cons

  • "ELK Logstash is easy and fast, at least for the initial setup with the out of box uses."
  • "In terms of what could be improved with Elastic, in some use cases, especially on the advanced level, they are not ready made, so you'll have to write some scripts."

What other advice do I have?

Based on my experience, it's quite easy and manageable with small scale implementations, and the time to market is quite fast. I can have good monitoring with a couple of use cases set up in less than four weeks. In terms of other advice, it depends what I am looking for. Am I looking at this as a platform or for a specific use case? If I see it as a platform, I would definitely say it's a good platform to work on. In that case, I would rate it an eight on a scale of one to ten.
Learn what your peers think about ELK Logstash. Get advice and tips from experienced pros sharing their opinions. Updated: January 2021.
456,719 professionals have used our research since 2012.
reviewer1363986
IT at a tech vendor with 10,001+ employees
Real User
Aug 3, 2020
Easy to set up with a helpful community and a good dashboard tutor

What is our primary use case?

We primarily use the solution to have a correlation on all the Windows event logs. We use it more for forensic purposes now. We are looking for something which will be a more proactive product for us and be able to detect any threats and take automatic action.

Pros and Cons

  • "The solution has a good community surrounding it for lots of helpful documentation for troubleshooting purposes."
  • "The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that."

What other advice do I have?

We're ELK customers. Mostly I'm a specialist on the infrastructure of the solution. The solution is perfect as long as you are using it for forensics. In terms of threat detection, it could be better. There could be another product that is more appropriate for that aspect. I'd rate the solution eight out of ten.
reviewer1090929
Information Technology Engineer at a university with 501-1,000 employees
Real User
Top 5
Feb 17, 2020
Easy to update and maintain with a simple query language

What is our primary use case?

This solution is primarily used for log services and network appliances. Our director proposed that we buy six virtual machines with the six logs and about three bytes of storage. We use the solution on this.

Pros and Cons

  • "The feature that helps us to create a report for the login testing of Logstash is the most valuable aspect of the solution."
  • "The machine learning is not included in the free version. It is only included in the Platinum or Gold versions. It would be helpful if the machine learning features were available even on the free version of the solution. RSA and IBM are other solutions that also offer machine learning, which is interesting for us, but they cost money."

What other advice do I have?

In the future, I only plan to use the on-premises and free community edition of the solution. I'd recommend it this is a solution to other users. I recommend the free version. The one problem is that this solution has limited features. The Platinum is less expensive in respect to other solutions. I'd rate the solution eight out of ten.
Fazil BasheerSyed
Co Founder at Basheer Sharma Enterprises LLP
Real User
Jul 9, 2020
Simplifies process of bug identification and tracking using application log files

What is our primary use case?

I was using this product up until recently when I changed companies, but I have been asked to implement logging in my new role and this is one of the options that I am considering. It was used in conjunction with Kibana to examine our logs and perform debugging. When a user complained about misbehavior in an application, we would research the logs, test, and try to find out where the bug is.

Pros and Cons

  • "The most valuable feature for me is Discover."
  • "I would like the process of retrieving archived data and viewing it in Kibana to be simplified."

What other advice do I have?

When my colleague set up this application, it was configured such that every seven days, the data is archived into long-term storage. When I needed something from the archived logs, it was easy to retrieve and I could look through them again. This is something that I would suggest doing. My suggestion for anybody who is implementing ELK Logstash is to make sure that the entire team knows how to use it. If only one person knows it and takes care of it, then it is not a very productive experience. On the other hand, if everybody is familiar with it, the experience will be much better. This is…
AmirJalilzadeh
Security Operation Center Analyst at Sadad
Real User
Top 5
Aug 19, 2019
Helps us with application behavioral analysis and tuning

What is our primary use case?

We used this solution for gathering our application logs and analyzing application behavior.

Pros and Cons

  • "It is the best open-source product for people working in SO, managing and analyzing logs."
  • "If the documentation were improved and made more clear for beginners, or even professionals, then we would be more attracted to this solution."

What other advice do I have?

Our company uses Logstash for gathering the data, and Kibana for searching. The two are used together. This is a solution that I recommend. It is the best open-source product for people working in SO, managing and analyzing logs. I would rate this solution an eight out of ten.
Maxime AGARIM
Junior System Engineer at Efficom-lille
Real User
Top 5
Mar 25, 2020
Enables us to retrieve data from various servers and sources so we can detect errors

What is our primary use case?

We use Logstash to retrieve data from our servers, from different sources, to our Elastic Stack. There, Elastic Search allows us to search it, and we can visualize the data with Kibana.

Pros and Cons

  • "I use the stack every morning to check the errors and it's just so clear. I don't see any disadvantage to using Logstash."
  • "One thing they could add is a quick step to enable users who don't have a solid background to build a dashboard and quickly search, without difficulty."

What other advice do I have?

Think carefully about how you will build the solution so that it is a high-availability solution. That is the trick when using Elastic Stack. Examine what your needs are. I would rate Logstash at eight out of 10. I think the solution is really complete, with the components it has. It is a good solution.
Shadow Fx
User at a comms service provider with 51-200 employees
Real User
Sep 26, 2019
Good visualization, but more automation is needed

What is our primary use case?

We are a service provider, and use this solution to work with our customers. We use this solution for collecting firewall logs and then supplying them to the log analyzer. We are running Fortinet FortiGate for our firewall, and these are the logs that we are analyzing. Normally, we have a problem with the visualization part.

Pros and Cons

  • "The visualization is very good."
  • "There are connectors to gather logs for Windows PCs and Linux PCs, but if we have to get the logs from Syslog then we have to do it manually, and this should be automated."

What other advice do I have?

We are interested in learning more about plugins for specific firewalls or other products. The only problem with this solution is the development part, where we have to do it manually. I would rate this solution a six out of ten.
See 3 more ELK Logstash Reviews