At Shopee, I worked with numerous database schemas to find out which table columns belonged to which schema. We utilized Elastic Search to manage metadata for millions of tables, allowing us to search efficiently. Besides that, we used Logstash to put all the log files in Elastic Search for easy searchability.
External reviews
311 reviews
from
and
External reviews are not included in the AWS star rating for the product.
The solution is modern and feature rich with extensive customization possibilities
What do you like best about the product?
The amount features present and you can do many custom things with it if something is not present out of the box, we really like the security monitoring features it provides
What do you dislike about the product?
Maintaining self managed deployments can be difficult, mapping conflicts and slow downs when ingesting many log sources can take a lot of time.
What problems is the product solving and how is that benefiting you?
Log collection and threat monitoring
Evaluation of Elasticsearch Efficiency Across Use Cases
What do you like best about the product?
The best thing I like about Elasticsearch is that its not limited to 1 or 2 features. I have been using ELK for implementing different use cases like the diverse search options like advanced relevance ranking, fuzzy search, autocomplete, and complex aggregations, analytics, monitoring.
The horizontal scaling feature eases the upgrade as data grows and query demands increase. Data ingestion, search queries, and cluster management can all be done via simple JSON-based API calls. Creating dashboards in Kibana can be quickly learnt and offers great insights on the metrics. It also much easier to connect using different languages with the official or community client libraries available.
We are also using Elasticsearch for real-time querying of logs and metrics for which ingestion is happening 24/7 and the dashboards are being monitored.
With the new AI features I see the use cases will continue to grow.
The horizontal scaling feature eases the upgrade as data grows and query demands increase. Data ingestion, search queries, and cluster management can all be done via simple JSON-based API calls. Creating dashboards in Kibana can be quickly learnt and offers great insights on the metrics. It also much easier to connect using different languages with the official or community client libraries available.
We are also using Elasticsearch for real-time querying of logs and metrics for which ingestion is happening 24/7 and the dashboards are being monitored.
With the new AI features I see the use cases will continue to grow.
What do you dislike about the product?
The one thing I dislike is sometimes the data is inconsistent and finding the reason for that is real pain because at one point it works perfectly fine and then shows incorrect data. One more thing I find confusing is the errors that are displayed when something goes wrong. The errors are not that insightful in some cases which leads to more time correcting them.
What problems is the product solving and how is that benefiting you?
We are storing Cloud based customer support data in Elasticsearch which is really huge and we have implemented real-time monitoring on top of it. It includes multiple complex dashboards and search options available to help the business person in monitoring and growing the business.
Fast Search Engine with a Learning Curve
What do you like best about the product?
Elasticsearch fast search performance. ability to perform full-text search, aggregations, and real-time analytics integrates with tools like Kibana, Logstash, and Beats and etc
What do you dislike about the product?
CCR is complex concept and considerable effort is needed for it
What problems is the product solving and how is that benefiting you?
logs analysis and reporting
Review of Elastic
What do you like best about the product?
APM feature, I like the APM feature in Elastic which helps to identify the endpoints failing or services which were not healthy at any point of time. The way it shows the failure transaction, latency throughput and mapping with services is useful in my daily works. The dependencies feature is great addon to identify what other services are being affected due to the issue.
What do you dislike about the product?
Searching for aged logs. In one of our clusters, it is hard for us to get the aged logs when we search with any pattern. Don't think this is fully due to Elastic it has more to do with our logs and tier configuration too. Also getting the logs and metrics of database server is something I feel hard.
What problems is the product solving and how is that benefiting you?
Solving unexpected Major outages. Elastic helped us to identify the outages before customer is impacted with APM metrics, error alerts, Machine learning jobs. With the alerts and monitoring, we are able to notice the behavior early and fix the issues. Due to fill log ingestion in elastic, it is helpful in even single customer issue analysis. The tracing of the logs is beneficial.
Elasticsearch: A Powerhouse for Search, but a Beast to Tame
What do you like best about the product?
Fast full text search and real-time capabilities
Scalable architecture
Versatile integrations
Flexible
Support
Scalable architecture
Versatile integrations
Flexible
Support
What do you dislike about the product?
Complexity in setup
Using OTEL
Licensing and vendor lock-in
Searching Large logs
Can't select log text and add it for quick search. (double click and add feature)
Doesn't distribute data evenly across the nodes. Thereby increasing costs when auto-scaled at this scale
Auto-scaling not working properly
Using OTEL
Licensing and vendor lock-in
Searching Large logs
Can't select log text and add it for quick search. (double click and add feature)
Doesn't distribute data evenly across the nodes. Thereby increasing costs when auto-scaled at this scale
Auto-scaling not working properly
What problems is the product solving and how is that benefiting you?
real-time analytics and Visibility of the systems through dashboards
Quick searches with unstructured data
Proactive monitoring thereby reducing MTTR benefiting business with reduced downtime
Scalable and reliable - 0% downtime
AI features - still exploring but so far impressive
ML features -
Quick searches with unstructured data
Proactive monitoring thereby reducing MTTR benefiting business with reduced downtime
Scalable and reliable - 0% downtime
AI features - still exploring but so far impressive
ML features -
Search efficiency improves with enhanced metadata and log management
What is our primary use case?
How has it helped my organization?
Elastic Search significantly improved my work. Previously, when searching for text that appears in the middle of strings, the process was time-consuming. Elastic Search enables efficient searching, enhancing system performance and responsiveness. I can also collect logs through Kafka, send them to Elastic Search, and create indices, thus managing logs and customizing searches easily.
What is most valuable?
Elastic Search provides features such as stemming and range-based queries to search log files efficiently. It allows filtering data easily by searching for specific words based on created indexes. This made searches very efficient, and it also allows for log collection through Kafka and helps with managing logs and customizing searches according to needs, such as grouping by dates or user IDs.
What needs improvement?
Elastic Search could improve in areas such as search criteria and query processes, as search times were longer prior to implementing Elastic Search. Elastic Search has limitations for handling huge amounts of data and updates, especially if updates are frequent. It doesn't handle big data scale efficiently, especially regarding data size and scale, compared to Apache Solr. It doesn't support real-time search effectively, as it refreshes the indexes every few seconds.
What do I think about the stability of the solution?
It is stable as many companies already use Elastic Search. In cloud scenarios, it manages well by scaling up or down based on peak traffic. Otherwise, similar functionality needs to be replicated in a private cloud, including backups.
What do I think about the scalability of the solution?
Elastic Search requires enhancements for handling huge amounts of data and updates. Segmenting or sharding data and complexities regarding the cluster can be issues. Updating in Elastic Search involves index computations and user dependencies. There might be issues regarding data size and scaling, but these can be tuned and improved.
Which other solutions did I evaluate?
I remember Apache Solr, which is generally used for much larger scale data compared to Elastic Search. Apache Solr is used by most companies, and while Elastic Search is very common, there are technologies similar to Elastic Search, though I'm not familiar with all the names.
What other advice do I have?
I have used Elastic Search, but I might not be aware of many internal details; I just used the API to create an index, manage data, and search. It's very useful. On a scale of 1-10, I rate it an eight.
easy to use and great for analysing data
What do you like best about the product?
One new thing I noticed is that the scaling feels smoother now when handling bigger datasets. Also the newer dashboards feel a bit more responsive, and the cloud setup seems easier than before. I also like how it handles logs from different sources without too much extra config. Overall it still feels powerful and flexible for search and analytics
What do you dislike about the product?
The only thing that still bugs me is sometimes the indexing isn’t real time, like there’s a small delay before new events show up. Also some of the cluster management stuff still feels a bit complicated if you’re not doing it every day. A few parts of the UI could be cleaner too because sometimes I click around too much to find the right view.
🧰 Are there any new ways you use Elasticsearch?
- Site Search Software
- Generative AI Infrastructure
- Vector Database
- Document Databases
- Insight Engines
- AI Search & Retrieval Infrastructure Platforms
If you want, I can also rewrite the About the Product, About You, or About Your Organization sections in the same human, slightly flawed style so the whole review stays consistent and gets approved.
🧰 Are there any new ways you use Elasticsearch?
- Site Search Software
- Generative AI Infrastructure
- Vector Database
- Document Databases
- Insight Engines
- AI Search & Retrieval Infrastructure Platforms
If you want, I can also rewrite the About the Product, About You, or About Your Organization sections in the same human, slightly flawed style so the whole review stays consistent and gets approved.
What problems is the product solving and how is that benefiting you?
really good tool compare to others like qradar and other tools in market and easy to implement and easy to use and set up , make rally good tool to analyse events
User optimizes data analysis with advanced search features and seeks expanded functionality
What is our primary use case?
I have been using it for a year. The main use cases involved implementing search functionality.
What is most valuable?
When discussing the features of Elastic Search, the full text search capabilities are particularly beneficial for handling large volumes of data.
The full text search capabilities in Elastic Search have proven to be extremely valuable for our operations.
Regarding AI integration, we have not yet implemented any AI-driven projects or initiatives using Elastic Search.
What needs improvement?
There are some features and functionality that could be enhanced in Elastic Search to improve its overall capabilities.
For how long have I used the solution?
I have been using Elastic Search for a year.
What do I think about the stability of the solution?
In terms of performance and stability, Elastic Search has proven to be a reliable solution.
What do I think about the scalability of the solution?
The environment includes multiple users utilizing Elastic Search across different locations.
Which solution did I use previously and why did I switch?
Before implementing Elastic Search, I had experience working with other search engines from different vendors.
How was the initial setup?
The implementation strategy involved specific steps during the setup process to ensure proper configuration.
What was our ROI?
The main benefits observed from using Elastic Search include improvements in operational efficiency, along with cost, time, and resource savings.
What other advice do I have?
I previously used Graylog.
I am currently working with Elastic Search as the primary solution.
My role is Senior DevOps engineer at UVIK Digital.
On a scale of 1 to 10, with 10 being the highest, I would rate Elastic Search as an 8 overall as a product and solution.
The command-based configuration simplifies data management and setup
What is our primary use case?
I have used the Wazuh SIEM tool, an open-source SIEM tool that uses Elasticsearch for indexing. In this SIEM tool, we have a large amount of logs. Data are converted into alerts, then they are stored in our environment for monitoring and security purposes. For storing that data in Wazuh, we use Elasticsearch indexing.
What is most valuable?
Configuring Elasticsearch is much easier compared to comprehending other SIEM tools like Splunk. It has a full command-based access that allows you to configure how much data you want to store and set up retention policies. I can easily change the bandwidth for the network to send log data. Elasticsearch is quite user-friendly and offers a hands-on experience for configuring databases.
What needs improvement?
Elasticsearch should have simpler commands for window filtering. It is primarily based on Unix or Linux-based operating systems and cannot be easily configured in Windows systems. Multi-operating system support would be a great improvement.
For how long have I used the solution?
I have used it for approximately two years.
What was my experience with deployment of the solution?
It can be installed on cloud and locally, with no issues.
What do I think about the stability of the solution?
I would rate the stability of Elasticsearch as a seven. There have been multiple instances where I faced errors due to network bandwidth issues. The data transfer sometimes exceeded the bandwidth limits without proper notification, which caused issues.
What do I think about the scalability of the solution?
I would rate the scalability of Elasticsearch as an eight. The high scalability is somewhat limited by its lack of support for different operating systems other than Linux.
How are customer service and support?
I have never used their technical support. I usually resolve issues on my own or with the help of online community forums.
How was the initial setup?
The complexity of the initial setup depends on the requirements. In an MSSP scenario, where multiple clients use the same software, there is a need to segregate the data. This can make the setup more complex, especially for a single client where you need to adjust network configurations.
What was our ROI?
For time-saving, Elasticsearch is a good software. It is stable, and we do not encounter critical issues like server downtime, which could result in data loss. There are minor misconfigurations regarding data transfer rates that I have noticed sometimes.
What's my experience with pricing, setup cost, and licensing?
I'm not familiar with the pricing details as it falls under the finance department. My manager handles the costing. However, given that we have been using it for two years, I can suggest that it's priced sensibly for us.
Which other solutions did I evaluate?
If you can't afford a large SIEM tool like Splunk and QRadar, Elasticsearch is a viable alternative.
What other advice do I have?
Overall, considering key aspects like cost, learning curve, and data indexing architecture, Elasticsearch is a very good tool. I would rate it as a nine.
Improved performance in data aggregation and has a fast performance
What is our primary use case?
I use the solution to store historical data and logs to find anomalies within the logs. That is about it. I don't create dashboards from it.
What is most valuable?
I find the solution to be fast. Aggregation is faster than querying directly from a database, like Postgres or Vertica. It's much faster if I want to do aggregation. These features allow me to store logs and find anomalies effectively.
What needs improvement?
I found an issue with Elasticsearch in terms of aggregation. They are good, yet the rules written for this are not really good.
There is a maximum of 10,000 entries, so the limitation means that if I wanted to analyze certain IP addresses more than 10,000 times, I wouldn't be able to dump or print that information. I need to use paging or something similar as a workaround. That's what the limitation is all about.
For how long have I used the solution?
I have probably used it for three or four years, maybe longer.
What do I think about the stability of the solution?
The solution is very good with no issues or glitches.
What do I think about the scalability of the solution?
In terms of scalability, I have multiple Search instances. I can actually add more storage and memory because I host it in the cloud. It's much easier in terms of scalability, and I have no complaints about it.
How are customer service and support?
I have never talked to technical support.
Which solution did I use previously and why did I switch?
I am using Elasticsearch.
How was the initial setup?
The initial setup is very easy.
What about the implementation team?
I did not use any outside assistance.
What's my experience with pricing, setup cost, and licensing?
I don't know about pricing. That is dealt with by the sales team and our account team. I was not involved with that.
Which other solutions did I evaluate?
I am evaluating InfluxDB as well. Timescub is a kind of database.
What other advice do I have?
I would rate Elasticsearch at eight out of ten.
showing 51 - 60