Fast, Scalable Elasticsearch for Quick Log Analysis
What do you like best about the product?
From our use, Elasticsearch is fast, scalable and provides quick results for querying which makes it very useful for any log analysis
What do you dislike about the product?
Operational cost is increasing
Shard allocation and indexing can be made easier to configure
What problems is the product solving and how is that benefiting you?
We use ELK for log parsing, and with it its ability to respond quickly to queries helps us identify issues and get clues about what’s going wrong much faster.
Efficient Log Management & Search with Excellent Support
What do you like best about the product?
Very efficient product to manage our logs and search
The support is easy to interact with and the quality of the answers are perfect
What do you dislike about the product?
When it is self managed, a bit tedious to update
What problems is the product solving and how is that benefiting you?
Centralizing our documentation and making it available in quick search is really great
Powerful Search Platform for Enterprise-Scale Operations
What do you like best about the product?
What I like best about Elasticsearch is its powerful search and aggregation capabilities combined with high performance at scale. We support over 100 customers who use it daily in their operations, and Elasticsearch consistently handles large data volumes with fast response times.
From a support perspective, features like detailed query capabilities, clear APIs, and strong integration within the Elastic Stack significantly improve our workflow. Kibana dashboards help us quickly analyze customer issues, review logs, and identify performance bottlenecks without needing custom tools. This often reduces troubleshooting time from hours to minutes.
An unexpected benefit has been how flexible and scalable the platform is across different customer environments. It allows us to support diverse use cases while maintaining a relatively standardized architecture.
What do you dislike about the product?
One of the main challenges with Elasticsearch is the complexity of configuration and tuning, especially in larger or high-availability clusters. For customers without deep expertise, settings around JVM tuning, shard allocation, and performance optimization can be difficult to manage. This often increases the support workload and extends troubleshooting time.
Version upgrades can also be demanding. Breaking changes between major versions and strict compatibility requirements sometimes require careful planning and additional testing, which impacts customer environments and maintenance windows.
Customers often ask about the possibility of reverting to the previous version, but this is not possible.
In such cases, we have to come up with our own workarounds.
Improved backward compatibility, clearer upgrade paths, and more built-in automated diagnostics for cluster health and performance tuning would significantly reduce operational overhead for both customers and support teams.
What problems is the product solving and how is that benefiting you?
Many of our customers struggled with slow database searches, limited reporting capabilities, and fragmented log storage. Troubleshooting incidents often required manually checking multiple systems, which was time-consuming and inefficient.
With Elasticsearch, they can centralize logs and operational data, perform fast full-text searches, and build real-time dashboards. As a result, tasks that previously took hours - such as identifying the root cause of an issue - can now often be completed in minutes.
For us as a support team, this has significantly reduced resolution times and improved SLA compliance. In many cases, incident investigation time has decreased by 50% or more, which directly benefits both our customers and our internal operations.
Fast, Flexible, and Innovative—Elasticsearch at Its Best
What do you like best about the product?
I appreciate its speed, flexibility, and innovation.
What do you dislike about the product?
There isn’t much to dislike about Elastic Search.
What problems is the product solving and how is that benefiting you?
It’s helping us improve our search platform and making it better overall.
Elasticsearch: The Best Engine for Fast Data Search and Analysis
What do you like best about the product?
Elasticsearch is the best platform/engine to analyze and search your data. With the AI capabilities Elastic is developing, it becomes even more powerful. Besides the company offers an excellent support.
I cannot imagine the current internet and technological world without Elasticsearch.
What do you dislike about the product?
Documentation is sometimes hard to follow and navigating it feels confusing.
What problems is the product solving and how is that benefiting you?
You just put your data in Elasticsearch, and it can produce value. No matter if the data comes from old databases, files, logs, etc. Once it´s in Elasticsearch you extract all the value and knowledge from it.
Elasticsearch unifies multi-platform insights with powerful log search
What do you like best about the product?
Elasticsearch help to gather information from multiple platforms. Providing a single view for searching UI, search effectively from massive log data
What do you dislike about the product?
So far, we do not use much advance features in Elastic at this moment. When we have to use a certain feature in Elastic. We have to study the methodology and check from community for case reference. Also, there is less reference cases or examples that I cannot find easily if I want to arrange integration between Elasticsearch with third party application such as Oracle DB / Fortigate Firewall etc.
What problems is the product solving and how is that benefiting you?
For Telcom internal use: usually operator has many IoT device and application such as switch, router, server, VM and also many log file generated from them. The inventory is large and complex. We have use Elasticsearch to summarize the view to keep record and search these devices log. Also, with some known behavior or threshold for potential fault issue, we have set the alarm mechanism to trigger support team for troubleshooting for quick respond. In conclude, it helps me for inventory, reporting, monitoring and troubleshooting.
Easy to Use, Seamless GCP Integration with Zero Issues
What do you like best about the product?
The platform is very easy to use and very easy to integrate with GCP. We were able to get it to work directly in our tool with 0 issues.
What do you dislike about the product?
Expensive to scale. We have a lot of data we use to search and elastic just costs a lot so we need to set up lifecycle management
What problems is the product solving and how is that benefiting you?
search and full text lookup. We are in ecomm and customers need to look through products
Powerful and Scalable Search Engine with Excellent Performance
What do you like best about the product?
What I like most about Elasticsearch is its speed and flexibility. It can handle very large volumes of data while still delivering fast and accurate search results. The query DSL is powerful and allows complex filtering and aggregation, which makes it suitable for many use cases beyond simple search. It also scales very well and integrates easily with other tools in the Elastic ecosystem.
What do you dislike about the product?
The main downside is the learning curve. Getting the most out of Elasticsearch requires a good understanding of mappings, indexing strategies, and performance tuning. It can also be resource-intensive, especially for smaller teams or projects, and may feel overkill for simple search needs.
What problems is the product solving and how is that benefiting you?
Elasticsearch solves the problem of searching, analyzing, and exploring large and complex datasets in near real time. It allows us to centralize data from multiple sources and query it efficiently. This has significantly improved performance, reduced response times, and enhanced the overall user experience by providing fast and relevant search results.
Blazingly Fast, Feature-Rich Elasticsearch with Top-Notch Documentation
What do you like best about the product?
It simply works as expected and is blazingly fast. Using the ELK stack has been a life changer as well. Lots of features have been added over the years (working with Elasticsearch for a lot of years now). Worth mentioning is that the documentation is top notch. Very well structured, easy to understand and with lots of examples.
What do you dislike about the product?
In all these years that I have been using Elasticsearch, I did not find a single thing I actually missed. It's a complete package that delivers all that I am looking for.
What problems is the product solving and how is that benefiting you?
We use the ELK stack daily for monitoring, logging but especially also as search engine on our main pages. The whole customer search for our bank is based on Elasticsearch.
Centralized logs and traces have improved monitoring and now support company-wide insights
What is our primary use case?
I use Elastic Search, and from time to time I use it, but most of the time I am a system administrator. I deployed it more than using it. At the beginning, I was a system administrator, responsible for the deployment and maintenance of Elastic Search clusters. For a few years now, I have started to use it more because the end users are rookie users. They need a lot of help to be able to use Elastic Search effectively. I started to be a user approximately five years ago.
Today, at least, we provide a global, unique Elastic Search cluster for the whole company, and all teams store their logs inside, their traces, and their APM traces. Teams use Kibana to display information. We also use Prometheus exporters to collect metrics from the logs. We execute some query DSL over Elastic Search to collect metrics, which will be injected in a time series database like Prometheus. This is the main usage. We store metrics, logs, and APM traces.
What is most valuable?
The deployment of Elastic Search is excellent. I like Elastic Search very much for that. I say regularly to the team that Elastic is elastic. It is really difficult to break. This was not the case a few years ago when I worked with Elastic Search version one and version two. Starting with version six of Elastic Search, it started to be really strong. Today, in the past, the main issue was about the data and the volume.
At the moment they integrated lifecycle policy for indices, ILM, Index Life Cycle Management. When it was created, additionally to the data stream, it started to be really easy to have all the same index volume. It is really easy to administrate and to balance data between data centers and between data nodes, and to keep the same everywhere. It is very nice. It is my favorite feature of Elastic Search. It is so easy to manage. Also, maybe because we used it for a long time, we started to be comfortable with all the setup and the node type, and how we should manage our cluster to make it resilient. I think it is really easy to maintain comparatively to some other databases.
What needs improvement?
To be honest, there is only one downside of Elastic Search that makes sense because we use a basic license, which is a free license. We do not have some features available because of the free license. Except for that, I do not have any complaint. It works perfectly. It is pretty easy to administrate and to use. I do not have complaints, to be honest, except the fact that we do not have all features available such as the APM service map or alerting.
We are not able to use a provider like Sentry, Slack, or PagerDuty. We are forced at some point to generate metrics from the logs in order to use our alerting stack in Prometheus, which works. It is an open-source project which allows us to generate alerts to Slack, PagerDuty, and some third-party tools without any license. However, it is not doable with Elastic Search in the open-source version. The alerting part is the most complicated part to manage because of the license.
What do I think about the stability of the solution?
From time to time we have some JVM, Java Virtual Machine issues with Elastic Search. However, it is more linked to users' requests. From time to time, people ask Elastic Search to search inside one year of logs without a nice query and without any filters. This is clearly not doable and some nodes will crash. This makes sense. However, Elastic Search is really stable when we do not have this kind of request.
What do I think about the scalability of the solution?
Elastic Search is the perfect tool for scalability. You just need to deploy new nodes. They will be able to join and reach the cluster really easily. I appreciate it for that as well because today at VP, we use Terraform to deploy our infrastructure. All Elastic Search nodes are managed through Terraform. If I need to extend my data node or my ingest node or whatever, I just need to deploy new nodes with the same setup, and the node will join my cluster, and it will scale horizontally really easily.
How are customer service and support?
I have never had to contact the technical support of Elastic Search.
How would you rate customer service and support?
Which other solutions did I evaluate?
For logs management, I have not used any alternatives or something similar to Elastic Search. For APM as well, there was a plan in the past to try to migrate to Grafana, the Grafana open-source platform for APM traces using Tempo. Tempo is a Grafana Labs project. However, we decided to keep Elastic Search for that, so we do not have any other tool or similar tool to accomplish that.
Maybe just one, it is about error tracking. We can track errors with APM inside an application, and currently we use Sentry, which is not just an error tracking platform, but also about performance management. However, we use it only for error tracking. It is more useful for developers at the beginning of a new project. Most of the time, they prefer to be connected to Sentry more than APM in order to track errors. When the project will be in production, they will be more focused on the performance than the errors. At this moment they will start to use APM, Elastic Search APM more than Sentry. We do not provide any performance indicators. Sentry is also able to manage performance metrics, but we use it only for errors and everything related to performance has been disabled.
What other advice do I have?
I think the pricing of Elastic Search is really, really expensive. The main point is that we do not get any license. I tried in the past, a few times, to contact the Elastic Search team to get a quote, and it was so complicated each time to get a quote because of the volume and the number of nodes. We are a big company at VP, so we have a lot of nodes, more than one hundred. For sure it was so expensive. They tried to tell me about the enterprise mode and about the new license way to manage cost based on CPU and memory usage. It was really expensive because at this moment, we do not use any cloud services. Our Elastic Search cluster is on-premises.
Everything is self-hosted at VP tech, at VP. We do not have any limit. People using AWS or GCP have limits because the volume of data is really expensive in cloud services and cloud platforms. Because we self-hosted everything around our services such as Elastic Search or Sentry, the idea is to let the user be able to store a lot of data and a lot of metrics. We try to train the team to have a good log level. We do not have such limitation in terms of volume. We have a really big cluster, and at the end, the price is so huge. I gave this review a rating of ten out of ten.
