Sign in
Sign in
or
Create a new account
Agent Mode
Categories
Become a Channel Partner Sell in AWS Marketplace Amazon Web Services Home Help

Elastic Agent

Elastic

Reviews from AWS customer

0 AWS reviews
  • 5 star
    0
  • 4 star
    0
  • 3 star
    0
  • 2 star
    0
  • 1 star
    0

External reviews

23 reviews
from

External reviews are not included in the AWS star rating for the product.

    Nathan T.

Powerful Security Features with Minimal Setup Hassles

  • April 22, 2026
  • Review provided by G2

What do you like best about the product?
I like using Elastic Security for security monitoring. The central logs and ECS features are incredibly useful for me. I appreciate the powerful tools like timeline and cases, which make handling security details much more efficient. The initial setup of Elastic Security was fairly easy, which I found really convenient.
What do you dislike about the product?
In timeline you can’t move columns by sliding, you need to right-click and “move to the left” multiple times sometimes.
What problems is the product solving and how is that benefiting you?
I use Elastic Security for centralizing logs, utilizing ECS, and fast triaging.

    Jordan J.

Seamless SIEM Solution with AI and Outstanding Support

  • March 04, 2026
  • Review provided by G2

What do you like best about the product?
I find Elastic Security to be a great product mainly because of the AI integrations that make it easier for analysts to ask questions and generate queries swiftly during their investigations. The numerous out of the box integrations and connectors for ingesting logs and generating alerts are impressive, and we easily create custom alerts that meet various security framework requirements. The ability to visualize threats is excellent for quick overviews and illustrating value to leadership. I also appreciate the case management features that allow us to tie multiple alerts to a single case and explore the entire chain of events in a timeline view, making it a solid platform for our security team. The setup was smooth, thanks to the elastic serverless platform, and the professional services team from Elastic were extremely helpful. Moreover, the Slack and PagerDuty connectors keep us informed and ready to raise staff for critical alerts. Overall, Elastic Security has been reliable and meets our needs effectively, and I would absolutely recommend it.
What do you dislike about the product?
There have been some minor bugs in the platform that we have run into, but the support teams have been very helpful in triaging the bugs and getting fixes out. In some cases we had fixes deployed within hours.
What problems is the product solving and how is that benefiting you?
Elastic Security centralizes our security logs, providing a single pane of glass for our analysts to investigate and manage events effectively. Its AI, visualizations, custom alerts, and case management streamline operations, helping us correlate events, visualize threats, and retain oversight seamlessly.

    Delonte J.

Streamlined Security Investigations with Elastic

  • February 12, 2026
  • Review provided by G2

What do you like best about the product?
I appreciate the ability to visualize data and turn it into actionable intelligence with Elastic Security. We use it to create dashboards that monitor our security posture, attack surface, and threat landscape. The integration with our incident management system is seamless, and the setup was simple and straightforward. Elastic Security has allowed our team to conduct investigations more efficiently.
What do you dislike about the product?
I find building sequencing rules where multiple events must occur in order over a given time challenging.
What problems is the product solving and how is that benefiting you?
I use Elastic Security to efficiently investigate and detect security incidents. It allows us to visualize data, creating dashboards to monitor our security posture and turn insights into actionable intelligence.

    Information Technology and Services

Easy Alert Management and Powerful Cases for Security Investigations

  • February 12, 2026
  • Review provided by G2

What do you like best about the product?
You can manage the alerts in an easy way. From alerts panel you can have all the information needed for a security investigation. Also, with the cases feature, you can create your own database of alerts
What do you dislike about the product?
Sometimes, charging is slow, and it's difficult to copy fileds and values from timelines
What problems is the product solving and how is that benefiting you?
It's helping us as a SIEM

    Information Technology and Services

Powerful Detection and Deep Visibility with Practical Usability in Elastic Security

  • February 12, 2026
  • Review provided by G2

What do you like best about the product?
Elastic Security stands out for its powerful detection capabilities and deep visibility across endpoints and logs, while still being relatively easy to use once the workflows are understood. Implementation is smooth in environments already using the Elastic stack, and integrations with existing tools are flexible and well-documented. The platform offers a rich set of features for threat detection, hunting, and response that scales well for SOC operations. Customer support and community resources are strong, making troubleshooting manageable. Overall, it’s a feature-dense, frequently used platform that balances advanced capability with practical usability.
What do you dislike about the product?
The learning curve can be steep at the beginning, especially when tuning detections and managing advanced features without prior Elastic experience.
What problems is the product solving and how is that benefiting you?
Elastic Security helps centralize detection by allowing us to create custom rules that identify threats across multiple data sources in one platform. Its ability to ingest logs from tools like CrowdStrike and other security products gives us unified visibility for faster investigations. This reduces tool sprawl and improves our SOC’s efficiency in detecting and responding to incidents.

    Banking

Pre-Built Elastic Security Use Cases That Make Migration Easier

  • February 11, 2026
  • Review provided by G2

What do you like best about the product?
Most helpful, which was one of the reason for choosing Elastic Security is pre-build security use-cases ready to use.
What do you dislike about the product?
Upside is, when you migrate from different tool, to learn specifics, eg. IP address stored in multiple fileds for ability to search either by text or regex.
What problems is the product solving and how is that benefiting you?
Primarily we use it as SIEM tool and also as EDR tool.

    hector g.

Prebuilt Rules and Easy Integrations Make Elastic a Strong Choice

  • February 11, 2026
  • Review provided by G2

What do you like best about the product?
I think one of the best things about Elastic is the large set of prebuilt rules created by Elastic themselves.

I also like how the parsing and mapping are really easy to follow and implement, especially when you can find an integration that’s already created for the technology you need to monitor.
What do you dislike about the product?
What I was missing most was a proper SOAR. I haven’t tried the workflows yet, but I have high expectations for them.

In the past, we tested the AI assistant in the first version and were a bit disappointed. Nowadays, I think it has improved quite a lot.

Another thing I’ve noticed lately is that when using and correlating different log sources, especially through the integrations by Elastic, I sometimes find fields that should match but don’t. For example, Source.ip vs client.ip, or user.name vs source.user.name. This inconsistency has made it quite difficult to correlate threat intelligence with the dashboards.
What problems is the product solving and how is that benefiting you?
One of the biggest problems we faced when implementing our MSSP was separating data among customers. Elastic handles this quite well, and that’s a big reason we chose it.

    Information Technology and Services

Its good tool with good interface for SIEM

  • February 11, 2026
  • Review provided by G2

What do you like best about the product?
EDR Capability and K8 support along with SIEM
What do you dislike about the product?
Elastic agent issues, some times seems unhealthy or blocking bussiness actions
What problems is the product solving and how is that benefiting you?
Mainly SIEM for SOC service

    Government Administration

Flexible, Preconfigured Rules with Integrated Case Management

  • February 11, 2026
  • Review provided by G2

What do you like best about the product?
I like its flexibility, the preconfigured rules, and the integrated case management for sharing information.
What do you dislike about the product?
It feels a bit complex at first. It’s a large, heavy, and fairly complex infrastructure to maintain on-prem.
What problems is the product solving and how is that benefiting you?
I mainly use it as a SIEM for our SOC, as it gives us a complete overview of our environment.

    Jennifer S.

Powerful, Customisable Security Platform for Complex Environments

  • February 11, 2026
  • Review provided by G2

What do you like best about the product?
What I like best about Elastic Security is the flexibility and depth it gives across SIEM, endpoint, and observability in a single platform. I can ingest almost any data source, normalize it to ECS, and build detections that actually reflect how our environment works—rather than forcing our workflows to fit a rigid tool. The visibility, correlation, and customisation make it especially powerful for real-world SOC operations and complex environments.
What do you dislike about the product?
What I dislike about Elastic Security is the learning curve and operational overhead, especially for teams new to the Elastic Stack. Getting the most value requires strong knowledge of ECS, ingest pipelines, and cluster tuning, and some advanced use cases still involve a fair amount of manual configuration. The flexibility is powerful, but it can be overwhelming without experienced resources or good upfront design.
What problems is the product solving and how is that benefiting you?
Elastic Security solves the problem of fragmented security visibility by bringing SIEM, endpoint, and log analytics into a single, searchable platform. Instead of juggling multiple tools and data silos, I can correlate endpoint, network, and cloud data in real time, build detections that match our actual risk scenarios, and investigate incidents much faster. This directly benefits me by reducing alert fatigue, improving investigation speed, and giving full control over how security data is collected, enriched, and acted upon.

showing 1 - 10