Elastic Search is used as an observability tool and logging analyzer for solutions that already exist in the company, mainly in FinTech products and financial products.
External reviews
276 reviews
from
and
External reviews are not included in the AWS star rating for the product.
Provides centralized log analysis and visual insights across distributed systems
What is our primary use case?
What is most valuable?
Elastic Search's main advantages are the visuals that represent and visualize all entities and system components in a simplified diagram, which provides the ability to identify which component in the system has an issue.
The main benefits include having one centralized place that gathers and aggregates all logs related to different or distributed systems.
What needs improvement?
Elastic Search could be enhanced by incorporating low-code or no-code plugins that permit developers to integrate it with different or distributed systems. This would allow for configurations that already exist but need customization through plugins or simple code that can facilitate user control over parts of the visuals, dashboards, and sensors.
Graphs should be more interactive by importing different graph schemes or visuals from external resources into Elastic Search.
Given that the product has not been used since 2023, the data might be outdated. If Elastic Search is not integrated with any promised LLM, it should have this capability as soon as possible.
For how long have I used the solution?
Elastic Search has been used since 2018 to the present moment, depending on the different companies that have been worked with.
What do I think about the stability of the solution?
Elastic Search is a very stable product, especially after obtaining support licenses from Elastic.
What do I think about the scalability of the solution?
The scalability aspect is straightforward. With self-hosting, resources can be expanded vertically, which is managed from the organization's side.
How are customer service and support?
There is no knowledge about general customer service, but there is previous experience in submitting support cases to the Elastic team to get answers and fulfill requirements.
How would you rate customer service and support?
Negative
Which solution did I use previously and why did I switch?
How was the initial setup?
Elastic Search has been installed in multiple organizations, including the current employer and previous ones, and used for different purposes.
The setup is somewhat complicated due to multiple dependencies and relations with different systems. However, any engineer should be able to understand and read the documentation well to implement it properly based on business needs and requirements.
What about the implementation team?
The implementation team was involved in the deployment.
What was our ROI?
Return on investment was achieved more than a year ago.
Which other solutions did I evaluate?
DataDog might be an equivalent product to Elastic Search, though this requires verification.
What other advice do I have?
Hybrid observability was not used. Enterprise API, whether referring to ESB, API Gateway, or middleware, was not used. Serverless interaction with Kibana was not used. The overall rating for this review is 9 out of 10.
Has improved incident visibility and fraud detection through advanced alerting and image analysis
What is our primary use case?
I have implemented Elastic Search in my organization. My experience has been really good with Elastic Search regarding the dashboards and alerts. They have integrated AI/ML capabilities in it. The Attack Discovery feature helps to dig into incidents from where they occurred to determine how the incident originated and its source. It gives an entire path of attack propagation, showing when it started, what happened, and all events that took place to connect the entire cyber incident.
Another feature is image vector analysis, which can authenticate images to prevent impersonation frauds in the ecosystem. This is a major use case in personal information and identifiable information portfolio.
I'm using Elastic Search as an observability tool and a SIEM tool. The indexing, searching, fast indexing, alert mechanisms, and BCDR compatibility are pretty smooth with Elastic Search.
On the resourcing part, I have cut off a good amount. While I don't have a concrete percentage to mention precisely, it has reduced resources to some extent.
What is most valuable?
Attack Discovery is the first feature that I appreciate. It is truly an amazing feature for any SIEM to have inbuilt. The image vector analysis is another feature that identifies any manipulation done to images. It can authenticate and identify authenticated images. If there are 10 duplicate and forged images, it can identify them through vector-based searching capabilities. These two features are prominent in terms of SIEM capabilities that Elastic Search has.
I can share feedback from the SIEM perspective about Elastic Search, as I had evaluated Elastic Search, LogRhythm, QRadar, and Microsoft.
What needs improvement?
More AI would be beneficial. I would also appreciate more simplicity in dashboards. A comprehensive dashboard is something I could expect.
For how long have I used the solution?
I have been using Elastic Search for a year now.
What do I think about the stability of the solution?
There are no limited parameters to search from the events perspective. When you put one keyword, everything related to that keyword in your ecosystem will showcase all the results. This helps to get into the granularity of any events happening across the system.
What do I think about the scalability of the solution?
It has gained significant visibility. Comparing alert statistics from other SIEMs where they could trigger 50 alerts on average weekly, Elastic Search has given me alerting statistics of roughly 90 plus for a week's time. All those alerts are mapped to MITRE ATT&CK framework. Though it could result in false positives in the earlier stage until you fine-tune and streamline the use cases in your SIEM, which is common with all SIEM tools, the visibility that Elastic Search has given us is amazing.
How are customer service and support?
It was a direct purchase.
How would you rate customer service and support?
Positive
Which solution did I use previously and why did I switch?
We previously used an on-premises solution.
How was the initial setup?
The setup complexity depends upon the engineering team doing the implementation and the kind of infrastructure you have where logs will be ingested into the solution. For us, it was time-consuming in the earlier stages, but it was manageable and not overly complex.
What was our ROI?
We have seen moderate returns on investment.
What other advice do I have?
As a CISO, I review and do the governance part. I receive alert notifications, but I don't work directly with the tool. None of my team members have complained or proposed any feature changes or modifications to the existing solution.
It totally depends upon the nature of business you are in. For my organization, it was imperative to have image scanning in place and identifying frauds happening with PII. From that perspective, Elastic Search has played a vital role. It has good inbuilt EDR capabilities as well, making it a good-to-go tool.
I rate Elastic Search eight out of ten.
Has supported performance monitoring and increased adoption across departments
What is our primary use case?
My usual use cases for Elastic Search are that we are using APM, Application Performance Monitoring. We are using Real User Monitoring, as a RUM. We mostly are using it for application performance monitoring and troubleshooting in that regard. I think that's the main thing we're using Elastic Search observability for right now. We are considering expanding it also to have some Metric Beats and some other features. When we have more data, we will probably start to try to activate AI within Elastic Search. That's a possibility. The Elastic Search platform that we are using is an on-prem installation. It's not a cloud solution we have. This is because of the criticality and confidentiality of the data we have in Elastic Search.
What is most valuable?
I don't think there's a specific feature within Elastic Search that I have found the most valuable so far. We are more or less using all the features in one way or the other. Elastic Search has impacted my organization positively as we use it for logging and APM. It's not all systems which are using it yet, but it's gathering momentum because they have more use cases to present to other parts of the organization. They explain how different departments are using it, and then people see that they could also benefit from using it. More departments and their systems start to use Elastic Search as a result.
What needs improvement?
The documentation for Elastic Search can be challenging if you're not already familiar with the platform. The approach to Elastic Search can be difficult if you haven't been working with it previously. Within the product itself, some features could be more intuitive, where currently you need to know specifically where to find them and how to use them.
For how long have I used the solution?
I have been working with Elastic Search for more than four years now.
What do I think about the stability of the solution?
From my perspective, Elastic Search has been very stable. The only thing I'm probably missing is what we call the session replay, some kind of tool within Elastic Search based on the data collected that can make some kind of session replay.
What do I think about the scalability of the solution?
Elastic Search is very scalable. The only issue is some features use a huge amount of storage. You need to be in the forefront to make sure that you have the necessary storage to obtain all the data that you're collecting. They probably have surveillance indicating when storage is running low. The engineering department ensures we have sufficient storage. So far, we don't have any scalability issues regarding hosts sending data or the amount of data we are collecting. The engineering department might say we are over-consuming data, but we haven't received any message saying we have reached the ceiling yet.
How are customer service and support?
I do not often communicate with the technical support of Elastic Search. That's the engineering department's responsibility. If I have an issue, I go to the engineering department, and they have the responsibility to communicate with the supplier of Elastic Search or the producer.
How would you rate customer service and support?
Positive
What other advice do I have?
I work with many technical solutions compared to Elastic Search, specifically on observability. We are also looking into AI, which is in an experimental phase in my area. We haven't chosen any specific technology regarding AI. For Elastic Search as it is now, we are not looking into other technology to replace it. I am a chief consultant in my department, but in this regard, I'm mostly a user. The ones who are responsible for the platform are in another department. My experience with configuring relevant searches within the Elastic Search platform is limited as I don't search much within the platform. If I have specific needs, I reach out to get assistance from specialists because they are more familiarized with the system and know exactly how to search for things. For implementation configuration of the system, they are more capable than I am, as I'm more of a user than an engineer on the platform. I would rate Elastic Search an eight out of ten because there's always room for improvement, though from a functionality and price perspective, it could be considered a ten.
Fast Data Processing and Great Observability—No Complaints
What do you like best about the product?
What I like best about Elasticsearch is its speed and scalability when working with large volumes of data. It excels at full-text search and real-time querying, making it incredibly useful for applications like log analysis, monitoring, and powering search features.
What do you dislike about the product?
Nothing at all. It's good the way it is.
What problems is the product solving and how is that benefiting you?
Elasticsearch helps solve the problem of quickly searching, analyzing, and visualizing large volumes of data in real time. For me, it simplifies observability and operational intelligence, reducing time to detect and resolve problems while giving deeper insight into system and user behavior.
Boosted search efficiency through real-time querying and seamless indexing for high-volume product data
What is our primary use case?
The main use cases for Elastic Search are index building and retrieving information using Elastic Search vector, vector search, and related functionalities. Search is the primary use case.
What is most valuable?
Computation is very good. The scalability is very good because we have a huge customer database that is searching lots of products, and auto-scaling or load balancing are the prominent features we are using in this.
If we look at the impact on operational efficiency, we can see that decision-making has become much faster due to real-time data and quick responses. We have also implemented many automations, which enhance our processes. For example, when we optimize certain fields to improve search functionality, it yields great results.
What needs improvement?
I have not explored Elastic Search at the most. Searching from vector DB is available in Elastic Search, and there is one more concept of graph searching or graph database searching. I have not explored it, but if it is not there, that would be an improvement area where Elastic Search can improve.
For how long have I used the solution?
I have been working with Elastic Search for more than two years.
What do I think about the stability of the solution?
It is very reliable, and it has no downtime.
What do I think about the scalability of the solution?
I believe it is scalable. Every day, we have thousands of users continuously utilizing the search feature. We haven't encountered any problems so far, and there is the potential for auto-scaling. It is currently a scalable solution.
How are customer service and support?
We have not contacted them yet. So far, we haven't had any need.
How would you rate customer service and support?
Positive
How was the initial setup?
The initial setup is straightforward.
What about the implementation team?
We have a team of developers, so it is internally managed.
What was our ROI?
We have not calculated the ROI for Elastic Search, but we are a consumer platform where numerous searches are happening, and we are getting very good results from the current infrastructure of Elastic Search. Though the exact numbers or ROI were never calculated, the performance has been beneficial.
What's my experience with pricing, setup cost, and licensing?
It is average compared to other platforms. There isn’t anything particularly special about the pricing. However, the pay-as-you-go model is advantageous for the organization, as we only pay for what we utilize.
What other advice do I have?
We are using AWS for our solutions. In AWS, we are heavily using Redshift and Glue. We focus more on vector searches and boosting the keywords, and all those features we are using heavily. In search, the key parameter that we boost up during indexing is essential.
We self-implement Elastic Search in our e-commerce application. We are not currently doing a regex setup for RAG Playground, but there is a plan to do that. We are more into vector searches when it comes to how effectively the hybrid search capability meets our needs for combining traditional keyword and vector searches.
Regarding the workflow, we are using the API for real-time inference because lots of data is being loaded at real-time on the application, and it is working well for us.
I can definitely recommend Elastic Search to be used wherever you have consumer search capabilities needed in a large or scalable manner because it is very effective.
I would rate Elastic Search an eight out of ten.
Which deployment model are you using for this solution?
Public Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Amazon Web Services (AWS)
ECK Kube features and stability
What do you like best about the product?
Elastic ECK for Kubernetes offers useful features and reliable stability. It effectively meets our enterprise search requirements.
What do you dislike about the product?
None, it worked well. met all requirements
What problems is the product solving and how is that benefiting you?
Enterprise search
Very high, if they need to build a search feature or analyze time-series data like logs or metrics.
What do you like best about the product?
The most compelling feature of Elasticsearch is its scalability and performance in handling high-volume, high-velocity data
What do you dislike about the product?
The primary critique of Elasticsearch centers on its operational complexity and resource intensity at scale. While it offers immense power, it is not a tool you can simply 'set and forget.
What problems is the product solving and how is that benefiting you?
we use it for real-time log analysis, application performance monitoring (APM), and security analytics (SIEM) by aggregating, indexing, and visualizing all machine-generated data.
Elasticsearch provides best searching and data aggregation capabilities
What do you like best about the product?
I used Elasticsearch to store salary statistical data and to perform mathematical operations on that data. What I appreciated most about Elasticsearch is that its queries offer built-in support for operations such as calculating the mean, average, and percentiles.
What do you dislike about the product?
The documentation for Elasticsearch could use some improvement. It would be helpful if more detailed information were included.
What problems is the product solving and how is that benefiting you?
Elasticsearch offers outstanding text search capabilities with minimal latency. Along with simple text search, it also provides capabilities like string matching, wildcards, fuzzy logic etc
Elastic elk and anomaly detection
What do you like best about the product?
The elastic feature of collecting logs and monitoring them through ELK is quite useful, especially when the results are displayed on a Kibana dashboard. Additionally, the integration of anomaly detection using machine learning adds significant value to the overall monitoring process.
What do you dislike about the product?
There is nothing to complain about; everything works well, including elk, ml, anomaly detection, and the APM agent, which handles auto discovery effectively.
What problems is the product solving and how is that benefiting you?
Log monitoring and anomaly detection are both available, and the agent installation process supports automatic discovery, which makes it easier to use the APM feature.
Powerful and Flexible
What do you like best about the product?
The flexibility to solve many problems, the expansive feature set allows us to use Elasticsearch in a variety of ways.
What do you dislike about the product?
Slight learning curve, as it can do many things, you need to be aware of the use case you are solving for or it can get overwhelming without proper planning.
What problems is the product solving and how is that benefiting you?
Helping us with enterprise search functions on several of our internal and external facing applications
showing 1 - 10