Elasticsearch Reviews

147 Ratings
<a href='https://www.trustradius.com/static/about-trustradius-scoring' target='_blank' rel='nofollow noopener noreferrer'>trScore algorithm: Learn more.</a>
Score 8.6 out of 100

Do you work for this company? Learn how we help vendors

TrustRadius Top Rated for 2020

Overall Rating

Reviewer's Company Size

Last Updated

By Topic




Job Type


Reviews (1-25 of 42)

Companies can't remove reviews or game the system. Here's why.
January 13, 2021
Swastik Nath | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
In my organization, Elasticsearch is used as a fast and simple solution for providing search capability to text-based data and to easily perform analytics for our dashboard. Being a JSON-based response system, our APIs become simple and support multiple behaviors by translating to Elasticsearch queries. Not only does Elasticsearch act as our analytics platform, but also it serves as secondary database storage.
  • Text-based searches on data
  • Daily, weekly, monthly analytics on data
  • Super easy scripting with painless scripting language
  • Relational data query
  • Sync data from SQL on table change (with hash maybe)
  • Provide better tutorials for beginners
Elasticsearch is best suited for search, analytics, aggregation, and consumption from single tabular structured data. It works best if you sync your data at regular intervals either with Logstash or any other custom sync process.

However, Elasticsearch still does not support relational queries out of the box. You could denormalize your data before every sync, but that has the potential for complicating the sync process very fast.
Read Swastik Nath's full review
March 06, 2020
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Elasticsearch is currently our log aggregator and SIEM. It is collecting Windows Event Logs, Syslog, DNS logs and HIDS logs. We use it in the IT department, but its reach is far and wide and collects data from every domain machine we have. The problems it solves are numerous! We have dashboards set up for authentication activity, firewall event and VPN activity. With a single glance, it's easy to understand the data and move on to other tasks. In the event of an incident, the detail that is able to be gleaned is incredible. The SIEM app has a working Timeline feature that allows you to simply drag and drop events when investigating an issue. Host intrusion is done by a third-party app but is able to ship the data right to Elasticsearch for easy processing, storage, and display.
  • Log storage efficiency - We have millions of events a day and are able to keep 90 days worth for under 1TB of on disk space.
  • Dashboards - Technically through Kibana(but I consider the entire stack as part of Elasticsearch.) Dashboards are easy to manipulate and create from scratch. Many shippers have premade dashboards ready for day one, too.
  • Speed - Have you ever searched an indexed database of 200 million events and found an answer in a matter of seconds? You could with Elasticsearch.
  • Free/self-hosted can be a nightmarish amount of work. When you break it, it's easy to lose data.
  • Documentation is thorough at times, but there still seems to be holes in some components. For instance, PacketBeat doesn't explicitly tell you best practices for DNS logging, and I had to use a different resource to get an answer.
  • Pricing - The free tier is excellent, but it's a significant jump up to get the machine learning modules, endpoint security and more.
Easiest recommendation of my career. The capability and speed are out of this world, and pricing compared to enterprise logging solutions is a fraction of the cost. That'd come with a caveat, that you must be ready to devote some time to it to learn it and get it working. It's not turnkey, but it's one of the best all-around.
I can't speak to paid support, but free support is nonexistent. As is the case with most open-source software stacks. Can't complain though!
Read this authenticated review
February 14, 2020
Anonymous | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
Our organisation is currently using Elasticsearch for the Elasticstack functionality. Elasticstack gives us functionality to collect, aggregate, search and alert on logging. Kibana, which runs within the Elasticstack, gives us the functionality to create neat dashboards which we use within every layer of our organisation. This addresses the need for various levels of insight across the organisation.
  • Complete package.
  • Open-source.
  • Complex query mechanism.
  • Complex architecture to set up and optimize.
Elasticsearch is very well suited within an IT architecture where a lot of open-source software is already being used and where the developers strongly appreciate open-source software. Elasticsearch might be less appropriate in an organisation where there is less space to master the tool. The tool is quite difficult to learn once you start working on the CLI-level search queries.
We've only used it as an opensource tooling. We did not purchase any additional support to roll out the elasticsearch software. When rolling out the application on our platform we've used the documentation which was available online. During our test phases we did not experience any bugs or issues so we did not rely on support at all.
Read this authenticated review
January 06, 2020
Maria Sousa | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
We're using Elasticsearch for indexing most of our data, allowing for blazing-fast searches. We store massive time-series data volumes from thousands of IoT sensors that Elasticsearch handles brilliantly, making metrics available in realtime. We're also running dashboards and canvas in Kibana, fed from Elasticsearch, which gets updated in realtime.
  • Performance.
  • Ease of set-up.
  • Tuning for ingress performance can be tricky.
  • Merged documents can become a bottleneck.
Elasticsearch really excels in search performance, so if you have massive amounts of data you need to search from, Elasticsearch is surely a great fit. I woud advise against using it as the main database or the only source of truth, because data corruption can happen in rare cases, and in that case a reindexing will have to take place.
Elasticsearch support has been great in helping us on the rare occasions when we actually needed help.
Read Maria Sousa's full review
December 02, 2019
Mark Freeman, MBA | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Elasticsearch is being used to store and search architecture standards, guidance, and other documents pertaining to software architectures. When used with the Spring Java Framework, it is extremely easy to set up custom queries.
  • Search queries based on Java class member names.
  • Very detailed queries through the standard library.
  • Extremely fast.
  • Easy to index.
  • Ability to search content when data only in fields.
  • Query syntax could be made simpler.
  • Auto sharding.
Not great for highly structured data where SQL thrives, e.g., heavy use of JOINs.
Not great for image data.
I have never used their support, but online documentation was very good.
Read Mark Freeman, MBA's full review
November 19, 2019
Erlon Sousa Pinheiro | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
In a cloud universe where we have hundreds or even thousand of servers to manage, is is a huge challenge to figure out the root cause of issues, it is totally unacceptable keep this sort of environment without a reliable logging and analysis system. Being part of the ELK stack, Elasticsearch give us what is necessary to handle this huge amount of data. I can't imagine our environments without Elasticsearch nowadays.
  • Centralized logging
  • Easy content searching
  • Handle tons of data
  • Poor documentation
  • Not so easy at the first contact
  • Hard to debugging issues
Elasticsearch is a great tool, but remember as every other tool, needs knowledge and expertise to work with. My first option would be using the cloud version provided by Elastic company, but unfortunately it is over my budget, then I need to manage by myself. Also according to your company's area, it wouldn't be possible to keep your data into third's cloud environment. In this case, there is no option other than keeping it by yourself.
I've never used official support from the company behind Elasticsearch, but I had to get support from community, and being a so known product, it is really easy find someone else facing the same issues you have, and most of time, presenting a good solution for that.
Read Erlon Sousa Pinheiro's full review
October 09, 2019
Gary Davis | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Elasticsearch is used on our B2B and B2C eCommerce websites to provide fast and powerful search capabilities for products. Search by title, artist, or various facets like genre, price-range and availability-date results in a list of products that the user can then drill down or continue searching within the result list. Within the organization, Elasticsearch is used by the programmers in the IT department.
  • Search results are provided very quickly.
  • The search results are accurate.
  • Search results contain details on the accuracy of each hit.
  • There is a steep learning curve for this product so what is most useful for developers is good documentation including examples and sample applications.
Initially, we were using Elasticsearch for just product searches. It is also becoming useful as our product repository to display all data needed for the product detail pages.
Support has been very good. New releases come out periodically with new features, performance, and stability improvements. Questions to support are answered fairly responsively.
Read Gary Davis's full review
October 26, 2019
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
The most crucial piece of infrastructure behind my company's whole product line is Elasticsearch. Our company's big selling point is an extremely flexible data model for our customers who send us their data. We want them to be able to send us data in almost whatever shape or form they want (as long as it's valid JSON we'll take it) and yet, make it still searchable. And you know how we store that nearly-unrestricted free-form data? Elasticsearch!
  • As I mentioned before, Elasticsearch's flexible data model is unparalleled. You can nest fields as deeply as you want, have as many fields as you want, but whatever you want in those fields (as long as it stays the same type), and all of it will be searchable and you don't need to even declare a schema beforehand!
  • Elastic, the company behind Elasticsearch, is super strong financially and they have a great team of devs and product managers working on Elasticsearch. When I first started using ES 3 years ago, I was 90% impressed and knew it would be a good fit. 3 years later, I am 200% impressed and blown away by how far it has come and gotten even better. If there are features that are missing or you don't think it's fast enough right now, I bet it'll be suitable next year because the team behind it is so dang fast!
  • Elasticsearch is really, really stable. It takes a lot to bring down a cluster. It's self-balancing algorithms, leader-election system, self-healing properties are state of the art. We've never seen network failures or hard-drive corruption or CPU bugs bring down an ES cluster.
  • Elasticsearch paid support could be much better. Not only is it really expensive, but the reps just don't seem to be that knowledgeable and keep linking us to support documentation we've already found and read.
  • I wouldn't call it missing functionality or a part that's hard to use perse, but upgrading from ES 5 to ES 6 is a PITA. Maaaan did they mess up a part of their data model so bad that when migrating, you have to restructure almost all your queries and transform almost all your data! I don't want to go into too many details here as some people may not be clued in on the concept of mapping types, but you can read more about it here https://www.elastic.co/guide/en/elasticsearch/reference/6.0/breaking-changes-6.0.html.
  • This is no longer a problem in ES 6 but in versions 5 and before, reindexing is a PITA. You have to almost bring down the whole cluster to fix small problems such as missing fields or wrong types.
Elasticsearch's best use case is when you want to store loosely-structured data and be able to search for it near-instantly. And you want to do that in a highly tolerant distributed system. My company doesn't use it this way but I've heard of other companies using ES to store system logs. Another company uses it to store giant store-catalogs.
As I said before, their support is very, VERY pricey and I honestly don't find them that helpful. Stop linking me to your documentation!
Read this authenticated review
December 19, 2019
Anonymous | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
The way we set it up usually for our customers, Elasticsearch improves developer velocity by allowing to quickly search through millions of log messages. It is usually used by the development and operations team.
  • Log handing
  • Full-text search
  • Easier to operate
  • Easier to understand its bottlenecks
It is well suited for searching through logs generated by an application running in production, staging, testing or development.
We provide support for Elasticsearch ourselves.
Read this authenticated review
October 30, 2019
Anonymous | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
Elasticsearch is used as a full-text search solution in most of my use cases. We have another analytics us -case which uses Elasticsearch for both text search and aggregation use-cases.
  • Extremely easy to get started and great documentation.
  • Excellent for full-text use cases.
  • Also used for analytics and Kibana UX is great for visualization.
  • Encountered scaling challenges with large data sets (typically in petabytes).
  • Performance issues for raw aggregation use-cases.
  • Every contract (request/response) is in JSON which is not optimal. No support for protobuffs or GRPC.
Elasticsearch is great for full-text search and some aggregation use-cases. It is ideal for small to medium-sized data sets.
Customer support for the product is very hands-on!
Read this authenticated review
June 05, 2019
Gedson Silva | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Elasticsearch is being used for multiple purposes in multiple projects: centralized log management, APM, Metrics Collection as a TSDB, and as a replacement for traditional OLAP databases. It provides a high-performance indexing and search engine, which has become an invaluable tool addressing hard problems that would otherwise be very difficult to solve.
  • Ingress and indexing.
  • Searching.
  • Aggregations.
  • Aggregations on top of other aggregations.
  • Encryption at rest.
  • Has a performance penalty when using inked documents.
Elasticsearch is so versatile and so easy to set up that it's really a no-brainer including it in most projects as the indexing and search engine components, as well as for analytics and aggregations. It's not so well-suited to be used as the main database, as there's a minor risk of data loss.
Read Gedson Silva's full review
June 02, 2019
Jose Adan Ortiz | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Elasticsearch has been a big help for us. We used to work with Application Performance Management Tools that need another layer of visualization and data treatment, and with Elasticsearch we have delivered better insights for our customers.
We use Elasticsearch at our Technology & Services Department to address these issues for our customers:
- Customized Dashboards.
- Anomaly Detection.
- Metrics Predictability.
  • Anomaly detection. It can find patterns over a wide variety of metrics and values.
  • Behind the walls, Elasticsearch has a robust distributed architecture to support queries and data processing, and it is easy to maintain and scale.
  • Elasticsearch has a new Elastic Cloud SaaS solution which is very easy to deploy, set up, and scale with all features and more.
  • Elasticsearch has an important security layer to separate access to data and dashboards.
  • If you want to explode Elasticsearch's capabilities, you need to have a medium-high SQL and Database knowledge.
  • The user interface is heavy in Java requirements, and sometimes you can get some lag displaying heavy results for heavy queries.
  • It will be helpful if you can construct Logstash queries with a drag&drop based user interface.
Elasticsearch can be used perfectly inside a site for searching features in order to respond quickly to user queries. It can be used to act as a Centralized Log Server, where you can define events based on pattern detection for anomaly detection.
Elasticsearch has potent visualization features with Canvas and OOB Dashboards that can respond to business and technical requirements.
Read Jose Adan Ortiz's full review
February 26, 2019
Ben Williams | TrustRadius Reviewer
Score 6 out of 10
Vetted Review
Verified User
Review Source
We currently use it to log the details of our RPA processes as they run through their production and development environments. They log back checkpoints, statues and error messages back to the Kibana database we use in conjunction with Elasticsearch.
  • Powerful beats modules.
  • Later number of input/output pipelines.
  • Open documentation.
  • Documentation is often incomplete.
  • Forums are very full but misleading.
  • The programs don't work well together. They have different methodology and flavors in each.
  • Different configurations in each element make it difficult to use.
It works well for what we need. Short sharp logs of data from ongoing consistent processes.
Read Ben Williams's full review
June 26, 2019
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
Elasticsearch has been phenomenal in upgrading the log management capabilities at my organization.
Elasticsearch, along with Kibana, has provided a wide range of capabilities for our IT teams to investigate issues and create live monitoring environments.
This is being utilized as a central tool for all of our apps organization-wide.
Before Elasticsearch, our teams were finding a hard time investigating issues, tracking the root cause, and resolving them. Elasticsearch have greatly reduced the investigation time for us.
  • It's an Open Source tool
  • Elasticsearch extends its visualization and analytics capabilities through Kibana, which is a powerful tool
  • Elasticsearch provides 3rd party integration facilities using REST API
  • Search capabilities can be further improved with a much faster response time on historical logs
  • Elasticsearch should have a phone/sms alert feature as well as an event trigger
  • Learning guides could be more detailed
Elasticsearch is well suited for environments where multiple logs are being generated and investigation needs to be done in relation to multiple log files with each other.
Elasticsearch can help to provide a better visualization of the logs and an easy (sql like) search capability.
It also provides analytics capabilities powered with machine learning tools to help make decisions based on the log data.
Read this authenticated review
February 27, 2019
Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User
Review Source
ElasticSearch is used to store all searchable data indices from our product. We use ElasticSearch because it is extremely fast, highly available, and able to meet the demand of our product. We were using a different index-based search technology before, and it failed terribly. We migrated to ElasticSearch and have been very happy with the results.
  • Easy to install
  • Easy to use/lots of documentation
  • Easy to scale up as demand increases
  • The price point for the X-Pack plugins (ie. Security, Alerting, etc.) is a bit high, especially if you only want to do something small and simple and you don't need to leverage the full power of the plugin
  • Configuring the right hardware and capacity planning (when at scale) can get really tricky. In order to get the best performance, a lot of tweaking is needed, and not all of the secret tricks are documented
  • Getting used to ElasticSearch's query language was a bit of an adjustment. You really have to delve into defining analyzers and tokenizers in order to get application-specific results
ElasticSearch is great when you need a lot of data indexed really fast, as well as when you need to retrieve a large number of documents based on a complex query. Searching is super-fast.

If you need a large data store for documents where not everything needs to be indexed, don't use JUST ElasticSearch. We use one KV database system to store all of our data and use ElasticSearch as our Index. All searches are run off of ElasticSearch, and the main data store that it pulls from is the other database.
Read this authenticated review
February 23, 2019
Anonymous | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
Elasticsearch (ES) is being used to measure the performance metrics of our web crawlers for our web metrics department. They employ a series of crawlers: setting up data feeds to an ELK stack to measure and monitor organic messages related to our marketing campaigns. It primarily allows us to bring advanced analytics in-house.
  • Free of SQL: ES does not have the overhead of relying on SQL. In fact, you can use most (if not all) DBMs out there.
  • Java: Normally, this is not a strength: Java is slow and cumbersome. I believe in this case, it's truly a feature: by utilizing a language with universal support, it makes ES VERY DevOps friendly, simply by being able to focus on Problem-oriented vs Solutions-based thinking.
  • Although ES has been known to consume RAM, it's very flexible, and I have implemented on a number of distinct hardware configuration with success.
  • Linux: It's not locked down to an OS (which is the way of the future), and as a result-running it on Linux means you get the power of Linux, in a data science package.
  • Elastic Search IS a resource hog: most of the time, I will run ES on a dedicated VM (often a dedicated blade, too!) and allow the other components of the stack to run on separate blades/VMs.
  • Works great for small projects, but is NOT industrial strength: When you are performing a data architecture project, where you are capturing and mining datasets, ES is fine, until you start getting into much denser data sources (orders to TBs), such that ES will violate Data integrity.
  • It only supports JSON output: Which is very friendly to a lot of DevOps/Data Architecture projects but may become a hassle when your endpoints require CVS, XML, etc.
Elasticsearch is great for development/research projects: It's fast, and *fairly* simple to set up. Project ideas of the calibre of: Watching a marketing feed from Twitter, or scraping sites. But for High availability in (say) a SCADA environment, probably not helpful. Though, I would recommend it for logging system nodes: such as a data center, trouble ticketing dashboard, or health/status visualizations.
Read this authenticated review
October 09, 2018
Anatoly Geyfman | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Elasticsearch for our online (realtime) search engine. We've indexed over 2 billion documents, including every physician, hospital, and clinic in the United States. We started using ES from the beginning since I had a bunch of great experiences with the technology from my last job. We load data into Elasticsearch from multiple locations, including Postgres and BigQuery. On top of Elasticsearch, we've built a number of analytics tools that let us not only search but also deliver analytics for our stored data -- like top physicians performing a specific service and geography-based analyses. Overall we're super happy with Elasticsearch.
  • Super-fast search on millions of documents. We've got over 2 billion documents in our index and the retrieve speeds are still in the < 1-second range.
  • Analytics on top of your search. If you organize your data appropriately, Elasticsearch can serve as a distributed OLAP system
  • Elasticsearch is great for geographic data as well, including searching and filtering with geojson, and a variety of geospatial algorithms.
  • Elasticsearch is highly distributed, but it takes time to tune so you get the right performance out of your cluster.
  • The query language is not SQL, so it's not a straightforward conversion from an RDBMS to Elasticsearch for searching through data.
  • There are lots of ways to insert data into Elasticsearch, and some are better than others (batch vs. single insert). Need to experiment with your own data and environment.
Elasticsearch is extremely well suited for structured (faceted) search, full-text search, and analytics workloads. Elasticsearch and the ELK stack are also a good fit for operations teams that want to be able to interrogate their logs in an online (read: fast) query tool. Elastic is amazing at creating super fast search experiences over very large datasets, where traditional RDBMS systems are either too costly or too slow.
Read Anatoly Geyfman's full review
October 08, 2018
Tarun Mangukiya | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Elasticsearch is being used for multiple purposes at Iconscout. Starting from a search engine to viewing detailed analytics. We're even using it for logging of the server. It helps us to query through the millions of data easily and efficiently.
  • Fast Search through millions of data
  • Uses a very limited storage to store the data - high compression
  • Easy to get started & configure
  • Their documentation needs a lot of imporvement
  • Difficult to understand query language
  • New updates are difficult to adopt
Elasticsearch has a very fast an efficient searching process. If you've searched a heavy project, you can't just be dependent on databases. Plus, they have a REST API for everything, making it easy to use with any programming language or database.
Read Tarun Mangukiya's full review
October 08, 2018
Josh Kramer | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
It is used in our custom software application for advanced searching and filtering capabilities for our users.
  • It allows extremely fast search and filtering on large datasets
  • It has a very powerful aggregation engine that can allow for tons of customizable analytics and reports.
  • The documentation could be a bit more detailed and have more examples, especially for advanced functionality.
  • The ability to update/change existing live field mappings would be nice.
  • The ingest pipeline structure is a bit more complicated and confusing than previous implementations for using things like attachment plug-ins.
It is well suited for anything involving large data - searching, filtering, aggregations, analytics, reporting, etc.
Read Josh Kramer's full review
April 13, 2018
Brett Knighton | TrustRadius Reviewer
Score 8 out of 10
Vetted Review
Verified User
Review Source
We use Elasticsearch to efficiently search large pools of data. Elasticsearch gives us the ability to have blazing fast searches even when doing partial text matches on multiple fields.
  • The best solution we've found for blazing fast searches, especially text-based.
  • Easy to add nodes for data redundancy.
  • Good documentation makes getting up and running easy.
  • I found the learning curve fairly difficult having a SQL background.
If you are in a scenario where you are constantly trying to optimize queries to get better performance from your database searches, Elasticsearch is probably a product worth trying out. With the amount of data we have, doing text searches via SQL isn't even an option. If you aren't struggling with getting reasonably fast queries getting Elasticsearch up probably isn't going to be worth the hassle.
Read Brett Knighton's full review
March 01, 2018
David Greenwell | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We decided to start looking into Elasticsearch after we had good success with using lucene (the full-text search indexer that Elastic uses). We had some queries in Oracle that were running EXTREMELY slow and knew we had to do something for the customer to make their experience better. We had a few thoughts on what we could use and Elasticsearch fit what we really wanted.
  • Searching, it does it well and searches are fast...real fast.
  • Ease of use, we were able to get an Elasticsearch cluster up and running in a half hour and doing basic searches after that was very easy with simple requests
  • Redundancy built in and stability. We haven't had any of our Elastic clusters go down intentionally, but testing out redundancy by removing nodes Elasticsearch has gone flawlessly.
  • Only breaking changes between versions when they are absolutely necessary.
  • Works well with .Net libraries that are supported and coded by Elastic.
  • A bit more of a learning curve for complex searches, indexing more complex things.
  • Some of our updates between versions haven't gone as smoothly as we would like, but in more recent versions Elastic has done a much better job at trying to allow for full uptime upgrades.
  • Configuration needs to be set up to do larger searches, or more complex searches and at times while starting it wasn't obvious what configuration needed to be changed.
The best situation where we have found elasticsearch to help was when you have searches and your database just isn't doing them with the speed that you want, and even where the DB is going the speed needed Elasticsearch can take some of the processing from the database(which isn't necessarily built specifically for searching) to a system that was designed for searches.

If you are doing searching, then I would suggest going with Elasticsearch.
Read David Greenwell's full review
August 31, 2017
Colby Shores | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
We use Elasticsearch as the storage/search component of our logging infrastructure (ElasticStack). Once we have broken apart the individual variable components of each log as their own variable type using Logstash, we store those records in to Elasticsearch. Kibana queries Elasticsearch to display the resulting data. We also utilize Elasticsearch to display the cluster status for each of our markets across our entire web cluster using an internal reporting tool we wrote.
  • Effortless to set up. Literally set the memory thresholds for Java and start throwing JSON formatted records in to the database, it "Just Works". Even clustering is automated as the cluster finds other ElasticSearch servers on the network and assigns each a name.
  • Very simple to use interface either through it's RESTFUL API (ala Curl) or via its speedy protocol on port 9300. Once records are added, the very easy to use Apache Lucene syntax is supported to extract data.
  • It's search capabilities are fast on huge datasets, even on very modest hardware. Our organization operates in the hundreds of servers taking thousands of requests a second, each with it's own log w/ a 2 week retention. The ElasticSearch server we recently decommissioned was Pentium 4 Netburst class Xeon, it rarely skipped a beat.
  • Setting Java memory thresholds can be a pain for those not accustomed to things like Eden Space & Old Generation which can lead to over allocation, or more likely, under allocation. Apache Solr had a similar issue. It would be nice if the program would take an extra step and dogfood it's own advice by analyzing the system & processes to return a solid recommendation for that configuration. The proper configuration information is outlined in the documentation, it would be nice if that was automated.
  • The only health check that ElasticSearch reports back is a "red" status without any real solid information about what is going on, though its usually memory thresholds or disk I/O. I am currently on ElasticSearch 1.5 so that may have changed for newer versions. When the status goes "red", I as the administrator of the software, feel like I lose control of whats going on which should rarely happen. Something more verbose would eliminate that.
  • This is more of a critique of the ElasticStack in general. The whole top to bottom stack is starting to get feature creep with things that are better suited in other software and increasing the barrier for entry for people to get started with setting up a robust logging infrastructure. ElasticSearch as a storage search engine, is pretty streamlined, but I can see that the tools that comprise the ELK Stack are going to require a certification with constant study at some point. During major release for Logstash a while back, it literally took a month to learn a new language because Elastic completely changed the syntax. For a medium sized organization of only a couple of admins, that is a pretty high bar where time is money. They really should work on refining/automating the tools & search engine they have, instead of shoehorning/changing things on to an already rock solid foundation.
ElasticSearch is hands down, the absolute best solution for logging in a virtualization environment. The Kibana front end to ElasticSearch is extremely intuitive, even computer novices can be trained on how to chain together tags in the Apache Lucene syntax to extract the data they need. Once the deploy process is nailed down and system is engineered, the logging structure can remain fairly static until the next major revision. Compared to Splunk, with an administrator well versed in the ElasticSearch suite, will save an organization upwards of 10's of thousands of dollars a year even with the caveats mentioned earlier.

As a developer looking for a quick and simple search engine which has little configuration required, ElasticSearch is fast and perfect for that solution. Literally throw JSON records in to the database and push a request to get JSON out, exceptionally straightforward.
Read Colby Shores's full review
November 14, 2017
Trung Le | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Elasticsearch helped us to provide comprehensive reports, and frequent queries on our data (millions of rows), provided us a performance that we could not achieve before (though we have only 40 concurrent users at most) We also consolidate data from many sources within our company, and elasticsearch made it easy for us to do data analyzing, to have many useful insights of our data; things that we could never do (so easily) in the past.
  • Comprehensive reports and queries
  • Data analytics
  • A better way to provide custom functions. I struggled with implementing the PercentileExc (exlusive) funtion, the one that Excel provided, because the business users requested it.
  • Better IntelliSense in development console, when the query is complex, I often lost the IntelliSense feature. The “exists” query is not supported by IntelliSense.
Read Trung Le's full review
October 04, 2017
Manish Rajkarnikar | TrustRadius Reviewer
Score 10 out of 10
Vetted Review
Verified User
Review Source
Elasticsearch is used across the whole org. It's used mainly for storing and searching application logs. We have many elastic clusters set up differently. Sometimes it's one cluster per app; sometimes it's one cluster for many apps; depending upon the volume of data being generated. Elasticsearch is used mainly for debugging purposes rather than metrics, but sometimess it's used along with Kibana to visualize metrics also.
  • Elasticsearch search with its clustering solution provides a scalable logging solution. A number of query nodes, data node and master node can be added on demand to make the whole system very scalable making it possible to store and search terabytes of data.
  • Elasticsearch provides logstash, file beat, and many others. It makes it really easy to ingest a log with less setup.
  • Elasticsearch query language is based on Lucene and is very powerful.
  • Elasticsearch is mostly free except a few features such as authentication and authorization; making it really financially economical for companies to deploy it on large scale.
  • Elasticsearch doesn't have a free alerting solution. It has elastalert but it's not comparable to the paid version.
  • It's lacking authentication and authorization which makes Graylog a more enticing option.
  • It's lacking a mechanism to protect cluster against runoff queries. Can bring down cluster to its knees.
Elk is great for app logs and search. It comes with Kibana which is great query tool. Logstash is great. It can autodetect datatype but can be tuned if needed which is awesome. It has lots of integrations such as filesystem, syslog, kafka etc., which make setting it up a breeze. It is also sometimes used for metrics. But [I] would rather use timseries db such as influx db, prometheus for metrics. Using logs for metrics tend to be expensive and inefficient.
Read Manish Rajkarnikar's full review
September 15, 2017
Devaraj Natarajan | TrustRadius Reviewer
Score 7 out of 10
Vetted Review
Verified User
Review Source
Elasticsearch is currently in our organization for multiple use cases. With the data volume growing huge and rapidly, we push the data into an Elasticsearch cluster setup. We collect logs from multiple systems and push into E C using logstash and few other message brokers system. We collect telemetry from multiple systems and run algorithms to analyze the data.
  • Indexing
  • Text analysis
  • Time series data handling
  • Connector to other big data software
  • Plugins to visualize the data other than Kibana
  • Better query editor
I have noticed Elasticsearch is good in following scenarios:
Faster Aggregation
Full-text search features
Great performance
Complete Ecosystems of applications

It could have been slightly better in handling indexing. (Should index all the items and create index overhead)
Better load balancing
Elasticsearch aggregations are not always precise, because of how data in the shards is placed
Read Devaraj Natarajan's full review

What is Elasticsearch?

Elasticsearch is an enterprise search tool from Elastic in Mountain View, California.
Categories:  Enterprise Search

Elasticsearch Pricing

  • Does not have featureFree Trial Available?No
  • Does not have featureFree or Freemium Version Available?No
  • Does not have featurePremium Consulting/Integration Services Available?No
  • Entry-level set up fee?No
EditionPricing DetailsTerms
Standard$16.00per month
Gold$19.00per month
Platinum$22.00per month
EnterpriseContact Sales

Elasticsearch Technical Details

Deployment Types:SaaS
Operating Systems: Unspecified
Mobile Application:No