Elasticsearch is a tricky, but great data platform
We use Elasticsearch (Elastic for short, but that includes Kibana & LogStash so the full ELK kit) for 3 major purposes:
- product data …
Elasticsearch
Top Rated
Elasticsearch
Overview
Reviews
Reviewer Pros & Cons
View all pros & cons
Oscar Narváez Del Rio
Tools & Analytic Monitoring Leader
Entel (Telecommunications, 5001-10,000 employees)Pricing
View all pricingStandard
$16.00
Cloud
per month
Gold
$19.00
Cloud
per month
Platinum
$22.00
Cloud
per month
Entry-level set up fee?
- No setup fee
Offerings
- Free Trial
- Free/Freemium Version
- Premium Consulting / Integration Services
Features Scorecard
No scorecards have been submitted for this product yet.Start a Scorecard.
Product Details
What is Elasticsearch?
Elasticsearch is an enterprise search tool from Elastic in Mountain View, California.
Elasticsearch Technical Details
| Deployment Types | SaaS |
|---|---|
| Operating Systems | Unspecified |
| Mobile Application | No |
Alternatives
View all alternatives
Frequently Asked Questions
What is Elasticsearch?
Elasticsearch is an enterprise search tool from Elastic in Mountain View, California.
What is Elasticsearch's best feature?
Reviewers rate Support Rating highest, with a score of 7.8.
Who uses Elasticsearch?
The most common users of Elasticsearch are from Enterprises and the Computer Software industry.
Reviews and Ratings
(177)
Ratings
Reviews
(1-25 of 177)- Popular Filters
Companies can't remove reviews or game the system. Here's why
November 09, 2021
Elasticsearch is a tricky, but great data platform
We use Elasticsearch (Elastic for short, but that includes Kibana & LogStash so the full ELK kit) for 3 major purposes:
- product data persistence - as JSON objects.
- as log storage - different components produce log files in different formats + logs from other systems like the OSes and even some networking appliances.
- as test automation results storage & reporting platform - this is an implementation we glimpsed from an old Trivago blog post.
- Data persistence & retriveval
- Data indexing
- Metrics & reporting over data thanks to its query language & Kibana visualization
- Flexibility of data sources - a lot of existing "beats" + ability to push custom data easily
- Very scalable - although a minimum of 3 nodes is advised, even a 1-node installation can work great for some use cases.
- Licensing - this is big issue with a lot of companies that try to embed Elasticsearch as a part of their products and not have to expose that explicitly or deal with licensing complications.
- Security - this is not a feature enabled by default so installations can go and be unsecure & thus exploited without anyone noticing.
- Having security turned off can be beneficial for some performance optimizations though.
- Cluster restructuring/upgrading - if you need to do a rolling cluster upgrade, node roles and data replication is handled in a complicated & tricky way so you need to have knowledge & experience to survive such an operation with your data & cluster to be operational after it.
August 18, 2021
Elasticsearch Observability Enables an Outstanding Capacity To Transform IT Operations
Elasticsearch enables an operational capacity to quickly adopt this technology and boost observability on the different platform's components (infrastructure, integration, application, and services). Elasticsearch distributed architecture to index and search data make it a robust platform to scale on the go and support operational needs.
- Observability features
- Machine learning for anomaly detection
- Index and search high volume of data
- Basic alerting features
We use Elasticsearch to Index and make available for Search and Navigation our proprietary data on the M&A landscape. It drives dashboards and alerts to allow users to monitor trends and the latest events that occur in our dataset. It aligns our research group with our bankers. We marry it to Couchbase and MS SQL-Server.
- Indexing text data
- Aggregations allow users to progressively add search criteria to refine their searches
- Find trends in our data with Aggregations
- Integrate text Search our taxonomy Search
- Joining data requires duplicate de-normalized documents that make parent child relationships. It is hard and requires a lot of synchronizations
- Tracking errors in the data in the logs can be hard, and sometimes recurring errors blow up the error logs
- Schema changes require complete reindexing of an index
May 17, 2021
Elasticsearch OSS Review
We are using this in conjunction with other applications such as Atlassian stack. So this is being used throughout the whole organization but is an extension to another application. This allows us to search for words/topics very quickly in projects and commits. We currently use it in a single server instance.
- Database
- Scalability
- Deployment
- Backup
- Rest API browser
- Remote management using utilities
April 01, 2021
Elasticsearch Review
It is used in our custom software application for advanced searching and filtering capabilities for our users.
- It allows extremely fast search and filtering on large datasets
- It has a very powerful aggregation engine that can allow for tons of customizable analytics and reports.
- The documentation could be a bit more detailed and have more examples, especially for advanced functionality.
- The ability to update/change existing live field mappings would be nice.
- The ingest pipeline structure is a bit more complicated and confusing than previous implementations for using things like attachment plug-ins.
January 13, 2021
Elasticsearch: for searches, you know!
In my organization, Elasticsearch is used as a fast and simple solution for providing search capability to text-based data and to easily perform analytics for our dashboard. Being a JSON-based response system, our APIs become simple and support multiple behaviors by translating to Elasticsearch queries. Not only does Elasticsearch act as our analytics platform, but also it serves as secondary database storage.
- Text-based searches on data
- Daily, weekly, monthly analytics on data
- Super easy scripting with painless scripting language
- Relational data query
- Sync data from SQL on table change (with hash maybe)
- Provide better tutorials for beginners
March 06, 2020
Elasticsearch: Open-source, Fast, Excellent!
Elasticsearch is currently our log aggregator and SIEM. It is collecting Windows Event Logs, Syslog, DNS logs and HIDS logs. We use it in the IT department, but its reach is far and wide and collects data from every domain machine we have. The problems it solves are numerous! We have dashboards set up for authentication activity, firewall event and VPN activity. With a single glance, it's easy to understand the data and move on to other tasks. In the event of an incident, the detail that is able to be gleaned is incredible. The SIEM app has a working Timeline feature that allows you to simply drag and drop events when investigating an issue. Host intrusion is done by a third-party app but is able to ship the data right to Elasticsearch for easy processing, storage, and display.
- Log storage efficiency - We have millions of events a day and are able to keep 90 days worth for under 1TB of on disk space.
- Dashboards - Technically through Kibana(but I consider the entire stack as part of Elasticsearch.) Dashboards are easy to manipulate and create from scratch. Many shippers have premade dashboards ready for day one, too.
- Speed - Have you ever searched an indexed database of 200 million events and found an answer in a matter of seconds? You could with Elasticsearch.
- Free/self-hosted can be a nightmarish amount of work. When you break it, it's easy to lose data.
- Documentation is thorough at times, but there still seems to be holes in some components. For instance, PacketBeat doesn't explicitly tell you best practices for DNS logging, and I had to use a different resource to get an answer.
- Pricing - The free tier is excellent, but it's a significant jump up to get the machine learning modules, endpoint security and more.
February 14, 2020
Elasticsearch helps you find the information you need!
Our organisation is currently using Elasticsearch for the Elasticstack functionality. Elasticstack gives us functionality to collect, aggregate, search and alert on logging. Kibana, which runs within the Elasticstack, gives us the functionality to create neat dashboards which we use within every layer of our organisation. This addresses the need for various levels of insight across the organisation.
- Complete package.
- Open-source.
- Complex query mechanism.
- Complex architecture to set up and optimize.
January 06, 2020
Brilliant search powerhouse
We're using Elasticsearch for indexing most of our data, allowing for blazing-fast searches. We store massive time-series data volumes from thousands of IoT sensors that Elasticsearch handles brilliantly, making metrics available in realtime. We're also running dashboards and canvas in Kibana, fed from Elasticsearch, which gets updated in realtime.
- Performance.
- Ease of set-up.
- Tuning for ingress performance can be tricky.
- Merged documents can become a bottleneck.
December 02, 2019
Elasticsearch is a great product!
Elasticsearch is being used to store and search architecture standards, guidance, and other documents pertaining to software architectures. When used with the Spring Java Framework, it is extremely easy to set up custom queries.
- Search queries based on Java class member names.
- Very detailed queries through the standard library.
- Extremely fast.
- Easy to index.
- Ability to search content when data only in fields.
- Query syntax could be made simpler.
- Auto sharding.
November 19, 2019
Reliable and affordable solution which is figuring as a industry pattern for managing huge data searching.
In a cloud universe where we have hundreds or even thousand of servers to manage, is is a huge challenge to figure out the root cause of issues, it is totally unacceptable keep this sort of environment without a reliable logging and analysis system. Being part of the ELK stack, Elasticsearch give us what is necessary to handle this huge amount of data. I can't imagine our environments without Elasticsearch nowadays.
- Centralized logging
- Easy content searching
- Handle tons of data
- Poor documentation
- Not so easy at the first contact
- Hard to debugging issues
October 09, 2019
Very useful for eCommerce
Elasticsearch is used on our B2B and B2C eCommerce websites to provide fast and powerful search capabilities for products. Search by title, artist, or various facets like genre, price-range and availability-date results in a list of products that the user can then drill down or continue searching within the result list. Within the organization, Elasticsearch is used by the programmers in the IT department.
- Search results are provided very quickly.
- The search results are accurate.
- Search results contain details on the accuracy of each hit.
- There is a steep learning curve for this product so what is most useful for developers is good documentation including examples and sample applications.
June 06, 2019
An amazing search engine
Elasticsearch is being used for multiple purposes in multiple projects: centralized log management, APM, Metrics Collection as a TSDB, and as a replacement for traditional OLAP databases. It provides a high-performance indexing and search engine, which has become an invaluable tool addressing hard problems that would otherwise be very difficult to solve.
- Ingress and indexing.
- Searching.
- Aggregations.
- Aggregations on top of other aggregations.
- Encryption at rest.
- Has a performance penalty when using inked documents.
Elasticsearch has been a big help for us. We used to work with Application Performance Management Tools that need another layer of visualization and data treatment, and with Elasticsearch we have delivered better insights for our customers.
We use Elasticsearch at our Technology & Services Department to address these issues for our customers:
- Customized Dashboards.
- Anomaly Detection.
- Metrics Predictability.
We use Elasticsearch at our Technology & Services Department to address these issues for our customers:
- Customized Dashboards.
- Anomaly Detection.
- Metrics Predictability.
- Anomaly detection. It can find patterns over a wide variety of metrics and values.
- Behind the walls, Elasticsearch has a robust distributed architecture to support queries and data processing, and it is easy to maintain and scale.
- Elasticsearch has a new Elastic Cloud SaaS solution which is very easy to deploy, set up, and scale with all features and more.
- Elasticsearch has an important security layer to separate access to data and dashboards.
- If you want to explode Elasticsearch's capabilities, you need to have a medium-high SQL and Database knowledge.
- The user interface is heavy in Java requirements, and sometimes you can get some lag displaying heavy results for heavy queries.
- It will be helpful if you can construct Logstash queries with a drag&drop based user interface.
February 27, 2019
Works well but is difficult to set up and manage
We currently use it to log the details of our RPA processes as they run through their production and development environments. They log back checkpoints, statues and error messages back to the Kibana database we use in conjunction with Elasticsearch.
- Powerful beats modules.
- Later number of input/output pipelines.
- Open documentation.
- Documentation is often incomplete.
- Forums are very full but misleading.
- The programs don't work well together. They have different methodology and flavors in each.
- Different configurations in each element make it difficult to use.
We use Elasticsearch for our online (realtime) search engine. We've indexed over 2 billion documents, including every physician, hospital, and clinic in the United States. We started using ES from the beginning since I had a bunch of great experiences with the technology from my last job. We load data into Elasticsearch from multiple locations, including Postgres and BigQuery. On top of Elasticsearch, we've built a number of analytics tools that let us not only search but also deliver analytics for our stored data -- like top physicians performing a specific service and geography-based analyses. Overall we're super happy with Elasticsearch.
- Super-fast search on millions of documents. We've got over 2 billion documents in our index and the retrieve speeds are still in the < 1-second range.
- Analytics on top of your search. If you organize your data appropriately, Elasticsearch can serve as a distributed OLAP system
- Elasticsearch is great for geographic data as well, including searching and filtering with geojson, and a variety of geospatial algorithms.
- Elasticsearch is highly distributed, but it takes time to tune so you get the right performance out of your cluster.
- The query language is not SQL, so it's not a straightforward conversion from an RDBMS to Elasticsearch for searching through data.
- There are lots of ways to insert data into Elasticsearch, and some are better than others (batch vs. single insert). Need to experiment with your own data and environment.
Elasticsearch is being used for multiple purposes at Iconscout. Starting from a search engine to viewing detailed analytics. We're even using it for logging of the server. It helps us to query through the millions of data easily and efficiently.
- Fast Search through millions of data
- Uses a very limited storage to store the data - high compression
- Easy to get started & configure
- Their documentation needs a lot of imporvement
- Difficult to understand query language
- New updates are difficult to adopt
April 13, 2018
Find more faster with Elasticsearch
We use Elasticsearch to efficiently search large pools of data. Elasticsearch gives us the ability to have blazing fast searches even when doing partial text matches on multiple fields.
- The best solution we've found for blazing fast searches, especially text-based.
- Easy to add nodes for data redundancy.
- Good documentation makes getting up and running easy.
- I found the learning curve fairly difficult having a SQL background.
March 01, 2018
Enthusiastic for Elasticsearch
We decided to start looking into Elasticsearch after we had good success with using lucene (the full-text search indexer that Elastic uses). We had some queries in Oracle that were running EXTREMELY slow and knew we had to do something for the customer to make their experience better. We had a few thoughts on what we could use and Elasticsearch fit what we really wanted.
- Searching, it does it well and searches are fast...real fast.
- Ease of use, we were able to get an Elasticsearch cluster up and running in a half hour and doing basic searches after that was very easy with simple requests
- Redundancy built in and stability. We haven't had any of our Elastic clusters go down intentionally, but testing out redundancy by removing nodes Elasticsearch has gone flawlessly.
- Only breaking changes between versions when they are absolutely necessary.
- Works well with .Net libraries that are supported and coded by Elastic.
- A bit more of a learning curve for complex searches, indexing more complex things.
- Some of our updates between versions haven't gone as smoothly as we would like, but in more recent versions Elastic has done a much better job at trying to allow for full uptime upgrades.
- Configuration needs to be set up to do larger searches, or more complex searches and at times while starting it wasn't obvious what configuration needed to be changed.
August 31, 2017
ElasticSearch is a simple straightforward search engine that literally anyone can get started with!
We use Elasticsearch as the storage/search component of our logging infrastructure (ElasticStack). Once we have broken apart the individual variable components of each log as their own variable type using Logstash, we store those records in to Elasticsearch. Kibana queries Elasticsearch to display the resulting data. We also utilize Elasticsearch to display the cluster status for each of our markets across our entire web cluster using an internal reporting tool we wrote.
- Effortless to set up. Literally set the memory thresholds for Java and start throwing JSON formatted records in to the database, it "Just Works". Even clustering is automated as the cluster finds other ElasticSearch servers on the network and assigns each a name.
- Very simple to use interface either through it's RESTFUL API (ala Curl) or via its speedy protocol on port 9300. Once records are added, the very easy to use Apache Lucene syntax is supported to extract data.
- It's search capabilities are fast on huge datasets, even on very modest hardware. Our organization operates in the hundreds of servers taking thousands of requests a second, each with it's own log w/ a 2 week retention. The ElasticSearch server we recently decommissioned was Pentium 4 Netburst class Xeon, it rarely skipped a beat.
- Setting Java memory thresholds can be a pain for those not accustomed to things like Eden Space & Old Generation which can lead to over allocation, or more likely, under allocation. Apache Solr had a similar issue. It would be nice if the program would take an extra step and dogfood it's own advice by analyzing the system & processes to return a solid recommendation for that configuration. The proper configuration information is outlined in the documentation, it would be nice if that was automated.
- The only health check that ElasticSearch reports back is a "red" status without any real solid information about what is going on, though its usually memory thresholds or disk I/O. I am currently on ElasticSearch 1.5 so that may have changed for newer versions. When the status goes "red", I as the administrator of the software, feel like I lose control of whats going on which should rarely happen. Something more verbose would eliminate that.
- This is more of a critique of the ElasticStack in general. The whole top to bottom stack is starting to get feature creep with things that are better suited in other software and increasing the barrier for entry for people to get started with setting up a robust logging infrastructure. ElasticSearch as a storage search engine, is pretty streamlined, but I can see that the tools that comprise the ELK Stack are going to require a certification with constant study at some point. During major release for Logstash a while back, it literally took a month to learn a new language because Elastic completely changed the syntax. For a medium sized organization of only a couple of admins, that is a pretty high bar where time is money. They really should work on refining/automating the tools & search engine they have, instead of shoehorning/changing things on to an already rock solid foundation.
November 14, 2017
Excelent choice for data analytics and search engine
Elasticsearch helped us to provide comprehensive reports, and frequent queries on our data (millions of rows), provided us a performance that we could not achieve before (though we have only 40 concurrent users at most) We also consolidate data from many sources within our company, and elasticsearch made it easy for us to do data analyzing, to have many useful insights of our data; things that we could never do (so easily) in the past.
- Comprehensive reports and queries
- Data analytics
- A better way to provide custom functions. I struggled with implementing the PercentileExc (exlusive) funtion, the one that Excel provided, because the business users requested it.
- Better IntelliSense in development console, when the query is complex, I often lost the IntelliSense feature. The “exists” query is not supported by IntelliSense.
October 04, 2017
Elasticsearch review
Elasticsearch is used across the whole org. It's used mainly for storing and searching application logs. We have many elastic clusters set up differently. Sometimes it's one cluster per app; sometimes it's one cluster for many apps; depending upon the volume of data being generated. Elasticsearch is used mainly for debugging purposes rather than metrics, but sometimess it's used along with Kibana to visualize metrics also.
- Elasticsearch search with its clustering solution provides a scalable logging solution. A number of query nodes, data node and master node can be added on demand to make the whole system very scalable making it possible to store and search terabytes of data.
- Elasticsearch provides logstash, file beat, and many others. It makes it really easy to ingest a log with less setup.
- Elasticsearch query language is based on Lucene and is very powerful.
- Elasticsearch is mostly free except a few features such as authentication and authorization; making it really financially economical for companies to deploy it on large scale.
- Elasticsearch doesn't have a free alerting solution. It has elastalert but it's not comparable to the paid version.
- It's lacking authentication and authorization which makes Graylog a more enticing option.
- It's lacking a mechanism to protect cluster against runoff queries. Can bring down cluster to its knees.
September 15, 2017
Developer's Elasticsearch Review
Elasticsearch is currently in our organization for multiple use cases. With the data volume growing huge and rapidly, we push the data into an Elasticsearch cluster setup. We collect logs from multiple systems and push into E C using logstash and few other message brokers system. We collect telemetry from multiple systems and run algorithms to analyze the data.
- Indexing
- Text analysis
- Time series data handling
- Connector to other big data software
- Plugins to visualize the data other than Kibana
- Better query editor
April 04, 2017
Find things with Elasticsearch
The first use case is log aggregation. We have a number of micro-services running, some of them in Docker, and we use the ELK to ensure we have easy access to our most recent logs. This proves invaluable for fault detection and diagnosis and is used primarily by engineers. Another use case in a customer-centric search index. Each of our customers is described by a set of data points that come from various sources and are indexed in Elasticsearch. The index is later used by marketing, customer service, and other departments to get quick insights on our customer base.
- Flexible and advanced search.
- Ease of creating time-based indices and automatic archiving of old indices.
- Quick data ingestion.
- Configuration. Looking forward to seeing Elasticsearch detecting hardware specs and self-adjusting its config.
- The lack of _changes streams. They were promised to appear in 2.0...
- The price of the hosted solution could be lower.
April 13, 2017
One of the best search engines out there
Elasticsearch its a critical piece of our platform. We rely on it not only for searching of our documents (that is 80% of our business goal and most used feature) but for tracking logs and analytics with Kibana. Elasticsearch allows us to build this amazing search component that gets the user the refinement they want so they can find easily and quickly the results they are looking for. Monitoring our logs is almost that important; we track incidents and code quality among others.
- Search
- Organize data
- Scale
- Mapping and data type auto conversion