Overall Satisfaction with Elasticsearch
We use Elasticsearch in tandem with Logstash and Kibana, in order to graph trends through log line analysis. The tool has become invaluable as we can peer into data on a deeper level, and set up alerts if there is a high frequency of errors. This becomes useful to study how changes positively or negatively impact production.
- Consolidate data
- Kibana GUI could use some work, better than Logstash though
- URL shortening was just released
- Graph coloring was just released
- ROI since it is open source, yay!
- We have been able to track defects quicker.
- We can detect immediately when deployed changes help or hurt.
We used to keep consolidated logs on a single server, where admins could logi n and zgrep over old log files. This was functional, but not very useful for visualizing big data. Elasticsearch changed the game entirely. Now we're able to view individual log lines in real time through a UI (making it accessible for less techy users), we can graph trends and create panels which show useful information on our wall board. I definitely use Elasticsearch daily, and so do several of our team members.
Elasticsearch is good for any production stack for data analysis, and error monitoring and alerting. The only thing you need is an engineer who's willing to dig through log lines, write queries, and build graphs which accurately track the health of your production systems. I equate this tool to something like New Relic, where if used the right way can provide a lot of insight. If used incorrectly, it doesn't do a whole lot out of the box. It needs to be set up by someone who knows the system and cares to monitor it.