Item: Elasticsearch
Rating: 10
Author: Shannon Donohue

Use Cases and Deployment Scope

We use Elasticsearch in tandem with Logstash and Kibana, in order to graph trends through log line analysis. The tool has become invaluable as we can peer into data on a deeper level, and set up alerts if there is a high frequency of errors. This becomes useful to study how changes positively or negatively impact production.

Pros and Cons

Consolidate data
Searchable
Graphable

Kibana GUI could use some work, better than Logstash though
URL shortening was just released
Graph coloring was just released

Return on Investment

ROI since it is open source, yay!
We have been able to track defects quicker.
We can detect immediately when deployed changes help or hurt.

Alternatives Considered

New Relic Insights and New Relic Browser

We used to keep consolidated logs on a single server, where admins could logi n and zgrep over old log files. This was functional, but not very useful for visualizing big data. Elasticsearch changed the game entirely. Now we're able to view individual log lines in real time through a UI (making it accessible for less techy users), we can graph trends and create panels which show useful information on our wall board. I definitely use Elasticsearch daily, and so do several of our team members.

Other Software Used

New Relic Insights, HipChat, Atlassian Confluence, JIRA Software, Zendesk

Likelihood to Recommend

Elasticsearch is good for any production stack for data analysis, and error monitoring and alerting. The only thing you need is an engineer who's willing to dig through log lines, write queries, and build graphs which accurately track the health of your production systems. I equate this tool to something like New Relic, where if used the right way can provide a lot of insight. If used incorrectly, it doesn't do a whole lot out of the box. It needs to be set up by someone who knows the system and cares to monitor it.

How Elasticsearch changed our culture

Overall Satisfaction with Elasticsearch