Elasticsearch for Log Management
January 18, 2018
Elasticsearch for Log Management
Score 10 out of 10
Vetted Review
Verified User
Overall Satisfaction with Elasticsearch
We utilize Elasticsearch (with Kibana and Logstash) to provide log management services internally and as an offering to our IT clients. This helps clients meet compliance regulations requiring log review and SIEM implementation without paying the premium at other high-end products. In essence, Elasticsearch allows us and our clients on the platform to gain greater visibility into their applications and endpoints.
- Elasticsearch has a great ecosystem and user base.
- Elasticsearch is easy to use and set up (once you have the basic training).
- The document/searching focused feature of the database is perfect for log management (or any searching) application.
- I wish many of the features in the X-Pack were native.
- We have built out an entire service line using Elasticsearch.
- Clients see their compliance audits eased by the Elasticsearch based products.
- AlienVault and MongoDB
Other services, such as Alienvault or MongoDB, are not designed to integrate as well with parsing log data. Graphite was much more difficult to work into an usable product as it does not integrate as easily with log parsing plugins. Elasticsearch had the right features to provide what we needed out of the box rather than requiring us to write numerous custom tools just to get the basic features.