Elastic Cloud (Elasticsearch Service)

What do you like best about the product?

Elasticsearch is a fantastic search and analytics platform. It’s easy to use as a SIEM tool, and creating exceptions is straightforward. I really appreciate the ECS field schemes, the agent/fleet/integrations setup, and the quality of support. These features make the platform flexible and enjoyable to work with.
i use elastic every day with our siem
it's easy to setup without certificates

What do you dislike about the product?

The documentation could be improved—especially around “detection as code,” which is difficult to set up and barely documented. Having “exceptions as code” would also be a great addition. I miss certain features that competitors like Wazuh provide, such as a built-in vulnerability scanner. Another gap is the lack of community-driven blogs and integration examples (like those published on Medium by SOCFortress for Wazuh). Finally, I find it strange that certain wildcard searches (e.g., *test* across large datasets like Palo Alto logs) can crash the entire stack.
i would expect for small bussiness, there should be an automatic rotation and trust for certificates between clients and fleet server, our between nodes.

What problems is the product solving and how is that benefiting you?

we use it for threat hunting and to solve problems in our it environment;
We also use it for apm data

What do you like best about the product?

elastic is always improving their products and integrating more AI int their suite of products

What do you dislike about the product?

documentations can get better about newer products.

What problems is the product solving and how is that benefiting you?

elastic's edr is helping us to secure our environment even better, and having a unified all in product to look at the logs ingestion and edr

My main use case for Elastic Cloud (Elasticsearch Service)  is to capture logs from our various systems.

For our cloud service, we have various Elastic agents that ship logs into a central location. We have it all aggregated in our Elastic Cloud . From there, we use the logs for troubleshooting, creating alerts, look for specific patterns, understanding our service a little bit better, and aggregating all that data in one place.

One of the better features of Elastic Cloud (Elasticsearch Service)  is Lucene  Search, which gives our users the ability to search through the mountains of logs without giving them direct access to production systems.

Another great feature is Index Lifecycle Management that allows us to move data to cheaper storage tiers as our data ages out. The feature that we love the best is LogsDB, which allows us to index our data differently so that it doesn't accumulate as much storage in our hot tier and allows us to ship many of those logs, especially older logs to cheaper storage such as S3 .

Elastic Cloud (Elasticsearch Service) has positively impacted my organization by allowing us to move away from expensive services such as DataDog and gives us about the same level of service while allowing us to keep data for a longer period of time at a cheaper price.

The logging feature of Elastic Cloud (Elasticsearch Service) itself is pretty valuable, but we tried the observability module and some of the AI features.

Those need improvement. Observability  is not on par with feature and ease of use with some of the leading providers out there. The same applies to some of the AI features within Elastic Cloud .

I have been using Elastic Cloud (Elasticsearch Service) for five years now.

Elastic Cloud (Elasticsearch Service) is stable.

Elastic Cloud (Elasticsearch Service) is very scalable and very easy; we've had no issues with scaling our solution out.

The customer support for Elastic Cloud (Elasticsearch Service) is fantastic. They're very responsive, and gave us great detail in all our tickets.

I would rate the customer support as 10 out of 10. They are very knowledgeable.

Positive

I previously used DataDog. We switched because DataDog was too expensive, especially when it comes to logging.

It was very quick and easy to set up. The hard part for us was taking out the metrics and observability because it wasn't relevant for us.

The ROI for this has been positive.  We have seen a return of 30-40% in lower costs and improved productivity.  

Teams are more productive because they have a level of self-service to research problems without accessing production systems, which they previously did not have the ability to do.

Previously, accessing logs was complicated, but now everything is centralized. This has boosted productivity for our support teams, and both engineers and other staff can quickly view service logs and troubleshoot issues in a timely manner.

Before choosing Elastic Cloud (Elasticsearch Service), we evaluated other options, such as Grafana  Loki, and Observability .io.  We found that Elastic matched what we needed the most.

LogsDB has made the biggest difference for our team because Elastic can get expensive as your data grows. Our teams want to view data back 30, 60, 90 days and with LogsDB, it allows us to be able to capture that data for a longer period of time and without the expense.

The advice I would give others looking into using Elastic Cloud (Elasticsearch Service) is to identify your pain point and find the tool that your users are familiar with.

For us, it was logging, and Elastic was perfect for that. Our users were very familiar with Lucene  Search and the Lucene Search syntax, which made Elastic the ideal option for us. There are other solutions out there that are more multi-service, but Elastic does logging the best.

Elastic Cloud (Elasticsearch Service) really saves your organization money. You don't need the folks on the back end to manage it and support it on a daily basis. 

On a scale of one to ten, I rate Elastic Cloud (Elasticsearch Service) a nine.

Public Cloud

Amazon Web Services  (AWS )

We use Elastic Search  for search purposes and things related to semantic search.

It is not being used for the moment regarding my main use case for Elastic Search .

In my experience, the best features Elastic Search offers are its stability and brand new features that I consider very interesting.

The machine learning features of Elastic Search are very interesting, including the possibility to include models such as ELSER and different multilingual models that let us fine-tune our searches and use them in our search projects.

The machine learning features of Elastic Search have helped us with many things such as improving our searches and experience for the guests.

We could benefit from refining the machine learning models that we currently use in Elastic Search, along with the possibility to integrate agents, intelligent artificial intelligence, form of agent, and MCP.

It would be useful to include an assistant into Kibana for recommendations, advice, tutorials, or things that can help improve my daily work with Elastic Search.

I have been using Elastic Search and Kibana for about four years.

In my experience, Elastic Search is quite stable.

The scalability of Elastic Search is very good in my opinion. It never has incidents that cause issues in our daily tasks.

The customer support for Elastic Search is one of the best I have ever tried. Whenever I had to create a new incident, I got the responses that I needed.

Positive

I consider Elastic Search a very good project. On a scale of 1-10, I would give it a 10.

The features and capabilities that Elastic Search provides are very easy to use, and the documentation is rich. You can find and understand everything here to use it properly.

I would tell others looking into using Elastic Search that they can try it and see if it fits their use cases.

Elastic Search is a very good product. I really appreciate all the features that it provides, and I hope this product continues its evolution in the way it has been.

Private Cloud

Amazon Web Services  (AWS )

What do you like best about the product?

1. Near real-time search
2. Hugh Scalability
3. In our scenario, it helps us to centralize logs and metrics from different systems into one searchable platform, helping our IT ops and security teams troubleshoot issues quickly.
4. It supports full-text search, filters, geospatial queries, and many more, all in the same engine.

What do you dislike about the product?

1. High resource usage - It is high CPU and memory hungry product.
2. It is quite expensive and complex to manage at scale

What problems is the product solving and how is that benefiting you?

1. It collects logs, metrics, and traces from apps, servers, firewalls, etc. into one platform.
2. It provides real-Time Analytics
3. Root cause analysis in minutes, doesn't take hours/days.
4. Centralized SIEM-like function for threat visibility.
5. Can handle increasing data from Yotta’s hyperscale environment.
6. Elasticsearch turns raw data into actionable insights in real-time — helping us run, secure, and scale our datacenter operations with speed and confidence