At Shopee, I worked with numerous database schemas to find out which table columns belonged to which schema. We utilized Elastic Search to manage metadata for millions of tables, allowing us to search efficiently. Besides that, we used Logstash to put all the log files in Elastic Search for easy searchability.

Elastic Search significantly improved my work. Previously, when searching for text that appears in the middle of strings, the process was time-consuming. Elastic Search enables efficient searching, enhancing system performance and responsiveness. I can also collect logs through Kafka, send them to Elastic Search, and create indices, thus managing logs and customizing searches easily.

Elastic Search provides features such as stemming and range-based queries to search log files efficiently. It allows filtering data easily by searching for specific words based on created indexes. This made searches very efficient, and it also allows for log collection through Kafka and helps with managing logs and customizing searches according to needs, such as grouping by dates or user IDs.

Elastic Search could improve in areas such as search criteria and query processes, as search times were longer prior to implementing Elastic Search. Elastic Search has limitations for handling huge amounts of data and updates, especially if updates are frequent. It doesn't handle big data scale efficiently, especially regarding data size and scale, compared to Apache Solr. It doesn't support real-time search effectively, as it refreshes the indexes every few seconds.

It is stable as many companies already use Elastic Search. In cloud scenarios, it manages well by scaling up or down based on peak traffic. Otherwise, similar functionality needs to be replicated in a private cloud, including backups.

Elastic Search requires enhancements for handling huge amounts of data and updates. Segmenting or sharding data and complexities regarding the cluster can be issues. Updating in Elastic Search involves index computations and user dependencies. There might be issues regarding data size and scaling, but these can be tuned and improved.

I remember Apache Solr, which is generally used for much larger scale data compared to Elastic Search. Apache Solr is used by most companies, and while Elastic Search is very common, there are technologies similar to Elastic Search, though I'm not familiar with all the names.

I have used Elastic Search, but I might not be aware of many internal details; I just used the API to create an index, manage data, and search. It's very useful. On a scale of 1-10, I rate it an eight.

The full text search capabilities in Elastic Search have proven to be extremely valuable for our operations.

Regarding AI integration, we have not yet implemented any AI-driven projects or initiatives using Elastic Search.

I am currently working with Elastic Search as the primary solution.

My role is Senior DevOps engineer at UVIK Digital.

On a scale of 1 to 10, with 10 being the highest, I would rate Elastic Search as an 8 overall as a product and solution.

Positive

I use the solution to store historical data and logs to find anomalies within the logs. That is about it. I don't create dashboards from it.

I find the solution to be fast. Aggregation is faster than querying directly from a database, like Postgres or Vertica. It's much faster if I want to do aggregation. These features allow me to store logs and find anomalies effectively.

I found an issue with Elasticsearch in terms of aggregation. They are good, yet the rules written for this are not really good. 

There is a maximum of 10,000 entries, so the limitation means that if I wanted to analyze certain IP addresses more than 10,000 times, I wouldn't be able to dump or print that information. I need to use paging or something similar as a workaround. That's what the limitation is all about.

I have probably used it for three or four years, maybe longer.

The solution is very good with no issues or glitches.

In terms of scalability, I have multiple Search instances. I can actually add more storage and memory because I host it in the cloud. It's much easier in terms of scalability, and I have no complaints about it.

I have never talked to technical support.

Neutral

I am using Elasticsearch.

The initial setup is very easy.

I did not use any outside assistance.

I don't know about pricing. That is dealt with by the sales team and our account team. I was not involved with that.

I am evaluating InfluxDB as well. Timescub is a kind of database.

I would rate Elasticsearch at eight out of ten.

We are using Elastic Search for free text search. We scan cache files and convert them into OCR. This allows our end users to search for any judgment given in the 1980s or 1990s based on their criteria. 

Elastic Search is very quick when handling a large volume of data. The facet search is particularly valuable. It is scalable. Elastic Search makes handling large data volumes efficient and supports complex search operations.

There should be more stability. When we started learning it, new versions came out frequently in one quarter with extended features. This can create problems for new developers because they have to quickly switch to another version. Stability could be improved, as it sometimes requires quick adaptation to new versions.

We have been using Elastic Search for two years.

Elastic Search is generally stable, however, the frequent release of new versions can cause challenges for stability. If asked to rate stability, I would give it an eight out of ten.

Elastic Search is scalable. Our supreme court uses it for the whole nation across all judgments, so it must be scalable.

We have not contacted customer service. We rely on documentation for solutions.

Positive

We are using Elastic Search for free text search in our project.

The documentation for Elastic Search is very well structured. It provides easy-to-follow steps for installation, making it a straightforward process.

One person can install Elastic Search by following the documentation steps.

Our organization prioritizes open-source tools. We have not purchased any licensed products, and our use of Elastic Search is purely open-source, contributing positively to our ROI. We adopt open-source tools due to the organization's policy.

Our experience has been positive, finding solutions in documentation without needing customer support. We also use supporting technologies like PostgreSQL, Spring Boot, and Subversion for seamless integration. 

I rate Elastic Search nine out of ten.

I am an end user, and we use Elasticsearch for our logs. Specifically, we use it for security logs for our enterprise, including machines, networks, and endpoints, as part of our IT infrastructure.

We have been able to collect our live logs, which helps us run security operations more effectively. It has enabled us to identify false positives and detect real-time malicious activities in the network.

The security portion of Elasticsearch is particularly beneficial, allowing me to view and analyze security alerts. It serves as a query engine for the database, enabling us to analyze logs for potential threats.

An improvement would be to have an interface that allows easier navigation and tracing of logs. The current system requires manually inputting dates to verify alerts. A visual timeline that pinpoints possible anomalies would be beneficial.

I have been using Elasticsearch for approximately one year.

I would rate the stability of the solution as nine out of ten. It is very robust.

I would rate the scalability as either nine out of ten. It's a very robust solution.

I do not interface directly with technical support from Elastic. Another colleague manages that aspect.

Positive

We did not use any different solution before Elasticsearch.

I was not involved in the setup process. Our architects and technical officer managed it.

I am not directly involved with pricing or setup costs. While I know a portion is open-source, a paid version might be necessary.

It was not my duty to evaluate other options. The architects and chief technical officer handled those decisions.

For someone wanting to be a security analyst, Elasticsearch is a valuable tool. It helps organizations collect large amounts of logs from various platforms like Windows, Ubuntu, and Palo Alto Networks.

I'd rate the solution eight out of ten.

It has helped by notifying me when something happens. I deploy my team to the infrastructure to fix the application. However, receiving alerts before something happens would be more beneficial.

New Relic is very similar to Elasticsearch in functionality; it's easier to use.

New Relic could be more flexible, similar to Elasticsearch. It could improve on providing notifications before something happens instead of when something happens.

It is a stable and good platform.

It's scalable. There's no need to worry about the environment. You just configure it, and it runs without issues.

I haven't used their support, however, a colleague I talked to about this platform with has used it.

Positive

The initial setup is not complex. The only part that may require specific knowledge is communicating your cloud environment with New Relic and managing the cloud environment configurations.

Comparing the costs between New Relic and Elasticsearch is difficult as New Relic's cost is for processing metrics, whereas Elasticsearch's cost is for storage.

I recommend New Relic, however, it depends on the specific use case you have. I'd rate the solution eight out of ten.

We use Elasticsearch as an alternative to Splunk. It is basically for log monitoring.

It's probably a cost-efficient alternative to Splunk. The search interface is nearly the same. When it comes to visualizations, Elastic is a bit better than Splunk.

Elastic Search needs better guides for developers. Better guides for development.

I have been using it for a year.

I would rate the stability an eight out of ten. 

It's fairly scalable. I would rate the scalability of this solution a ten out of ten. 

There are around five end users using it in my team. 

Till date, we did not have any issues with  customer service and support. Like, initially, we had issues in accessing the portal. But that was the only issue, but it was resolved pretty quick.

The initial setup is fairly simple. Initially, it was on-prem, but right now, it's on the cloud.

It is pretty easy to integrate as well.

It's like, when someone is buidling products for scale, it reduces the time to market.

I would rate the pricing a seven out of ten, with one being high price and ten being low price. It could be cheaper for certain use cases, but since it gets the job done, no complaints for the pricing. 

Overall, I would rate it a nine out of ten. I would definitely recommend it to other users. 

It is basically for the banking and non-banking sectors. We use it for the APM perspective and application performance monitoring, but not in a holistic way; it is just layer seven, layer five, and six that are there.

In analytics, people use it for search patterns. I've also used Elasticsearch for indexing, where we can have content and do these things. But from an analytics perspective, I have never used Elasticsearch. I have used it in one project

It's a good tool because if you compare it with MongoDB, MongoDB is better. It has a very good data warehouse and search pattern. Elasticsearch cannot be made into a data warehouse. You can use it for smaller-scale analytics, but if you are looking at anything over 30-40 TB, it's not a data lake or big data solution. 

It's a normal database, and any Oracle database or enterprise DB like MSSQL or PostgreSQL can do these things. I've never used it for unstructured data. I have used MongoDB, but not for this.  

All features are almost the same as other observability tools. The best part I like is that it becomes a MOM aka monitoring of monitors. It can capture data from all other sources. It's not a unique feature of Elasticsearch itself because other tools like Dynatrace do do the same thing. But from an ROI perspective and a user-friendly perspective, it is a good tool.

Even at level four to level seven of the OSI model, it does monitoring very well. There are a lot of AI-embedded tools or prediction tools, and numerous default reports are available, which get populated easily. 

So, the quality features are there. There are about 60  to 70 odd reports available. When you deploy the tool and the logs come in, they can capture those logs and automate field mapping and other things. That's the feature—by default, a few reports are available.

The data indexing capability of Elasticsearch is very good. It does the indexing correctly. It's not over-indexing, so it's perfect. It's very good. But how it works depends on the customization of the application and the search pattern you want. The log can be easily viewed, and based on that, you can easily tag things.

Scalability and ROI are the areas they have to improve. Their license terms are based on the number of cores. If you increase the number of cores, it becomes very difficult to manage at a large scale. For example, if I have a $3 million project, I won't sell it because if we're dealing with a 10 TB or 50 TB system, there are a lot of systems and applications to monitor, and I have to make an MOM (Mean of Max) for everything. This is because of the cost impact. 

Also, when you have horizontal scaling, it's like a multi-story building with only one elevator. You have to run around, and it's not efficient. Even the smallest task becomes difficult. That's the problem with horizontal scaling. They need to improve this because if they increase the cores and adjust the licensing accordingly, it would make more sense.

I have been using it for more than four to five years. 

I would rate the stability a nine out of ten. It is a good product. It is a stable product. 

Elasticsearch has horizontal scalability. The users can scale up to any level. The only problem is related to disaster recovery. After some time, it becomes very difficult to do the DC/DR mapping because observability is a critical tool for event alerts. It becomes difficult to manage real-time events if the primary data center goes down and the disaster recovery site needs to take over. This is an issue for large projects like those at tier-one organizations like Ford or big banks. For mid-level and lower-level tier-two or tier-three organizations, it is good.

Another thing to consider is that Elasticsearch has high resource utilization on both the vertical and horizontal levels. But it's a good product for tier-two organizations.

All my clients are enterprise businesses. 

I've never heard anything wrong from the delivery side, but it's an international company with a very good product. So, the support system should be good.

Positive

I tried to sell Kibana twice, but in terms of deployment, we've used it in two or three places. However, I don't have hands-on experience with Kibana. 

To be very honest, we faced some setbacks with Kibana, particularly with network-level monitoring. This issue occurred a few weeks ago when I tried to sell one of our products. We have used Kibana for APM purposes, as well as the Elasticsearch ELK stack.

From an application perspective, it’s one of the tools we use. I can share a lot of insights, but I haven't seen all their reports or dashboards. So, my experience is from a presales perspective rather than a deployment perspective.

If I compare it with other auxiliary tools like Dynatrace, SolarWinds, or Relay, Elasticsearch is very competitive and user-friendly. 

One thing about Elasticsearch is the way they sell licenses for their database, which can be a bit hidden. Many people think Elasticsearch is entirely open-source, but there are charges involved. It's an MPP-based NoSQL database with some limitations on certain datasets.

I would rate my experience with the initial setup a nine out of ten, with ten being easy. It is easy, not that difficult. 

It can be deployed both on the cloud and on-premises. I've seen on-premises deployments. This is especially true in other parts of the world where governments don't want to use the private cloud and have their own private cloud. I have mostly worked with on-premises deployments.

The mapping can take three months on average. However, the deployment time depends on the project. If you have a hundred servers, it will take two or three weeks. With three or four thousand servers, it will take longer. It's the same with any tool, like Dynatrace or SolarWinds. We have to map services and events, set thresholds, and configure event triggering and notifications. There's a lot to consider, so it depends on the project scope, the number of servers, the data captured, and whether it's agent or agentless. It's difficult to calculate an average about how many days it will take.

I would rate the pricing an eight out of ten, with one being cheap and ten being expensive. It is not very costly, but it is not cheap either. 

I would rate it to others. Elasticsearch can be used for many things. It has a good indexing parameter and can be used for search patterns and more. 

If it's for observability, I would give it a nine out of ten. The only issue I have is with APM (Application Performance Monitoring).

Elasticsearch as a product is different than Elasticsearch as a search engine. Elasticsearch is also different as an analytics tool. It depends on the analytical solution and how they want to fetch data from Elasticsearch as a database. As a search engine, it is one of the best. 90% of people use either Solar or Elasticsearch for web portals and other things. Nobody can challenge Elasticsearch in that area. So, out of ten, I would give it a ten.

But for analytics, I'd give it an eight. It depends on my database and in-memory tools. If I use QlikView or other tools, I'll just use Elasticsearch as a database. It's just like any other database they are using for in-memory analytics. 

For observability, Elasticsearch, Logstash, and other things, it is a good component. It's good for tier-two enterprises. But when you define "enterprise," you must be specific. If you mean more than 2000 servers, then 90% of people won't consider it. There are other observability tools on the market. So, be specific in your query.