It provides all the Lucene search power for full-text searches, but simplifies queries through its to RestFul Web interface.
- Allows large-scale data exploitation.
- Allows real-time analytics.
- Allows the creation of alerts.
- Allows full-text search with high response speed.
- Search as you type is written by providing search suggestions.
- Supports structured and semi-structured searches.
- Compatible with all platforms that support Java.
- Being distributed facilitates scalability.
- Its replies are in JSON format, it does not support others like CSV or XML.
- Allows data backup in a simple way.
- Multi-tenancy capability.
- It allows its use on the Hadoop ecosystem.
It allows the entry of multitude of data sources, the transformation to its internal logtash format and different types of data outputs.
Ideal for creating alerts that report in real time.
Note: There are two other tools for managing alerts that are Wacher and Elastalert.
FileBeat is a lightweight application that is deployed on each server where logs are produced, with the aim of reducing the consumption of resources in such a way that each Beat sends the data to a single Logstash server for processing and subsequent storage in Elasticsearch.
Ideal for analyzing and displaying log aggregation.
X-Pack is a proprietary tool with a 30-day trial, which allows security options, alerts, monitoring, reporting, graphics, machine learning and SQL.