At the end of November, we’ll be migrating the Sematext Logs backend from Elasticsearch to OpenSearch

Elastic Stack Features (formerly X-Pack) Alternatives Comparison

March 6, 2019

Table of contents

Elastic Stack Features (formerly X-Pack) is an Elastic Stack extension that bundles security, alerting, monitoring, reporting, and graph capabilities. One could use either all or specific components.

Elastic Stack Features as Splunk Alternative

People love Splunk. But not its price. So people are always on a lookout for a good Splunk alternativeMany of those people migrated from Splunk to ELK Stack or Hosted ELK Stack solutions like Logsene.

The situation with Elastic Stack Features (formerly X-Pack) is similar. It’s a nice package of tools bundled with professional services, but people don’t love “Elastic Stack Features” pricing. Thus, naturally, people again look for “Elastic Stack Features” alternatives. Luckily, there are a number of alternatives for each “Elastic Stack Features” component.

Looking for alternatives to the pricey Elastic Stack features?
We offer the whole package – monitoring, alerting, security, and more – with Sematext Cloud.
Check it out! See our plans
Free for 14 days. No credit card required

Before we start, check out two useful Cheat Sheets to guide you through Elasticsearch and help boost your productivity and save time when you’re working with this open-source search engine.

Elastic Stack Features (formerly X-Pack) Alternatives

Let’s unpack the X-Pack and see what X-Pack alternatives are available as either open source tools, commercial alternatives, or cloud services:

[table id=8 /]

Let’s dive deeper into each alternative:

Elasticsearch Security (former Shield) Alternatives

  • Sematext Cloud or Enterprise for time series data use case – like metrics, logs: Sematext Cloud provides role-based access control and SSL/TLS encryption. If you are on a lookout for a secure alternative for time series data such as logs or metrics, Sematext Cloud might be a good alternative.
  • SearchGuard provides a free, open-source alternative to X-Pack Security. SearchGuard support and enterprise features are not free of charge – the license model is per cluster – but it is probably a cost saver relative to X-Pack. Learn more about Securing Elasticsearch and Kibana with SearchGuard.

Elasticsearch Alerting (former Watcher) Alternatives

  • Sematext Cloud provides alerts on metrics and logs. It offers alerting based on threshold or statistical anomaly detection, as well as heartbeat alerts. It comes with default alerts for all integrations (e.g. for disk storage or JVM garbage collector, etc.) and features ChatOps integrations like PagerDuty, Slack, HipChat, BigPanda, WebHooks, Pushover, e-mail, etc.
  • Elastalert (open source) is a simple and popular open source tool for alerting on anomalies, spikes, or other patterns of interest found in data stored in Elasticsearch. Elastalert works with all versions of Elasticsearch.
  • Logagent (open source) is a general log shipper. However, it can schedule Elasticsearch queries (input), filter the results using custom criteria and alert via pluggable outputs like Slack. Thus, using Logagent for alerting on Elasticsearch data is just a matter of configuration.
  • Sentinl extends Kibi or Kibana with Alerting and Reporting functionality to monitor, notify, and report on data series changes using standard queries, programmable validators, and a variety of configurable actions.

Elasticsearch Monitoring Alternatives

Sematext Cloud Elasticsearch integration, Prometheus, Datadog, New Relic, Influx Data, etc. 

Data collected by monitoring a production cluster should be stored in a separate location. With Elastic X-Pack monitoring this means running a second Elasticsearch cluster for monitoring data. Hmm, how do you monitor your monitoring Elasticsearch cluster?  

Using Sematext Cloud, Datadog or other cloud-based monitoring services, your monitoring data gets shipped off-site and is accessible even when your production is experiencing problems. Sematext Cloud can collect and correlate Elasticsearch logs with Elasticsearch metrics and provides alerting and anomaly detection.

Elasticsearch Reporting Alternatives

  • Sematext Cloud and Enterprise – Sematext Cloud provides scheduled queries and reports the results via e-mail, with included PNG snapshots.
  • Skedler provides easy scheduling of PDF, XLS and PNG reports for Kibana dashboards.  Paid plans are only a few hundred dollars per year.
  • Sentinl, Kibana and Kibi plugin for reporting. Think of it as a free and independent “Watcher” which also has scheduled “Reporting” capabilities (PNG/PDFs snapshots).

Elasticsearch Graph Alternatives

Elastic Stack Graph generates nodes and edges for graphs and extends Kibana with a graph display to explore relations.

  • Kibi is a kept-in-sync fork which extends Kibana with a relational data model and the ability to do joins over multiple indices. In addition, it supports relational data from SQL databases. The enterprise edition includes graph visualization, alerting & reporting, security features, additional components and support.
  • Kbn_network Kibana 5 plugin. Open source and free Kibana 5 plugin for network visualization with Apache 2 license.
  • DIY: Cytoscape.js, Visjs.org (open source)

Individual graph visualizations are not too hard to implement. It is mainly a matter of JavaScript frontend programming and converting results of Elasticsearch queries to a graph structure (nodes and edges). There are several good open-source Graph visualization libraries to render graph data structures in the browser.

Elasticsearch Machine Learning Alternatives

  • Sematext Cloud and Enterprise – Sematext Cloud provides anomaly detection for performance metrics and logs, based on a series of machine learning algorithms.  It automatically computes the baseline values for metrics or results of saved searches and triggers alert notifications when new data goes out of bounds of the baseline range.
  • Knowi is a business intelligence tool, natively supporting many SQL and NoSQL data sources including Elasticsearch.  Knowi recently added machine learning capabilities, combining BI and AI in a single platform, to support predictive and prescriptive analytics.

Elasticsearch Production Support Alternatives

  • Elastic offers support for recent versions of Elasticsearch and commercial Elastic extensions. and force users to upgrade frequently. Each Elasticsearch release has some breaking changes and it is very hard for users to update their applications in a similar fast cycle.
  • Sematext – Sematext delivers enterprise-class, worldwide production support for Elasticsearch and ELK Stack (Elasticsearch, Logstash, Kibana), from Elasticsearch 1.x and up!


And there you have it! 
It turns out there are lots of options to pick from and, with time, we are bound to see more and even better alternatives.

Searching for a hosted Elastic Stack as a Service?
Sematext Cloud brings all the Elastic Stack features under one roof and manages the cluster for you!
Try it free for 14 days! See our plans
Free for 14 days. No credit card required

Want to learn more about Elasticsearch and the rest of the Elastic Stack? Don’t forget to download the Cheat Sheet you need. Here they are:

Then, subscribe to our blog or follow @sematext. If you need any help with Elasticsearch, Logstash, and friends – don’t forget that Sematext provides Elasticsearch Consulting, Elasticsearch Production Support, and offer Elasticsearch Training!

See our upcoming Elasticsearch / ELK Stack Online Training courses, covering: Intro to Elasticsearch, Elasticsearch Operations and Elasticsearch for Logging.

 

Java Logging Basics: Concepts, Tools, and Best Practices

Imagine you're a detective trying to solve a crime, but...

Best Web Transaction Monitoring Tools in 2024

Websites are no longer static pages.  They’re dynamic, transaction-heavy ecosystems...

17 Linux Log Files You Must Be Monitoring

Imagine waking up to a critical system failure that has...