Elastic Stack Features (formerly X-Pack) is an Elastic Stack extension that bundles security, alerting, monitoring, reporting, and graph capabilities. One could use either all or specific components.
Elastic Stack Features as Splunk Alternative
People love Splunk. But not its price. So people are always on a lookout for a good Splunk alternative. Many of those people migrated from Splunk to ELK Stack or Hosted ELK Stack solutions like Logsene.
The situation with Elastic Stack Features (formerly X-Pack) is similar. It’s a nice package of tools bundled with professional services, but people don’t love “Elastic Stack Features” pricing. Thus, naturally, people again look for “Elastic Stack Features” alternatives. Luckily, there are a number of alternatives for each “Elastic Stack Features” component.
Before we start, check out two useful Cheat Sheets to guide you through Elasticsearch and help boost your productivity and save time when you’re working with this open-source search engine.
Elasticsearch Developer Cheat Sheet
Elastic Stack Features (formerly X-Pack) Alternatives
Let’s unpack the X-Pack and see what X-Pack alternatives are available as either open source tools, commercial alternatives, or cloud services:
|Elastic Stack (formerly X-Pack) Functionality||Alternatives|
|Elasticsearch Security (formerly X-Pack Security)||SearchGuard
Sematext Cloud or Enterprise
|Elasticsearch Alerting (formerly X-Pack Alerting)||Elastalert
|Elasticsearch Monitoring (formerly X-Pack Monitoring)||Sematext Cloud Elasticsearch integration, Prometheus, Datadog, New Relic, etc.|
|Reporting (formerly X-Pack Reporting)||Skedler
|Graph (formerly X-Pack Graph)||Kibi
DIY: Cytoscape.js, Visjs.org (open source)
(formerly X-Pack Machine Learning)
Sematext Cloud and Enterprise
|Elasticsearch Support||Sematext production support for Elasticsearch and ELK Stack (Elasticsearch, Logstash, Kibana), from Elasticsearch 1.x and up!|
Let’s dive deeper into each alternative:
Elasticsearch Security (former Shield) Alternatives
- SearchGuard provides a free, open-source alternative to X-Pack Security. SearchGuard support and enterprise features are not free of charge – the license model is per cluster – but it is probably a cost saver relative to X-Pack. Learn more about Securing Elasticsearch and Kibana with SearchGuard.
- Sematext Cloud or Enterprise for time series data use case – like metrics, logs: Sematext Cloud provides role-based access control and SSL/TLS encryption. If you are on a lookout for a secure alternative for time series data such as logs or metrics, Sematext Cloud might be a good alternative.
Elasticsearch Alerting (former Watcher) Alternatives
- Elastalert (open source) is a simple and popular open source tool for alerting on anomalies, spikes, or other patterns of interest found in data stored in Elasticsearch. Elastalert works with all versions of Elasticsearch.
- Logagent (open source) is a general log shipper. However, it can schedule Elasticsearch queries (input), filter the results using custom criteria and alert via pluggable outputs like Slack. Thus, using Logagent for alerting on Elasticsearch data is just a matter of configuration.
- Sentinl extends Kibi or Kibana with Alerting and Reporting functionality to monitor, notify, and report on data series changes using standard queries, programmable validators, and a variety of configurable actions.
- Sematext Cloud provides alerts on metrics and logs. It offers alerting based on threshold or statistical anomaly detection, as well as heartbeat alerts. It comes with default alerts for all integrations (e.g. for disk storage or JVM garbage collector, etc.) and features ChatOps integrations like PagerDuty, Slack, HipChat, BigPanda, WebHooks, Pushover, e-mail, etc.
Elasticsearch Monitoring Alternatives
Sematext Cloud Elasticsearch integration, Prometheus, Datadog, New Relic, Influx Data, etc.
Data collected by monitoring a production cluster should be stored in a separate location. With Elastic X-Pack monitoring this means running a second Elasticsearch cluster for monitoring data. Hmm, how do you monitor your monitoring Elasticsearch cluster?
Using Sematext Cloud, Datadog or other cloud-based monitoring services, your monitoring data gets shipped off-site and is accessible even when your production is experiencing problems. Sematext Cloud can collect and correlate Elasticsearch logs with Elasticsearch metrics and provides alerting and anomaly detection.
Elasticsearch Reporting Alternatives
- Skedler provides easy scheduling of PDF, XLS and PNG reports for Kibana dashboards. Paid plans are only a few hundred dollars per year.
- Sentinl, Kibana and Kibi plugin for reporting. Think of it as a free and independent “Watcher” which also has scheduled “Reporting” capabilities (PNG/PDFs snapshots).
- Sematext Cloud and Enterprise – Sematext Cloud provides scheduled queries and reports the results via e-mail, with included PNG snapshots.
Elasticsearch Graph Alternatives
Elastic Stack Graph generates nodes and edges for graphs and extends Kibana with a graph display to explore relations.
- Kibi is a kept-in-sync fork which extends Kibana with a relational data model and the ability to do joins over multiple indices. In addition, it supports relational data from SQL databases. The enterprise edition includes graph visualization, alerting & reporting, security features, additional components and support.
- Kbn_network Kibana 5 plugin. Open source and free Kibana 5 plugin for network visualization with Apache 2 license.
- DIY: Cytoscape.js, Visjs.org (open source)
Elasticsearch Machine Learning Alternatives
- Knowi is a business intelligence tool, natively supporting many SQL and NoSQL data sources including Elasticsearch. Knowi recently added machine learning capabilities, combining BI and AI in a single platform, to support predictive and prescriptive analytics.
- Sematext Cloud and Enterprise – Sematext Cloud provides anomaly detection for performance metrics and logs, based on a series of machine learning algorithms. It automatically computes the baseline values for metrics or results of saved searches and triggers alert notifications when new data goes out of bounds of the baseline range.
Elasticsearch Production Support Alternatives
- Elastic offers support for recent versions of Elasticsearch and commercial Elastic extensions. and force users to upgrade frequently. Each Elasticsearch release has some breaking changes and it is very hard for users to update their applications in a similar fast cycle.
- Sematext – Sematext delivers enterprise-class, worldwide production support for Elasticsearch and ELK Stack (Elasticsearch, Logstash, Kibana), from Elasticsearch 1.x and up!
And there you have it! It turns out there are lots of options to pick from and, with time, we are bound to see more and even better alternatives.
Want to learn more about Elasticsearch and the rest of the Elastic Stack? Don’t forget to download the Cheat Sheet you need. Here they are:
Elasticsearch DevOps Cheat Sheet
Elasticsearch Developer Cheat Sheet
Then, subscribe to our blog or follow @sematext. If you need any help with Elasticsearch, Logstash, and friends – don’t forget that Sematext provides Elasticsearch Consulting, Elasticsearch Production Support, and offer Elasticsearch Training!
See our upcoming Elasticsearch / ELK Stack Online Training courses, covering: Intro to Elasticsearch, Elasticsearch Operations and Elasticsearch for Logging.