Elastic Stack
Core Stack Components
Distributed search and analytics engine built on Apache Lucene, providing full-text search, structured search, and analytics capabilities with horizontal scalability and near real-time performance.
Server-side data processing pipeline that ingests data from multiple sources, transforms it, and sends it to your preferred destination with powerful filtering and parsing capabilities.
Data visualization and exploration tool for Elasticsearch, providing interactive dashboards, charts, maps, and a management interface for the Elastic Stack.
Lightweight data shippers that send operational data from hundreds or thousands of machines to Logstash or Elasticsearch, with specialized beats for different data types.
Observability
Application Performance Monitoring solution built on the Elastic Stack for monitoring software services and applications in real-time, collecting performance metrics and errors.
Active monitoring solution for tracking the availability and response times of services, websites, and APIs with alerting capabilities when services go down.
Centralized logging solution for collecting, searching, and analyzing log data from all your systems and applications in one place with powerful search and correlation.
Infrastructure and application metrics monitoring for collecting, storing, and visualizing time-series data from your servers, containers, and services.
Synthetic monitoring for simulating user journeys and testing application workflows to proactively detect performance issues and broken functionality.
Security
Security Information and Event Management solution built on Elasticsearch for threat detection, investigation, and incident response with machine learning-powered analytics.
Comprehensive endpoint protection for preventing, detecting, and responding to threats on desktops, laptops, and servers with behavioral analysis and threat prevention.
Advanced security analytics platform leveraging machine learning and behavioral analytics to detect sophisticated threats and insider risks across your environment.
Cloud-native security posture management and threat detection for AWS, Azure, and GCP environments, identifying misconfigurations and security risks.
Data Processing
Pre-processing pipelines that transform and enrich documents before indexing, allowing you to parse, normalize, and enhance data as it enters Elasticsearch.
Continuous data transformation feature that creates entity-centric indexes from existing Elasticsearch indices, enabling pivot table-like aggregations and summarizations.
Ingest processor that enriches documents with data from existing indices, enabling you to augment incoming data with reference information during indexing.
SQL interface for Elasticsearch that allows you to query your data using familiar SQL syntax instead of the native Query DSL, with JDBC and ODBC drivers.
Infrastructure & Deployment
Fully managed Elastic Stack as a service across AWS, Azure, and GCP with automated upgrades, backups, and scaling for simplified deployment and operations.
Kubernetes operator for orchestrating Elasticsearch, Kibana, APM Server, and Beats on Kubernetes with automated deployment, scaling, and lifecycle management.
Centralized management for Elastic Agents, providing a web-based UI in Kibana for deploying, configuring, and monitoring agents across your infrastructure at scale.
Built-in backup and recovery system for Elasticsearch clusters, supporting incremental backups to various storage backends including S3, Azure, and GCS.
Integrations & Agents
Unified agent for collecting logs, metrics, and security data, replacing multiple Beats with a single configurable agent managed centrally through Fleet.
Lightweight shipper for forwarding and centralizing log data, monitoring log files and directories, and shipping them to Elasticsearch or Logstash.
Lightweight shipper for metrics that collects system and service metrics from servers, Docker, Kubernetes, databases, and other infrastructure components.
Lightweight network packet analyzer that captures network traffic between application servers, decodes protocols, and correlates requests with responses.
Lightweight shipper for uptime monitoring that actively probes services to check whether they are available, measuring response time and service availability.
Lightweight shipper for audit data that collects Linux audit framework data and monitors file integrity, detecting changes to critical files in real-time.
Additional Tools
Macro-benchmarking framework for Elasticsearch that allows you to performance test your cluster with different configurations, track performance over time, and identify bottlenecks.
Tool for managing Elasticsearch indices and snapshots, automating tasks like deleting old indices, optimizing indices, and snapshot management based on configurable policies.
Built-in machine learning capabilities for anomaly detection, forecasting, and data frame analytics, automatically identifying unusual patterns in time-series data.
Presentation-style reporting tool in Kibana for creating custom, dynamic, multi-page displays of live data with pixel-perfect layouts and interactive elements.
Graph exploration capabilities for discovering relationships in your Elasticsearch data, revealing connections and patterns that are not obvious from individual documents.