Need advice about which tool to choose?Ask the StackShare community!
Elasticsearch vs Splunk: What are the differences?
Developers describe Elasticsearch as "Open Source, Distributed, RESTful Search Engine". Elasticsearch is a distributed, RESTful search and analytics engine capable of storing data and searching it in near real time. Elasticsearch, Kibana, Beats and Logstash are the Elastic Stack (sometimes called the ELK Stack). On the other hand, Splunk is detailed as "Search, monitor, analyze and visualize machine data". Splunk Inc. provides the leading platform for Operational Intelligence. Customers use Splunk to search, monitor, analyze and visualize machine data.
Elasticsearch belongs to "Search as a Service" category of the tech stack, while Splunk can be primarily classified under "Log Management".
Elasticsearch is an open source tool with 42.4K GitHub stars and 14.2K GitHub forks. Here's a link to Elasticsearch's open source repository on GitHub.
According to the StackShare community, Elasticsearch has a broader approval, being mentioned in 2003 company stacks & 979 developers stacks; compared to Splunk, which is listed in 31 company stacks and 29 developer stacks.
Hey everybody! (1) I am developing an android application. I have data of around 3 million record (less than a TB). I want to save that data in the cloud. Which company provides the best cloud database services that would suit my scenario? It should be secured, long term useable, and provide better services. I decided to use Firebase Realtime database. Should I stick with Firebase or are there any other companies that provide a better service?
(2) I have the functionality of searching data in my app. Same data (less than a TB). Which search solution should I use in this case? I found Elasticsearch and Algolia search. It should be secure and fast. If any other company provides better services than these, please feel free to suggest them.
Thank you!
Hi Rana, good question! From my Firebase experience, 3 million records is not too big at all, as long as the cost is within reason for you. With Firebase you will be able to access the data from anywhere, including an android app, and implement fine-grained security with JSON rules. The real-time-ness works perfectly. As a fully managed database, Firebase really takes care of everything. The only thing to watch out for is if you need complex query patterns - Firestore (also in the Firebase family) can be a better fit there.
To answer question 2: the right answer will depend on what's most important to you. Algolia is like Firebase is that it is fully-managed, very easy to set up, and has great SDKs for Android. Algolia is really a full-stack search solution in this case, and it is easy to connect with your Firebase data. Bear in mind that Algolia does cost money, so you'll want to make sure the cost is okay for you, but you will save a lot of engineering time and never have to worry about scale. The search-as-you-type performance with Algolia is flawless, as that is a primary aspect of its design. Elasticsearch can store tons of data and has all the flexibility, is hosted for cheap by many cloud services, and has many users. If you haven't done a lot with search before, the learning curve is higher than Algolia for getting the results ranked properly, and there is another learning curve if you want to do the DevOps part yourself. Both are very good platforms for search, Algolia shines when buliding your app is the most important and you don't want to spend many engineering hours, Elasticsearch shines when you have a lot of data and don't mind learning how to run and optimize it.
Rana - we use Cloud Firestore at our startup. It handles many million records without any issues. It provides you the same set of features that the Firebase Realtime Database provides on top of the indexing and security trims. The only thing to watch out for is to make sure your Cloud Functions have proper exception handling and there are no infinite loop in the code. This will be too costly if not caught quickly.
For search; Algolia is a great option, but cost is a real consideration. Indexing large number of records can be cost prohibitive for most projects. Elasticsearch is a solid alternative, but requires a little additional work to configure and maintain if you want to self-host.
Hope this helps.
Pros of Elasticsearch
- Powerful api326
- Great search engine315
- Open source230
- Restful214
- Near real-time search199
- Free97
- Search everything84
- Easy to get started54
- Analytics45
- Distributed26
- Fast search6
- More than a search engine5
- Highly Available3
- Awesome, great tool3
- Great docs3
- Easy to scale3
- Fast2
- Easy setup2
- Great customer support2
- Intuitive API2
- Great piece of software2
- Reliable2
- Potato2
- Nosql DB2
- Document Store2
- Not stable1
- Scalability1
- Open1
- Github1
- Elaticsearch1
- Actively developing1
- Responsive maintainers on GitHub1
- Ecosystem1
- Easy to get hot data1
- Community0
Pros of Splunk
- Ability to style search results into reports2
- Alert system based on custom query results2
- API for searching logs, running reports2
- Query engine supports joining, aggregation, stats, etc2
- Query any log as key-value pairs1
- Splunk language supports string, date manip, math, etc1
- Granular scheduling and time window support1
- Custom log parsing as well as automatic parsing1
- Dashboarding on any log contents1
- Rich GUI for searching live logs1
Sign up to add or upvote prosMake informed product decisions
Cons of Elasticsearch
- Resource hungry7
- Diffecult to get started6
- Expensive5
- Hard to keep stable at large scale4
Cons of Splunk
- Splunk query language rich so lots to learn1
Sign up to add or upvote consMake informed product decisions
What is Elasticsearch?
What is Splunk?
Need advice about which tool to choose?Ask the StackShare community!
What companies use Elasticsearch?
What companies use Splunk?
Sign up to get full access to all the companiesMake informed product decisions
What tools integrate with Splunk?
Sign up to get full access to all the tool integrationsMake informed product decisions
Blog Posts
+6
+17
+8
+12
+4
+23
+10+42