Elastic X-Pack, like Splunk, is an excellent service that can offer a great deal of value, and these types of services are invaluable to many companies. Unfortunately, however, only those with the biggest budgets can afford them. Many companies are in desperate need of log management software but have to go without it as a result of the high cost of both Elastic X-Pack and Splunk. Thankfully, there are less expensive yet equally effective alternatives to Elastic X-Pack.
There is a good deal of speculation about the pricing model used by Elastic. Many people have inquired about cost per node. As a rule of thumb, pricing can range anywhere from $2000.00 per node (jvm instance) to as high as $7500.00 per instance. Of course, volume discounts apply, but for enterprises with larger clusters, the cost can quickly add up. As a Certified Elastic license reseller, we often consult with many small to large enterprise customers that use Elasticsearch. They often ask about alternatives.
X-Pack Security – Alternative “SearchGuard” cost “FREE”
This feature generates edges and nodes for graphs and adds a graph display to Kibana in order to explore relations. One good alternative to this program is Kibi. A kept-in-sync fork that extends Kibana using a model for relational data, Kibi also has the ability to be extended over multiple, different indices. Not only that; it also supports the relational data that comes from SQL databases. Furthermore, Kibi offers an enterprise edition that includes everything from security features and reporting and alerting to graph visualization and support, as well as additional components.
There’s also an alternative plugin called “Kbn_Network Kibana 5.” This is a free and open source plugin that works with network visualization and an Apache 2 license.
X-Pack Machine Learning
There are a few different alternatives to the machine learning offered by X-Pack, but we’ll just discuss the best two here. The first is Knowi, which is a tool for business intelligence that supports many kinds of different NoSQL and SQL data sources, such as Elasticsearch. Knowi has machine learning abilities as well, because it uses a combination of AI and BI within a single platform in order to support both prescriptive and predictive analytics.
Another machine learning alternative is Sematext Cloud anomaly detection. This can be used to analyze logs and performance metrics through a series of algorithms for machine learning. It computes the values for search results and sends an alert whenever data has left the baseline range.
X-Pack Altering – Alternative “ElastAlerts” cost FREE
X-Pack Altering, formerly called “Watcher,” is the fourth functionality that X-Pack offers. The first alternative to this is a tool called “Elastalert.” This tool works on every version of Elasticsearch and is open-source. Elastalert is used to send out alerts on spikes, anomalies, and patterns of interest data stored within Elasticsearch.
Another alternative to X-Pack Altering is Logagent. This is a general log shipper which schedules queries for Elasticsearch and filters results using its own custom criteria. It can then provide alerts through Slack and other plug-able outputs.
One more alternative to X-Pack Altering is Sentinl. This program extends Kibana or Kibi by the use of reporting and alerting functions to notify, monitor, and report on changes in data series through a variety of different configurable actions, as well as programmable validators and standard queries.
X-Pack Monitoring – Alternative “KOPF or Cerebro” cost FREE