Observability bills can get out of control with Elasticsearch. But no need to rebuild ELK, just replace the expensive part (Elasticsearch) with something cheaper and faster, like VeloDB(powered by Apache Doris https://doris.apache.org/) 😉 💡 Results of moving from Elasticsearch to VeloDB: - 80% lower observability cost - 2x faster searches - 10x faster aggregations Best part? Your Logstash and Kibana pipeline stays the same, and swapping out Elasticsearch with VeloDB is an easy drop-in. We ran a demo for Elasticsearch to VeloDB migration, it took less than 10 mins, thanks to these two plugins below: 1️⃣ Doris Output Plugin (Logstash → VeloDB) - Logstash keeps doing Logstash things. - Same filters, same pipelines, same parsing. - You just point the output to VeloDB and Stream Load handles the ingestion. 2️⃣ es2doris Proxy (Kibana → VeloDB) - Kibana thinks it’s talking to Elasticsearch. - It sends DSL → proxy converts it to SQL → VeloDB returns results → proxy formats them like Elasticsearch. - Discover, dashboards, alerts, all work stay the same. How VeloDB solves the Elasticsearch problem: 1️⃣ Columnar storage with high compression 2️⃣ Built-in inverted index for fast keyword search in log 3️⃣ Faster scan + aggregation engine 4️⃣ Much lower CPU and disk footprint If you’re exploring Elasticsearch alternatives or planning infra budgets, this is worth a look.

Hi @Young, do you have any presentation or recording about this? My team is considering moving away from ElasticSearch, but the idea would be to switch to OpenSearch

oh @Michele, I will share with you some presentations