Elastic events are always packed with product information and customer case presentations. Last week was the ElasticOn event. Devoteam’s client, the Dutch National Police, presented their elastic case at this event last week.
Being a Dutch citizen I have never worked in a Dutch only environment. I have always worked for companies or clients with platforms and services with a global focus. Now I am working for the first time in my career for the public sector, at the Dutch National Police. So how nice is that, working as Dutchmen on a Dutch public sector project with global observability, logs and monitoring product Elastic.
Bringing data to a single place
From the various presentations, but especially customer presentations and use cases, it is all about storing and bringing data to a single place. And whether that is for complying to GDPR and local laws or helping users of the data improve observation and operation, it comes down to utilizing the data in the best possible way.
Use associated components
Two presentations were from the national police forces from different countries. The data, amount of applications and contents are roughly the same but where Elastic is used for is different. What I find strong about using Elasticsearch and associated components is that it fits the different use cases very well. It doesn’t matter what kind of use cases you have. It is just a matter of identifying the data sources and starting to collect and ingest the data and work on your specific area.
Start small and expand when you are ready
Working on high level designs towards low level designs before implementing Elasticsearch can take too long and become too complex. So therefore it is key to start small and expand when you are ready.
The environments we work in change rapidly.
Luckily Elastic is ahead of the game and evolving the product to what is needed, even before we know it. As a result of this a lot of features come out of the box and are ready to be used after installation. Especially for the SIEM and security environments this can be a quick and big win. However, this does mean that while starting or continuing to work and enhance your Elastic environment you have to take into account the releases provided. New features and stack improvements arrive on a frequent basis, so make sure your stack is well looked after.