Seeking comments - Solr and Elasticsearch

["Yerex, Tom" <to...@ubc.ca>]

Good afternoon,


I’m fishing for some insight and experience, hopefully someone has a strong opinion and is willing to share.

 

We are currently exploring the indexing options available in Metron. From what I can gather Elasticsearch has a great marketing budget and Solr has some large organizations using it such as Walmart, but they both are essentially the same thing under the hood. I see the latest version of Elastic is moving into SIEM territory, which troubles me as I like a product with focus, I appreciate that Solr seems to be focussed on doing what it does and only that.

 

We use Elasticsearch in another log-related project here, it is a bit of a love-hate relationship but overall the product works well with proper planning and care. Solr has never been used before, but I personally like the interface and it has the feel of a technically challenging but somehow more mature product. We are not particularily invested in one solution over the other and any comparison so far has been fairly superficial.

 

Something in my gut suggests to me that we may be better off using Solr, but I can’t quite pinpoint my reason on a technical level. Has anyone been considering these options and had some insight or a good reason to choose one over the other? Perhaps you found a good reason to run both?

 

Thank you,

 

Tom.