- Products
- Solutions
- Docs
- Resources
- Contact us
Comparisons
Apache Doris vs Elasticsearch
Elasticsearch and Apache Doris are both popular in observability, cybersecurity, and real-time analytics. However, Elasticsearch can be costly in terms of storage and write resources. Apache Doris reduces these costs through efficient storage and high compression, and offers comprehensive analytical capabilities, such as JOIN and superior query performance.
Featured Migration Cases
“By replacing Elasticsearch with the Doris Commercial Distributed Version supported by VeloDB, GuanceDB showcases a big stride in improving data processing speed and reducing costs.”
70%
Cost reduction
2~3x
Faster full-text search performance
VARIANT (Data Type)
Flexible to handle semi-structured data in log tracing
“Previously, we used multiple components for complex security analysis... Adopting Doris as a unified solution has significantly improved data writes, query performance and storage efficiency.”
4x
Faster write speeds
3x
Better query performance
50%
Storage space savings
“Compared to the original OLAP database, query performance has improved 5-10 times, concurrency has doubled, and analysis time has dropped from 10 minutes to under 1 minute for 90% of cases, all while using just one-third of the original resources.”
2x
Increasing report analysis concurrency
65%
Storage space reduction
SQL
Simplified query with standard SQL
Why Choose Apache Doris
Apache Doris
- Open Source License
Licensed under Apache License 2.0Stable License since governed by the Apache Software Foundation - Architecture
Higher flexibility and elasticity:
Strict workload isolation by workload group, powered by Linux CGroups, ideal for multi-tenancyCompute-Storage decoupled and coupled modes - Deployment
Supports three deployment options:
Cloud-native services on AWS, Azure, and GCP, as well as SaaS and BYOC versions, supported by VeloDB ( a commercial company founded by Apache Doris creators)
On-premise deployment, with extended long-term support from VeloDB
- Real-Time Data WritesHigh throughput: Indexing only on one replicaPull-based ingestion via Kafka CDC, easier and simplerSupport Logstash and Beats output plugin
- Real-Time Data StorageLow storage consumption with compression rates up to 1:5 - 1:10Unique model supports both write and read optimization (MoW & MoR), retaining 90% of write speed when data is duplicated by keyAggregation model supports strong consistency, allows aggregated data updates, and coexists with original dataFlexible Schema Change to meet dynamic business needs
- Real-Time Data QueriesLightning-Fast in various query workloadsSupports multi-table JOINs and optimization for complex analysisEasy to use with standard SQLOpen MySQL ecosystem
Elasticsearch
- Open Source License
License changed from Apache License 2.0 to Elastic License, then to AGPL LicenseChanging license since governed by Elastic NV - Architecture
Traditional deployment with limited elasticity:
Soft Workload Isolation by Thread GroupDoes not support decoupling compute and storage - Deployment
Supports only two deployment options:
Commercial distributed package only supports Cloud SaaS and on-premise - Real-Time Data WritesLow throughput: Indexing for multiple data replicasRequires additional tools like Logstash and Beats for pull-based ingestion, less convenient
- Real-Time Data StorageHigh storage consumption with a compression ratio of 1:1.5Unique model only supports write optimization, with write performance loss up to 3 timesThe aggregation model does not allow aggregated data to be updated and does not coexist with the original dataLimited support for Schema Change
- Real-Time Data QueriesGood at point queries, but not suited for data analysisNo support for multi-table JOINs or complex analysisDifficult for users due to custom DSLProprietary Elasticsearch ecosystem
Performance Comparison
Observability & Cyber Security
The HTTP Logs benchmark is an official Elasticsearch performance test designed for log storage and analysis. It uses a real-world HTTP log dataset to evaluate indexing performance, storage efficiency, and query performance.
This benchmark comprises 11 queries commonly used in log analysis scenarios, including keyword search, time range queries, aggregations, and sorting. As a result, it is highly suitable for assessing performance in observability and network security analysis contexts.
Real-Time Analytics
ClickBench is a benchmarking tool to evaluate the performance of analytical databases. It focuses on testing the performance of large, flat tables rather than complex multi-table joins. It uses real-world data from a major web analytics platform, covering typical scenarios such as clickstream analysis and structured logs.
The benchmark consists of a set of queries that test aggregation operations and single-table performance, without involving complex joins. This makes it especially useful for evaluating databases optimized for real-time analytics and large-scale data processing.
Note: These test results are archived benchmarks captured in December 2024. Current real-time comparisons are maintained at ClickBench.
More Migration Stories
Best PracticeReplacing Apache Hive, Elasticsearch and PostgreSQL with Apache Doris
How does a data service company build its data warehouse? Simplicity is the best policy. See how a due diligence platform increased data writing efficiency by 75%.2024/12/28Tao Wang
Best PracticeCreator of Talkie migrated from Loki and built a PB-scale logging system with Apache Doris
Serving a PB-scale data size with over 99.9% availability, Apache Doris is the vital signs monitor of MiniMax, the maker of Talkie-the soulful AI that is sweeping the world.2024/08/29Apache Doris
Best PracticeApache Doris for log and time series data analysis in NetEase, why not Elasticsearch and InfluxDB?
NetEase, Inc. (NASDAQ: NTES) has replaced Elasticsearch and InfluxDB with Apache Doris in its monitoring and time series data analysis platforms, respectively, achieving 11X query performance and saving 70% of resources.2024/05/23Apache Doris