I love Elasticsearch except for upgrades. Which generally fail miserably every single time.
This means lost events which means Elastic search is not a system of record. Which is BAD.
It's so fragile. The list of stuff I have to fix each time an upgrade comes around is always completely different. It's ridiculous.
And to be honest x-pack makes the whole thing even worse. x-pack is an un-holy broken security nightmare. Why can't I log out of kibana? Why? Like every other product on the planet you can log out of it. Not Kibana. Which means I can't use ANY machine to log in as an administrator and fix say passwords. No I have to boot up a new VM and log in from that VM just to do admin stuff. Just so that I don't lock in the admin credentials on a machine. Seriously fix this.
And why does a minor point release instantly block the plugins? Minor releases should support past version of plugins. Why? This creates SO much downtime and this creates mistrust in the suite. And why do the -plugin commands not auto cast as the process owner if run as root? One little slip up and you have to hunt the file system to find all the root owned files again. This is really a simple fix. On systemd systems it's a simple as: "systemctl cat kibana.service | grep User" to figure out who to cast as.