How Cognito iQ Uses ELK and for Monitoring and Customer Support

Industry: Information Technology and Services

Company Size: 51-200

Founded: 1992

HQ: Newbury, Berkshire Products:

Company Profile:

Cloud Infrastructure:

Cognito iQ is a cloud-based platform that enables service organisations to plan, execute, and monitor field performance. The company’s intelligent mobile workflow seamlessly guides field workers through tasks, gathering data on shift performance.

Real time data from the field is presented in easy-to-understand dashboards with the ability to drill down into granular detail to understand operational performance.

Cognito iQ and ELK

Following the move of Cognito iQ’s infrastructure to the cloud and the growing needs of both the engineering and support teams at the company, the existing methods and tools used for monitoring and logging became too costly. The manual work involved in extracting critical insights from the data consumed too many valuable resources from the developers.

To replace these methods, Cognito iQ gradually constructed an ELK-based centralized logging and monitoring system. ELK was chosen for a number of reasons, but first and foremost, they felt that ELK had the flexibility and robustness to handle the requirements of their architecture and company needs.

As Chris Funderburg, site reliability engineer at Cognito iQ, puts it: “ELK was our choice from day one because it was becoming the industry standard, there was a lot of support online, and it did most of what we needed. We found that we could use it for monitoring, metric display, and reporting as a bonus. It’s given us almost-infinite flexibility in how we monitor for problems because our individual support users can craft queries all day long without developers or senior engineers getting involved.”

Why We Chose

The DevOps team at Cognito iQ decided to move to after trying other ELK solutions that did not satisfy the needs of the company.

The first Elasticsearch service they tried suffered from performance issues on a technological level because it used an outdated version that did not support the needs of the team.

Cognito iQ then decided to build their own ELK Stack, a task that quickly became too resource-consuming to maintain in the long run. With limited resources and higher priorities, the company decided that they would rather hand out the heavy lifting involved in maintaining a large ELK deployment to

“We Felt that was the right fit since it had both a very straightforward pricing model and the pre-made ELK Apps were a major selling point for our support teams. Using the geo-location apps, we could literally see our customer agents out in the field.”

Making the Move to

The move from Cognito iQ’s ELK stack to was smooth. The existing logging infrastructure consisted of one Logstash instance per server. To integrate with, the only engineering that had to be done was configuring Logstash to output to the listeners.

Who Uses

Cognito iQ ships around 150 GB of log data to per day. This data is used not only by the DevOps team for log analysis and troubleshooting issues but also by the company’s support team, which uses to analyze the behavior of users and monitor error messages.

“For Cognito iQ, having the ability to share log data with multiple users and across multiple indexes is key to correctly understanding what users are experiencing and — ultimately — how to resolve cases more quickly.”

The Results

Instead of spending a huge amount of resources on building and maintaining an ever-growing ELK Stack, the DevOps team at Cognito iQ can now focus on improving the company’s core engineering processes. The support team can also use to monitor for and resolve issues before they impact customers.

You might also like

Mediatonic Logo


The Central Source of Truth: Fall Guys and Mediatonic


How Robofirm Provides Highly-Available Logging Services with


How Rent-A-Center Uses’s Cognitive Insights to Tackle Irregularities in Log Data