Choosing the right database is a critical choice when building any software application. All databases have different strengths and weaknesses when it comes to performance, so deciding which database has the most benefits and the most minor downsides for your specific use case and data model is an important decision. Below you will find an overview of the key concepts, architecture, features, use cases, and pricing models of Elasticsearch and M3 so you can quickly see how they compare against each other.
The primary purpose of this article is to compare how Elasticsearch and M3 perform for workloads involving time series data, not for all possible use cases. Time series data typically presents a unique challenge in terms of database performance. This is due to the high volume of data being written and the query patterns to access that data. This article doesn’t intend to make the case for which database is better; it simply provides an overview of each database so you can make an informed decision.
Elasticsearch vs M3 Breakdown
Distributed search and analytics engine, document-oriented
Time series database
Elasticsearch is built on top of Apache Lucene and uses a RESTful API for communication. It stores data in a flexible JSON document format, and the data is automatically indexed for fast search and retrieval. Elasticsearch can be deployed as a single node, in a cluster configuration, or as a managed cloud service (Elastic Cloud)
The M3 stack can be deployed on-premises or in the cloud, using containerization technologies like Kubernetes or as a managed service on platforms like AWS or GCP
Full-text search, log and event data analysis, real-time application monitoring, analytics
Monitoring, observability, IoT, Real-time analytics, large-scale metrics processing
Horizontally scalable with support for data sharding, replication, and distributed querying
Horizontally scalable, designed for high availability and large-scale deployments
Elasticsearch is an open-source distributed search and analytics engine built on top of Apache Lucene. It was first released in 2010 and has since become popular for its scalability, near real-time search capabilities, and ease of use. Elasticsearch is designed to handle a wide variety of data types, including structured, unstructured, and time-based data. It is often used in conjunction with other tools from the Elastic Stack, such as Logstash for data ingestion and Kibana for data visualization.
M3 is a distributed time series database written entirely in Go. It is designed to collect a high volume of monitoring time series data, distribute storage in a horizontally scalable manner, and efficiently leverage hardware resources. M3 was initially developed by Uber as a scalable remote storage backend for Prometheus and Graphite and later open-sourced for broader use.
Elasticsearch for Time Series Data
Elasticsearch can be used for time series data storage and analysis, thanks to its distributed architecture, near real-time search capabilities, and support for aggregations. However, it might not be as optimized for time series data as dedicated time series databases. Despite this, Elasticsearch is widely used for log and event data storage and analysis which can be considered time series data.
M3 for Time Series Data
M3 is specifically designed for time-series data. It is a distributed and scalable time-series database optimized for handling large volumes of high-resolution data points, making it an ideal solution for storing, querying, and analyzing time-series data.
M3’s architecture focuses on providing fast and efficient querying capabilities, as well as high ingestion rates, which are essential for working with time-series data. Its horizontal scalability and high availability ensure that it can handle the demands of large-scale deployments and maintain performance as data volumes grow.
Elasticsearch Key Concepts
- Inverted Index: A data structure used by Elasticsearch to enable fast and efficient full-text searches.
- Cluster: A group of Elasticsearch nodes that work together to distribute data and processing tasks.
- Shard: A partition of an Elasticsearch index that allows data to be distributed across multiple nodes for improved performance and fault tolerance.
M3 Key Concepts
- Time Series Compression: M3 has the ability to compress time series data, resulting in significant memory and disk savings. It uses two compression algorithms, M3TSZ and protobuf encoding, to achieve efficient data compression.
- Sharding: M3 uses virtual shards that are assigned to physical nodes. Timeseries keys are hashed to a fixed set of virtual shards, making horizontal scaling and node management seamless.
- Consistency Levels: M3 provides variable consistency levels for read and write operations, as well as cluster connection operations. Write consistency levels include One (success of a single node), Majority (success of the majority of nodes), and All (success of all nodes). Read consistency level is One, which corresponds to reading from a single nod
Elasticsearch is a distributed, RESTful search and analytics engine that uses a schema-free JSON document data model. It is built on top of Apache Lucene and provides a high-level API for indexing, searching, and analyzing data. Elasticsearch’s architecture is designed to be horizontally scalable, with data distributed across multiple nodes in a cluster. Data is indexed using inverted indices, which enable fast and efficient full-text searches.
M3 is designed to be horizontally scalable and handle high data throughput. It uses fileset files as the primary unit of long-term storage, storing compressed streams of time series values. These files are flushed to disk after a block time window becomes unreachable. M3 has a commit log, equivalent to the commit log or write-ahead-log in other databases, which ensures data integrity. Client Peer streaming is responsible for fetching blocks from peers for bootstrapping purposes. M3 also implements caching policies to optimize efficient reads by determining which flushed blocks are kept in memory.
Free Time-Series Database Guide
Get a comprehensive review of alternatives and critical requirements for selecting yours.
Elasticsearch provides powerful full-text search capabilities with support for complex queries, scoring, and relevance ranking.
Elasticsearch’s distributed architecture enables horizontal scalability, allowing it to handle large volumes of data and high query loads.
Elasticsearch supports various aggregation operations, such as sum, average, and percentiles, which are useful for analyzing and summarizing data.
M3 uses a commit log to ensure data integrity, providing durability for write operations.
M3’s client peer streaming fetches data blocks from peers for bootstrapping purposes, optimizing data retrieval and distribution.
M3 implements various caching policies to efficiently manage memory usage, keeping frequently accessed data blocks in memory for faster reads.
Elasticsearch Use Cases
Log and Event Data Analysis
Elasticsearch is widely used for storing and analyzing log and event data, such as web server logs, application logs, and network events, to help identify patterns, troubleshoot issues, and monitor system performance.
Elasticsearch is a popular choice for implementing full-text search functionality in applications, websites, and content management systems due to its powerful search capabilities and flexible data model.
Elasticsearch, in combination with other Elastic Stack components, can be used for security analytics, such as monitoring network traffic, detecting anomalies, and identifying potential threats.
M3 Use Cases
Monitoring and Observability
M3 is particularly suitable for large-scale monitoring and observability tasks, as it can store and manage massive volumes of time-series data generated by infrastructure, applications, and microservices. Organizations can use M3 to analyze, visualize, and detect anomalies in the metrics collected from various sources, enabling them to identify potential issues and optimize their systems.
IoT and Sensor Data
M3 can be used to store and process the vast amounts of time-series data generated by IoT devices and sensors. By handling data from millions of devices and sensors, M3 can provide organizations with valuable insights into the performance, usage patterns, and potential issues of their connected devices. This information can be used for optimization, predictive maintenance, and improving the overall efficiency of IoT systems.
Financial Data Analysis
Financial organizations can use M3 to store and analyze time-series data related to stocks, bonds, commodities, and other financial instruments. By providing fast and efficient querying capabilities, M3 can help analysts and traders make more informed decisions based on historical trends, current market conditions, and potential future developments.
Elasticsearch Pricing Model
Elasticsearch is open-source software and can be self-hosted without any licensing fees. However, operational costs, such as hardware, hosting, and maintenance, should be considered. Elasticsearch also offers a managed cloud service called Elastic Cloud, which provides various pricing tiers based on factors like storage, computing resources, and support. Elastic Cloud includes additional features and tools, such as Kibana, machine learning, and security features.
M3 Pricing Model
M3 is an open source database and can be used freely, although you will have to account for the cost of managing your infrastructure and the hardware used to run M3. Chronosphere is the co-maintainer of M3 along with Uber and also offers a hosted observability that uses M3 as the backend storage layer.
Get started with InfluxDB for free
InfluxDB Cloud is the fastest way to start storing and analyzing your time series data.