23. 12. 2020 Mirko Bez Log-SIEM

How I Became an Elastic Certified Professional

Today I want to share with you my journey to becoming an Elastic Certified Professional by obtaining an Elastic Certified Engineer certificate. My daily experience as a NetEye SIEM consultant was a great help, because I could apply and internalize the concepts I learned directly in the field. But let’s start at the beginning.

Wait… An Elastic Certification?

Yes. Well, actually two. Currently, Elasticsearch provides two certification programs: Elastic Certified Engineer and Elastic Certified Analyst. In the future there will be also a third certification: Elastic Certified Observability Engineer. You can find the most important and up-to-date information, like the ELK Version used in the exam, how to prepare for the exam, and so on in this FAQ on the official Elasticsearch page. Briefly and broadly speaking, while the Elastic Certified Engineer certification tests your know-how about the Elasticsearch cluster infrastructure like shard filtering, templates, security and mappings, the Elastic Certified Analyst certification tests your ability to analyze data with the aid of Kibana applications. In this blog post I will just talk about the Elastic Certified Engineer certificate.

My Preparation

Thanks to Wuerth-Phoenix I could attend both the Elastic Certified Engineer I and Elastic Certified Engineer II courses. These courses are provided directly by Elasticsearch and taught by well-prepared instructors. The virtual courses are provided on the Strigo platform. Additionally, a cloud test environment is provided and can be used for the entire duration of the course. The material supplied is of excellent quality:

  • The slides contain all necessary information and many external links;
  • The exercises are realistic and straight to the point;
  • Data is provided for use with the exercises
  • The exercises most relevant to the exams are highlighted

Thanks to the material provided it’s possible to build a local environment which I could use to repeat all the exercises at my own speed while reviewing the training material.

At this point I took a better look at the certification topics and reviewed the training material, giving more weight to the certification topics and the exam preparation exercises. When I felt confident in all the exam topics and the related exercises I eventually scheduled my exam.

The Exam

The scheduling of the exam is flexible and can be performed short term. Since the website is American, you should be careful in choosing your exam time. Nonetheless if you make a mistake, it’s even possible to re-schedule the exam within 24 hours of taking it (I speak from experience here).

During the exam you should keep the camera on, and you must share the screen with a proctor who checks that you’re not cheating. Trust me, during the exam you will not think at all about the proctor watching you. The time at your disposal is quite generous, and allows you to perform the exercises without hurry.

The exam is a practically one, and the questions are well-defined and very clear. I found the exam fair, because there were no tricky multiple choice theoretical questions, and was also quite realistic, because the questions were practical and the documentation was available (just like as it would be in daily life).


I’ve briefly shared some useful Information about my journey in obtaining this certification. I really appreciated that training and the accompanying material was not only focused on obtaining the certification, but provided additional information that I could use (and have used!) in my daily activity as a NetEye SIEM consultant.

My suggestion is to follow the course, build a local test environment and review the material and exercises focused on the certification topics. You can even do this two or three times. Finally, you will never feel prepared enough so schedule the exam and then go do it. Good Luck!

Mirko Bez

Mirko Bez

Consultant at Würth Phoenix


Mirko Bez

Consultant at Würth Phoenix

Leave a Reply

Your email address will not be published. Required fields are marked *