16. 03. 2026 Daniele Saccon APM, Knowledge Management, Log-SIEM, Training

Inside Elastic Certifications: My Experience Between Preparation and Exams

In this article I’d like to share my experience with Elastic certifications.

Recently, I had the opportunity to take the Elastic Certified Engineer and Elastic Certified Observability Engineer exams and I’d like to describe my preparation, experience and finally share some useful tips for anyone else who wants to follow the same path.

Overview of Elastic Certifications

Elastic currently offers four certifications:

  • Elastic Certified Engineer: aimed at professionals who design, implement, and manage Elasticsearch clusters. It covers topics such as data indexing, advanced searches, aggregations and cluster administration.
  • Elastic Certified Analyst: designed for those who use Kibana to analyze data in Elasticsearch, creating visualizations, interactive dashboards and reports.
  • Elastic Certified Observability Engineer: focused on the use of the Elastic Stack for observability. It includes collecting and analyzing logs, metrics and APM traces to monitor applications and infrastructure.
  • Elastic Certified SIEM Analyst: dedicated to security professionals who use Elastic Security for SIEM activities, threat detection and incident investigation.

You can find the most important and up-to-date information about these certifications at this link.

Preparation

For both exams I enrolled in the related On-Demand courses. Elastic periodically makes these training courses available for free. The courses consist of:

  • A series of videos and slides that explain the various topics and features in detail, with references to the official Elastic documentation
  • A fully installed and preconfigured lab environment that allows you to work on realistic exercises

The combination of videos, slides and hands-on labs makes it possible to learn the solutions clearly and quickly, both to confidently approach the exams and to apply them correctly in your own Elastic clusters.

At this link, you can find all the information related to Elastic training.
On the FAQ page, you can also find useful information such as the Elastic Stack version used in the exams, preparation tips, costs and other details.

Tips

Before taking the exam, I recommend that you:

  • Review and redo the labs multiple times to become familiar with the exercises and the exam environment. The most relevant exercises are highlighted, so pay special attention to them.
  • Become familiar with the official Elastic documentation. You won’t have access to the Internet during the exam, but you will be able to consult the available documentation. As practice, when you get stuck during labs, try looking directly in the Elastic documentation instead of online.
  • Check the FAQ page, where a dedicated exam preparation workshop is available, covering both organizational aspects and example exercises.
  • Review the list of topics available on the exam page and review those in which you feel less confident.

After following these steps, I felt confident enough to schedule the exam.

Exam

After purchasing an exam attempt, you will receive an email with all the necessary instructions: exam scheduling, PC requirements, Internet connection, and other useful information.
You can take the exam on any day and at any time. The exam must be scheduled at least 24 hours in advance, while rescheduling is allowed up to 24 hours before the exam.

During the exam, you must keep your webcam on and share your screen with a proctor who verifies that the exam is conducted correctly. My advice is not to be distracted by the presence of the proctor, but to stay fully focused on the exam itself.

The exams focus on practical skills in using the Elastic Stack. Both exams I took lasted 3 hours and consisted of 10 tasks. For each task, you are required to complete a hands-on exercise similar to those found in the labs. Tasks can have different weights, so it’s important to carefully choose which ones to start with.

For the Elastic Certified Engineer exam, I used the full 3 hours available, while for the Elastic Certified Observability Engineer exam, I completed all tasks in about 2 hours.

Time management is thus a key aspect. Adopt the strategy that works best for you, but always keep an eye on the countdown timer (without letting it stress you out!).

Personally, I tried not to exceed 18 minutes per task, especially at the beginning, to avoid taking time away from later tasks. If you get stuck on an exercise, move on to the next one and come back to it later.

Conclusion

The Elastic Certified Engineer exam is not easy, while the Elastic Certified Observability Engineer exam is more accessible.

However, both represent an excellent opportunity to acquire skills in a rapidly growing technology stack and to obtain official recognition of your abilities and knowledge of the Elastic Stack.

Everything I learned during this journey is now fundamental to my daily work as a NetEye consultant, especially in the Elastic and Observability part, allowing me to use these technologies more effectively and consciously.

This is my experience and the information I consider most useful. I hope it helps you out.
All that’s left is to wish you good luck! 🚀

These Solutions are Engineered by Humans

Are you passionate about performance metrics or other modern IT challenges? Do you have the experience to drive solutions like the one above? Our customers often present us with problems that need customized solutions. In fact, we’re currently hiring for roles just like this as well as other roles here at Würth IT Italy.

Daniele Saccon

Daniele Saccon

Author

Daniele Saccon

Related Content

Tags:

01. 04. 2026 Bug Fixes, NetEye

NetEye 4 – Security Advisory (Grafana)

Important: Grafana security update Type/Severity NetEye Product Security has rated this update as having a high security impact. Topic An update for the grafana packages is now available for NetEye 4. Security Fix for NetEye 4.46 grafana-12.4.2_neteye3.29.2-1 Summary There are several patched vulnerabilities. Read More
31. 03. 2026 Log-SIEM, NetEye, Unified Monitoring

Massive Near-Real-Time Monitoring with NetEye

Hello to you all. It's been a while. Don't worry though, this won't be a long and technical post. It's just to let you know I'm doing (almost) well and to tell you about our latest news. The Metrics Challenge Read More
23. 03. 2026 Cloud, Log-SIEM

How to Collect Cloudwatch AWS Logs in NetEye

Recently we had to monitor an EKS cluster and several other resources using NetEye. AWS already provides solid dashboards out of the box, but log analysis isn't as flexible as in Elasticsearch, and costs can easily grow out of control. Read More
05. 03. 2026 Bug Fixes, NetEye

NetEye 4 – Security Advisory (GLPI)

Important: GLPI security update Type/Severity NetEye Product Security has rated this update as having a high security impact. Topic An update for the glpi packages is now available for NetEye 4. Security Fix for NetEye 4.46 10.0.24_neteye1.17.5-1 Summary The vulnerability is about a Read More
04. 03. 2026 Bug Fixes, NetEye

NetEye 4 – Security Advisory (Lampo)

Important: Lampo security update Type/Severity NetEye Product Security has rated this update as having a medium security impact. Topic An update for the lampod packages is now available for NetEye 4. Security Fix for NetEye 4.46 1.1.3-1 Summary The vulnerability is about sensitive Read More

Leave a Reply

Your email address will not be published. Required fields are marked *

Search by technology

Contact

Contact us
Serviceportal

Archive