The University of California at Davis, an institution with over 30,000 students and significant research commitments, faced a complex digital security challenge due to its vast infrastructure, including 5,000 servers and 170,000 user accounts. To address the inefficiencies of their legacy security tool, ArcSight, UC Davis adopted Elastic to enhance their Security Operations Center (SOC). This transition was driven by the need for a centralized, cost-effective, and easily maintainable security logging platform with improved data visibility and federated access control. The migration to Elasticsearch, which took six months, allowed the university to handle an average of 800GB of data daily, optimizing log retention for cost benefits while empowering student analysts with valuable skills for future employment. Elastic's implementation reduced costs, delivered high performance, and bolstered the university's security, positioning UC Davis to further integrate security and machine learning into its research and educational endeavors.