Graylog vs USM Anywhere comparison

Graylog
Read 18 Graylog reviews
  • 10,115 Views
  • 8,549 Comparison Views
94% willing to recommend
USM Anywhere
Read 113 USM Anywhere reviews
  • 4,007 Views
  • 2,637 Comparison Views
92% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Jul 23, 2023

We compared Graylog and USM Anywhere based on our users' reviews in five categories. We reviewed all of the data and you can find the conclusion below.

  • Features: Graylog stands out with its exceptional search functions, seamless integration with Elasticsearch, and real-time data access. USM Anywhere is highly regarded for its extensive reporting capabilities, thorough vulnerability assessment, seamless file integration, and user-friendly management features. Graylog could benefit from additional customization options and an improved rule-creation process. USM Anywhere users have suggested improvements in self-service plugin management, database optimization, and third-party threat intelligence integration.

  • Service and Support: Graylog's customer service is generally well-regarded, with reviewers noting effective solutions and satisfactory experiences. While response times may differ, Graylog's support is considered superior compared to that of other products. Some users say that USM Anywhere's customer service is knowledgeable and responsive, while others have faced delays and incomplete answers.

  • Ease of Deployment: Some Graylog users said the setup was easy. Other reviewers faced challenges, but these were easily resolved with help from the vendor’s support staff. Graylog is easier to set up in smaller environments, but it could get complicated in large clusters. The initial setup for USM Anywhere is generally considered to be straightforward if the user has technical knowledge. Vendor assistance is also available during the deployment phase.

  • Pricing: Graylog offers an enterprise edition and an open-source option with a daily capacity restriction. Some users said that data costs can be expensive. USM Anywhere is seen as more cost-effective than premium solutions like IBM QRadar and Splunk, with pricing considered reasonable and relatively low.

  • ROI: Graylog can offer some cost savings. The precise ROI may vary depending on the organization’s size and use case. USM Anywhere has garnered favorable feedback regarding its ROI.

Conclusion: Users find the setup process for USM Anywhere to be straightforward and easy, with professional service hours provided for best practices. The intuitive user interface and vulnerability assessment package are highly appreciated. Users also value cloud deployment, reporting capabilities, and ease of management. On the other hand, Graylog is praised for its detailed search capabilities but is criticized for requiring more customization options and improvements in rule creation and infrastructure cost. USM Anywhere is considered a cost-effective option in comparison to other solutions, making it the preferred product.
DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Graylog vs. USM Anywhere Report (Updated: June 2024).
Buyer's Guide
Graylog vs. USM Anywhere
June 2024
Download the complete report
Helped 787,061 peers since 2012
 

Categories and Ranking

Graylog
Ranking in Log Management
11th
Average Rating
8.0
Number of Reviews
18
Ranking in other categories
No ranking in other categories
USM Anywhere
Ranking in Log Management
17th
Average Rating
8.4
Number of Reviews
113
Ranking in other categories
Security Information and Event Management (SIEM) (13th), Endpoint Detection and Response (EDR) (31st), Compliance Management (8th)
 

Market share comparison

As of June 2024, in the Log Management category, the market share of Graylog is 8.6% and it increased by 0.8% compared to the previous year. The market share of USM Anywhere is 0.8% and it decreased by 76.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
Unique Categories:
No other categories found
Security Information and Event Management (SIEM)
1.3%
Endpoint Detection and Response (EDR)
0.2%
 

Featured Reviews

Andrey Mostovykh - PeerSpot reviewer
Sep 27, 2022
Real-time analysis, easy setup, and open source
We stopped using it for analytics because of its price, and at the moment, we are using it mostly for log centralization. If you use it with high traffic for analytical purposes, as well as for the logs, the infrastructure costs are unbelievable. Graylog is a great product backed by Elasticsearch as the storage and query engine. It is just an interface on top of Elasticsearch and some Elasticsearch management. The indexes that are kept in Elasticsearch are managed by Graylog software. Elasticsearch is a decent product, but it's very infrastructure-heavy. It requires lots of resources, and if you make a mistake with provisioning, you are likely to not get a cluster back. We had a couple of outages like that, and we hated that. So, we ended up over-provisioning resources just to avoid such situations from happening. If you have a whole team trying to fix the Graylog instance for two days, that's a bit too much. That may be my Norwegian take on it, but the engineering resources are expensive. It's better to just provision the infrastructure. Overall, the product is great, and the features are just fine, but the infrastructure cost is what is killing it. The infrastructure cost is the main issue. I like the rest. If the infrastructure costs could be lower, it would be fantastic. I'm not sure if they can improve the infrastructure cost with the way Elasticsearch is. If they keep using Elasticsearch, maybe there are some opportunities there, or they can support other backends with cheaper storage. They could have a different backend to replace Elasticsearch or do some tweaks to Elasticsearch to reduce the costs. There could be partial parsing of logs or parsing on demand so that when you write data through Graylog to Elasticsearch, it doesn't need to crunch in every detail requiring that much CPU.
Read full review
Omer Jamil - PeerSpot reviewer
Jan 16, 2024
An easy-to-deploy tool that needs to improve its vulnerability scanning feature
In my company, we use the solution in our security operation center to monitor the client environment and as a solution that provides us with continuous monitoring ability The benefits experienced by our company from the use of the solution stem from the fact that it has been working pretty well…
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"We have scaled from a single machine installation (a VM with a Graylog + ES + MongoDB) to (2 Graylog + 2 ES + 3 MongoDB). This was done smoothly with a minimal impact on logging."
"Allowing us to set up alerts and integrate with platforms we already use, such as Slack and OpsGenie to alert users of these errors proactively, is also a very useful feature."
"Graylog's search functionality, alerting functionality, user management, and dashboards are useful."
"What I like about Graylog is that it's real-time and you have access to the raw data. So, you ingest it, and you have access to every message and every data item you ingest. You can then build analytics on top of that. You can look at the raw data, and you can do some volumetric estimations, such as how big traffic you have, how many messages of data of a type you have, etc."
"We run a containerized microservices environment. Being able to set up streams and search for errors and anomalies across hundreds of containers is why a log aggregation platform like Graylog is valuable to us."
"The product is scalable. The solution is stable."
"Real-time UDP/GELF logging and full text-based searching."
"One of the most valuable features is that you are able to do a very detailed search through the log messages in the overview."
More Graylog pros
"I can easily check (in one place) all the logs and data in relation to attacks. It also gives me an overview if a server is not configured properly."
"This is a USM, so being able to get all the features under one roof makes it a good product with good new features."
"The dashboards are very descriptive and contain just the right amount of information. The activity alarms and events contain a plethora of data that is very descriptive and useful."
"It has streamlined log aggregation and analysis to meet organizational and regulatory needs."
"The asset management functionality (active and passive scans) is also really important. You can't protect what you do not know about, so having an inventory of all your devices and software is critical to a security management program."
"We are able to get alerts perfectly with FIM and VA features."
"Allowed us to help our customers satisfy compliance needs around logging and monitoring."
"The new cloud-based panel is excellent both for client review as well as for our SOC to review and respond to threats. It is much easier to configure and use than the previous solution from AlienVault.​"
More USM Anywhere pros
 

Cons

"I would like to see a default dashboard widget that shows the topology of the clusters defined for the graylog install."
"Its scalability gets complicated when we have to update or edit multiple nodes."
"More customization is always useful."
"I would like to see some kind of visualization included in Graylog."
"Graylog could improve the process of creating rules. We have to create them manually by doing parses and applying them. Other SIEM solutions have basic rules and you can create and get more events of interest."
"With technical support, you are on your own without an enterprise license."
"The infrastructure cost is the main issue. I like the rest. If the infrastructure costs could be lower, it would be fantastic."
"I would like to see a date and time in the Graylog Grok patterns so that I can save time when searching for a log. I like how the streams and the search query work, but adding a date and time will allow me to pull out a log in a milli-second."
More Graylog cons
"Pay attention to false-positive event automatic correlations."
"Source material on the forums to be more up-to-date with the changes happening within the product. Forums being out-of-date with information due to the changes makes troubleshooting a little more difficult - specific to the HIDS agents."
"AT&T AlienVault USM can improve searchable data. It should be available for more than 90 days. If you need more than 90 days of data, you have to put a request and they give you raw data, which is not easy to search. A good addition would be to allow users to search data older than 90 days."
"It would be nice to see some machine learning and monitoring of the configuration in network devices."
"I want to see more compliance management capability. The quality of integrations seems to be a little bit low."
"The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve. The tool has vulnerability scanning, but it is not that efficient."
"Support can be slow at times, but the quality is high. Posted knowledge base articles could use improvement."
"The vulnerability reporting needs to have options to be able to sort or customize the output."
More USM Anywhere cons
 

Pricing and Cost Advice

"It's an open-source solution that can be used free of charge."
"It's open source and free. They have a paid version, but we never looked into that because we never needed the features of the paid version."
"I use the free version of Graylog."
"I am using a community edition. I have not looked at the enterprise offering from Graylog."
"We're using the Community edition."
"​You get a lot out-of-the-box with the non-enterprise version, so give it a try first."
"Having paid official support is wise for projects."
"There is an open source version and an enterprise version. I wouldn't recommend the enterprise version, but as an open source solution, it is solid and works really well."
More Graylog pricing and cost advice
"AlienVault is flexible on their pricing for unlimited licenses."
"I don't know exactly, but I know it is based on the number of logs and the retention duration, such as 30 days or something like that. So, the smallest package is about 500 a month for 30 days of logs. There is a virtual machine. You need resources for it. It is a log collecting VM. They provide the software, and you just have to load a virtual machine. So, you're going to incur some CPU RAM and storage for wherever this log collecting appliance is running, which typically is in our cloud and on our platform for the customer."
"The pricing is a good value. The key thing is that for the new product, the licensing of it, is subscription-based and it's based on data. Clients need to be really careful when thinking about that, because odds are they're going to need to put a lot more data into it than what they initially estimate, which is going to drive their subscription costs up."
"It's very reasonably priced. It was one of the lowest among the ones I looked at. Licensing is pretty flexible. They can do a two-year or a three-year, even a one-year, perhaps."
"The price of this solution is reasonable, which is one of the reasons why we selected it over other solutions."
"I don't think the product's pricing is a good value because they try to raise the price 50 percent every year... AlienVault needs to understand that not all customers are huge enterprises... Their sales team is way too aggressive. The price they advertise is not always the price you get."
"Do the one month trial and try to work out the kinks during it, as it has free support and service hours."
"The licensing fees are dependent on usage."
More USM Anywhere pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
See recommendations
787,061 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Comms Service Provider
9%
Government
8%
Educational Organization
7%
Computer Software Company
17%
Government
8%
Educational Organization
8%
Financial Services Firm
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Graylog?
The product is scalable. The solution is stable.
See all answers
What is your experience regarding pricing and costs for Graylog?
We are using the free version of the product. However, the paid version is expensive.
See all answers
What needs improvement with Graylog?
Since it's a free tool, I don't have much to say. Troubleshooting is important to me. The initial setup is complex. I hope to see improvements in Graylog for more interactivity, user-friendliness, ...
See all answers
What do you like most about AT&T AlienVault USM?
The most valuable feature of the solution is the ease of deployment that it provides to users. The integrations that the product has with third-party applications are useful.
See all answers
What is your experience regarding pricing and costs for AT&T AlienVault USM?
It is a product that is priced in a medium range, making it neither a cheap nor a costly product.
See all answers
What needs improvement with AT&T AlienVault USM?
The vulnerability scanning feature is one of the areas where the product has certain shortcomings and needs to improve. The tool has vulnerability scanning, but it is not that efficient. A mobile a...
See all answers
 

Comparisons

Grafana Loki vs Graylog Logo
Grafana Loki vs Graylog
Compared 39% of the time
Wazuh vs Graylog Logo
Wazuh vs Graylog
Compared 24% of the time
syslog-ng vs Graylog Logo
syslog-ng vs Graylog
Compared 9% of the time
Fortinet FortiAnalyzer vs Graylog Logo
Fortinet FortiAnalyzer vs Graylog
Compared 4% of the time
Splunk Enterprise Security vs Graylog Logo
Splunk Enterprise Security vs Graylog
Compared 3% of the time
More Graylog Competitors
Wazuh vs USM Anywhere Logo
Wazuh vs USM Anywhere
Compared 23% of the time
AlienVault OSSIM vs USM Anywhere Logo
AlienVault OSSIM vs USM Anywhere
Compared 12% of the time
IBM Security QRadar vs USM Anywhere Logo
IBM Security QRadar vs USM Anywhere
Compared 9% of the time
Splunk Enterprise Security vs USM Anywhere Logo
Splunk Enterprise Security vs USM Anywhere
Compared 9% of the time
Microsoft Sentinel vs USM Anywhere Logo
Microsoft Sentinel vs USM Anywhere
Compared 8% of the time
More USM Anywhere Competitors
 

Product Reports

Buyer's Guide
Graylog
June 2024
Graylog reportDownload Graylog product report
Buyer's Guide
USM Anywhere
May 2024
USM Anywhere reportDownload USM Anywhere product report
 

Also Known As

Graylog2
AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity
 

Learn More

Graylog
AT&T
 

Overview

Graylog is purpose-built to deliver the best log collection, storage, enrichment, and analysis. Graylog is:

  • Considerably faster analysis speeds.
  • More robust and easier-to-use analysis platform.
  • Simpler administration and infrastructure management.
  • Lower cost than alternatives.
  • Full-scale customer service.
  • No expensive training or tool experts required.

USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.

Discover

  • Network asset discovery
  • Software & services discovery
  • AWS asset discovery
  • Azure asset discovery
  • Google Cloud Platform asset discovery

Analyze

  • SIEM event correlation, auto-prioritized alarms
  • User activity monitoring
  • Up to 90-days of online, searchable events

Detect

  • Cloud intrusion detection (AWS, Azure, GCP)
  • Network intrusion detection (NIDS)
  • Host intrusion detection (HIDS)
  • Endpoint Detection and Response (EDR)

Respond

  • Forensics querying
  • Automate & orchestrate response
  • Notifications and ticketing

Assess

  • Vulnerability scanning
  • Cloud infrastructure assessment
  • User & asset configuration
  • Dark web monitoring

Report

  • Pre-built compliance reporting templates
  • Pre-built event reporting templates
  • Customizable views and dashboards
  • Log storage
 

Sample Customers

Blue Cross Blue Shield, eBay, Cisco, LinkedIn, SAP, King.com, Twilio, Deutsche Presse-Agentur
Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom
Buyer's Guide
Graylog vs. USM Anywhere
June 2024
Free Report: Graylog vs. USM Anywhere
Find out what your peers are saying about Graylog vs. USM Anywhere and other solutions. Updated: June 2024.
DOWNLOAD NOW
787,061 professionals have used our research since 2012.
See our Graylog vs. USM Anywhere report.
See our list of best Log Management vendors.

We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.