Try our new research platform with insights from 80,000+ expert users

Devo vs Graylog comparison

Devo and Graylog are both solutions in the Log Management category. Devo is ranked #26 with an average rating of 8.5, while Graylog is ranked #15 with an average rating of 7.0. Devo holds a 0.6% mindshare in Log Management, compared to Graylog’s 6.5% mindshare. Additionally, 95% of Devo users are willing to recommend the solution, compared to 95% of Graylog users who would recommend it.
Devo
Read 22 Devo reviews
  • 2,811 Views
  • 1,658 Comparison Views
95% willing to recommend
Graylog
Read 21 Graylog reviews
  • 9,223 Views
  • 9,223 Comparison Views
95% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 9, 2024

Graylog and Devo are competitive in the log management solutions category, with Devo slightly leading due to its advanced features and higher user satisfaction.

Features: Graylog offers effective search capabilities, intuitive usability, and cost-efficient performance, making it appealing to budget-conscious users. Devo provides real-time analytics, comprehensive data visualization, and extensive functionality, attracting those requiring sophisticated solutions.

Room for Improvement: Graylog needs improved documentation, enhanced alerting, and more user-friendly interfaces. Devo could benefit from refining its query language, streamlining navigation, and reducing the complexity of its tools.

Ease of Deployment and Customer Service: Graylog is known for easy deployment backed by strong customer support, aiding users with fewer technical resources. Devo's deployment necessitates more initial setup but is supported by responsive customer service, maintaining parity with Graylog in overall support quality.

Pricing and ROI: Graylog offers a cost-effective solution with notable ROI, ideal for small to medium enterprises. Devo, with higher initial costs, delivers satisfactory ROI due to its advanced features, making it an attractive investment for larger enterprises seeking extensive capabilities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Devo vs. Graylog Report (Updated: July 2025).
Buyer's Guide
Devo vs. Graylog
July 2025
Download the complete report
Helped 861,524 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Devo
Ranking in Log Management
26th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
22
Ranking in other categories
Security Information and Event Management (SIEM) (25th), IT Operations Analytics (8th), AIOps (18th)
Graylog
Ranking in Log Management
15th
Average Rating
8.0
Reviews Sentiment
7.2
Number of Reviews
21
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Log Management category, the mindshare of Devo is 0.6%, down from 0.7% compared to the previous year. The mindshare of Graylog is 6.5%, up from 5.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

Michael Wenn - PeerSpot reviewer
Has cloud-first architecture with SIEM technology to run security operations
When it comes to scale, they're architected quite well. They handle some of the biggest customers globally, with significant throughput on their platform, managing thousands of customers. One of the most impressive aspects of Devo is its customer community. A large majority, over 80 percent of their customers, actively participate on a Devo-specific community page. They're contributing to product development and support, events, and user group information, helping each other out. This high level of engagement is rare and demonstrates both the loyalty of their customer base and the quality of their product. They offer a range of small, medium, and large options to cater to everyone. I sold Devo products while working with them, focusing on enterprise solutions. However, as a small reseller, my customers were typically smaller businesses. I rate the solution's scalability a nine out of ten.
Read full review
Ivan Kokalovic - PeerSpot reviewer
Facilitates backend service monitoring with efficient log retrieval and API flexibility
Graylog is valuable because it bridges technical knowledge to non-technical teams, presenting complex backend processes in a simple timeline. It boosts the knowledge of sales and customer support teams by allowing them to see the backend operations without needing to read the code. Its API is flexible for visualization, and its powerful search engine efficiently handles large volumes of log data. Moreover, its stability, fast search capabilities, and compatibility with languages like ANSI SQL enhance its utility in IT infrastructure.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The most valuable feature is definitely the ability that Devo has to ingest data. From the previous SIEM that I came from and helped my company administer, it really was the type of system where data was parsed on ingest. This meant that if you didn't build the parser efficiently or correctly, sometimes that would bring the system to its knees. You'd have a backlog of processing the logs as it was ingesting them."
"The thing that Devo does better than other solutions is to give me the ability to write queries that look at multiple data sources and run fast. Most SIEMs don't do that. And I can do that by creating entity-based queries. Let's say I have a table which has Okta, a table which has G Suite, a table which has endpoint telemetry, and I have a table which has DNS telemetry. I can write a query that says, 'Join all these things together on IP, and where the IP matches in all these tables, return to me that subset of data, within these time windows.' I can break it down that way."
"Even if it's a relatively technical tool or platform, it's very intuitive and graphical. It's very appealing in terms of the user interface. The UI has a graphically interface with the raw data in a table. The table can be as big as you want it, depending on your use case. You can easily get a report combining your data, along with calculations and graphical dashboards. You don't need a lot of training, because the UI is relatively very intuitive."
"The alerting is much better than I anticipated. We don't get as many alerts as I thought we would, but that nobody's fault, it's just the way it is."
"Scalability is one of Devo's strengths."
"The most valuable feature is that it has native MSSP capabilities and maintains perfect data separation. It does all of that in a very easy-to-manage cloud-based solution."
"The real-time analytics of security-related data are super. There are a lot of data feeds going into it and it's very quick at pulling up and correlating the data and showing you what's going on in your infrastructure. It's fast. The way that their architecture and technology works, they've really focused on the speed of query results and making sure that we can do what we need to do quickly. Devo is pulling back information in a fast fashion, based on real-time events."
"It's very, very versatile."
More Devo pros
"I am very proud of how very stable the solution is."
"Allowing us to set up alerts and integrate with platforms we already use, such as Slack and OpsGenie to alert users of these errors proactively, is also a very useful feature."
"What I like about Graylog is that it's real-time and you have access to the raw data. So, you ingest it, and you have access to every message and every data item you ingest. You can then build analytics on top of that. You can look at the raw data, and you can do some volumetric estimations, such as how big traffic you have, how many messages of data of a type you have, etc."
"It has data adapters and lookup tables that utilize HTTP calls to APIs."
"We have scaled from a single machine installation (a VM with a Graylog + ES + MongoDB) to (2 Graylog + 2 ES + 3 MongoDB). This was done smoothly with a minimal impact on logging."
"Storing logs in Elasticsearch means log retrieval is extremely fast, and full text search is available by default."
"UDP is a fast and lightweight protocol, perfect for sending large volumes of logs with minimal overhead."
"The build is stable and requires little maintenance, even compared to some extremely expensive products."
More Graylog pros
 

Cons

"There is room for improvement in the ability to parse different log types. I would go as far as to say the product is deficient in its ability to parse multiple, different log types, including logs from major vendors that are supported by competitors. Additionally, the time that it takes to turn around a supported parser for customers and common log source types, which are generally accepted standards in the industry, is not acceptable. This has impacted customer onboarding and customer relationships for us on multiple fronts."
"Some basic reporting mechanisms have room for improvement. Customers can do analysis by building Activeboards, Devo’s name for interactive dashboards. This capability is quite nice, but it is not a reporting engine. Devo does provide mechanisms to allow third-party tools to query data via their API, which is great. However, a lot of folks like or want a reporting engine, per se, and Devo simply doesn't have that. This may or may not be by design."
"Devo has a lot of cloud connectors, but they need to do a little bit of work there. They've got good integrations with the public cloud, but there are a lot of cloud SaaS systems that they still need to work with on integrations, such as Salesforce and other SaaS providers where we need to get access logs."
"From our experience, the Devo agent needs some work. They built it on top of OS Query's open-source framework. It seems like it wasn't tuned properly to handle a large volume of Windows event logs. In our experience, there would definitely be some room for improvement. A lot of SIEMs on the market have their own agent infrastructure. I think Devo's working towards that, but I think that it needs some improvement as far as keeping up with high-volume environments."
"They can improve their AI capabilities"
"There are some issues from an availability and functionality standpoint, meaning the tool is somewhat slow. There were some slow response periods over the past six to nine months, though it has yet to impact us terribly as we are a relatively small shop. We've noticed it, however, so Devo could improve the responsiveness."
"Some third-parties don't have specific API connectors built, so we had to work with Devo to get the logs and parse the data using custom parsers, rather than an out-of-the-box solution."
"There's always room to reduce the learning curve over how to deal with events and machine data. They could make the machine data simpler."
More Devo cons
"Since container orchestration systems are popular and Graylog fits the niche well, perhaps they could officially support running in docker containers on Kubernetes as a StatefulSet as a use case. That way, the declarative nature of Kubernetes config files would document their best case deployment scenario-"
"Over six months, I had two similar issues where searches were performed on field "messages". It exhausted all the memory of the ES node causing an ES crash and a Graylog halt."
"It would be great if Graylog could provide a better Python package in order to make it easier to use for the Python community."
"The infrastructure cost is the main issue. I like the rest. If the infrastructure costs could be lower, it would be fantastic."
"The area in Graylog that needs to be improved or enhanced would be the integrations."
"Elasticsearch recommendations for tuning could be better. Graylog doesn't have direct support for running the system inside of Kubernetes, so it can be challenging to fill in the gaps and set up containers in a way that is both performant and stable."
"Graylog could improve the process of creating rules. We have to create them manually by doing parses and applying them. Other SIEM solutions have basic rules and you can create and get more events of interest."
"I would like to see a default dashboard widget that shows the topology of the clusters defined for the graylog install."
More Graylog cons
 

Pricing and Cost Advice

"The way Devo prices things is based on the amount of data, and I wish the tiers had more granularity. Maybe at this point they do, but when we first negotiated with them, there were only three or four tiers."
"I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."
"I'm not involved in the financial aspect, but I think the licensing costs are similar to other solutions. If all the solutions have a similar cost, Devo provides more for the money."
"Devo was very cost-competitive... Devo did come with that 400 days of hot data, and that was not the case with other products."
"It's very competitive. That was also a primary draw for us. Some of the licensing models with solutions like Splunk and Sentinel were attractive upfront, but there were so many micro-charges and services we would've had to add on to make them what we wanted. We had to include things like SOAR and extended capabilities, whereas all those capabilities are completely included with the Devo platform. I haven't seen any additional fee."
"Pricing is based on the number of gigabytes of ingestion by volume, and it's on a 30-day average. If you go over one day, that's not a big deal as long as the average is what you expected it to be."
"It's a per gigabyte cost for ingestion of data. For every gigabyte that you ingest, it's whatever you negotiated your price for. Compared to other contracts that we've had for cloud providers, it's significantly less."
"Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."
More Devo pricing and cost advice
"It's open source and free. They have a paid version, but we never looked into that because we never needed the features of the paid version."
"It's an open-source solution that can be used free of charge."
"If you want something that works and do not have the money for Splunk or QRadar, take Graylog.​​"
"We are using the free version of the product. However, the paid version is expensive."
"I am using a community edition. I have not looked at the enterprise offering from Graylog."
"I use the free version of Graylog."
"​You get a lot out-of-the-box with the non-enterprise version, so give it a try first."
"Having paid official support is wise for projects."
More Graylog pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
See recommendations
861,524 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
18%
Computer Software Company
14%
University
8%
Government
6%
Computer Software Company
17%
Comms Service Provider
10%
Government
7%
University
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Devo?
Devo has a really good website for creating custom configurations.
See all answers
What is your experience regarding pricing and costs for Devo?
Compared to Splunk or SentinelOne, it is really expensive. I rate the product’s pricing a nine out of ten, where one is cheap and ten is expensive.
See all answers
What needs improvement with Devo?
They can improve their AI capabilities. If you look at some integrations like XDR or AI, which add to the platform to correlate situations in events, there are areas for enhancement. For instance, ...
See all answers
What do you like most about Graylog?
The product is scalable. The solution is stable.
See all answers
What is your experience regarding pricing and costs for Graylog?
I am not familiar with the pricing details of Graylog, as I was not responsible for that aspect. It was determined that we didn't need an enterprise plan, which is more suited for clients with less...
See all answers
What needs improvement with Graylog?
An improvement I would suggest is in Graylog's user interface, such as allowing for font size adjustments. A potential enhancement could be the integration with Ollama to run large language models ...
See all answers
 

Comparisons

IBM Security QRadar vs Devo Logo
IBM Security QRadar vs Devo
Compared 16% of the time
Microsoft Sentinel vs Devo Logo
Microsoft Sentinel vs Devo
Compared 15% of the time
Splunk Enterprise Security vs Devo Logo
Splunk Enterprise Security vs Devo
Compared 14% of the time
LogRhythm SIEM vs Devo Logo
LogRhythm SIEM vs Devo
Compared 6% of the time
Wazuh vs Devo Logo
Wazuh vs Devo
Compared 6% of the time
More Devo Competitors
Grafana Loki vs Graylog Logo
Grafana Loki vs Graylog
Compared 36% of the time
Wazuh vs Graylog Logo
Wazuh vs Graylog
Compared 25% of the time
syslog-ng vs Graylog Logo
syslog-ng vs Graylog
Compared 11% of the time
Security Onion vs Graylog Logo
Security Onion vs Graylog
Compared 6% of the time
Fortinet FortiAnalyzer vs Graylog Logo
Fortinet FortiAnalyzer vs Graylog
Compared 3% of the time
More Graylog Competitors
 

Product Reports

Buyer's Guide
Devo
July 2025
Devo reportDownload Devo product report
Buyer's Guide
Graylog
July 2025
Graylog reportDownload Graylog product report
 

Also Known As

No data available
Graylog2
 

Overview

Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

Devo

Graylog is purpose-built to deliver the best log collection, storage, enrichment, and analysis. Graylog is:

  • Considerably faster analysis speeds.
  • More robust and easier-to-use analysis platform.
  • Simpler administration and infrastructure management.
  • Lower cost than alternatives.
  • Full-scale customer service.
  • No expensive training or tool experts required.
Graylog
 

Sample Customers

United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel
Blue Cross Blue Shield, eBay, Cisco, LinkedIn, SAP, King.com, Twilio, Deutsche Presse-Agentur
Buyer's Guide
Devo vs. Graylog
July 2025
Free Report: Devo vs. Graylog
Find out what your peers are saying about Devo vs. Graylog and other solutions. Updated: July 2025.
DOWNLOAD NOW
861,524 professionals have used our research since 2012.
See our Devo vs. Graylog report.
See our list of best Log Management vendors.

We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.