Try our new research platform with insights from 80,000+ expert users

Graylog vs Logstash comparison

 

Comparison Buyer's Guide

Executive Summary
 

Categories and Ranking

Graylog
Ranking in Log Management
18th
Average Rating
8.0
Reviews Sentiment
7.0
Number of Reviews
18
Ranking in other categories
No ranking in other categories
Logstash
Ranking in Log Management
29th
Average Rating
10.0
Reviews Sentiment
7.6
Number of Reviews
1
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of December 2024, in the Log Management category, the mindshare of Graylog is 6.5%, up from 5.6% compared to the previous year. The mindshare of Logstash is 0.5%, up from 0.2% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

Nicolae CIornii - PeerSpot reviewer
Stable solution with room for improvement in interactivity and user-friendliness
We have tested IBM QRadar and now use it. First of all, the key factor is the pricing. I saw that IBM QRadar has an interactive dashboard, providing valuable insights to people. Additionally, I've seen that IBM QRadar has an agent that simplifies installations across various platforms without requiring intricate configurations. Also, IBM QRadar has automatic reporting.
Mustafa Husny - PeerSpot reviewer
Helps to collect logs from various data sources, including hardware
I use Logstash primarily for connecting logs from hardware. This is the main use case. The second use case involves making correlations between logs from various sources.  I can collect logs from various data sources, including hardware. The product needs to improve its compatibility.  I rate…

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"I like the correlation and the alerting."
"Open source and user friendly."
"Allowing us to set up alerts and integrate with platforms we already use, such as Slack and OpsGenie to alert users of these errors proactively, is also a very useful feature."
"The best feature of Graylog is the Elasticsearch integration. We can integrate and we can run filters, such as an event of interest, and those logs we can send to any SIEM tool or as an analytic. Additionally, there are clear and well-documented implementation instructions on their website to follow if needed."
"We have scaled from a single machine installation (a VM with a Graylog + ES + MongoDB) to (2 Graylog + 2 ES + 3 MongoDB). This was done smoothly with a minimal impact on logging."
"The build is stable and requires little maintenance, even compared to some extremely expensive products."
"UDP is a fast and lightweight protocol, perfect for sending large volumes of logs with minimal overhead."
"The solution's most valuable feature is its new interface."
"I can collect logs from various data sources, including hardware."
 

Cons

"I hope to see improvements in Graylog for more interactivity, user-friendliness, and creating alerts. The initial setup is complex."
"I would like to see a date and time in the Graylog Grok patterns so that I can save time when searching for a log. I like how the streams and the search query work, but adding a date and time will allow me to pull out a log in a milli-second."
"Graylog can improve the index rotation as it's quite a complex solution."
"Graylog needs to improve their authentication. Also, the fact that Graylog displays logs from the top down is just ridiculous."
"Elasticsearch recommendations for tuning could be better. Graylog doesn't have direct support for running the system inside of Kubernetes, so it can be challenging to fill in the gaps and set up containers in a way that is both performant and stable."
"We ran into problems with Elasticsearch throwing a circuit-breaking exception due to field data size being too large. It turned out that the heap size directly impacted this size in a high-throughput environment, causing unexplained instability in Graylog. We were able to troubleshoot on the Elasticsearch size, but we should have been able to reference some minimum requirements for Graylog to know that our settings weren't sufficient."
"It would be great if Graylog could provide a better Python package in order to make it easier to use for the Python community."
"Since container orchestration systems are popular and Graylog fits the niche well, perhaps they could officially support running in docker containers on Kubernetes as a StatefulSet as a use case. That way, the declarative nature of Kubernetes config files would document their best case deployment scenario-"
"The product needs to improve its compatibility."
 

Pricing and Cost Advice

"We are using the free version of the product. However, the paid version is expensive."
"Having paid official support is wise for projects."
"Graylog is a free open-source solution. The free version has a capacity limitation of 2 GB daily, if you want to go above this you have to purchase a license."
"Consider Enterprise support if you have atypical needs or setup requirements.​"
"There is an open source version and an enterprise version. I wouldn't recommend the enterprise version, but as an open source solution, it is solid and works really well."
"I am using a community edition. I have not looked at the enterprise offering from Graylog."
"We're using the Community edition."
"It's open source and free. They have a paid version, but we never looked into that because we never needed the features of the paid version."
Information not available
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
824,145 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Comms Service Provider
9%
Government
8%
Educational Organization
8%
Financial Services Firm
21%
Computer Software Company
13%
Government
9%
Media Company
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
No data available
 

Questions from the Community

What do you like most about Graylog?
The product is scalable. The solution is stable.
What is your experience regarding pricing and costs for Graylog?
We are using the free version of the product. However, the paid version is expensive.
What needs improvement with Graylog?
Since it's a free tool, I don't have much to say. Troubleshooting is important to me. The initial setup is complex. I hope to see improvements in Graylog for more interactivity, user-friendliness, ...
What do you like most about Logstash?
I can collect logs from various data sources, including hardware.
What needs improvement with Logstash?
The product needs to improve its compatibility.
What is your primary use case for Logstash?
I use Logstash primarily for connecting logs from hardware. This is the main use case. The second use case involves making correlations between logs from various sources.
 

Comparisons

 

Also Known As

Graylog2
No data available
 

Learn More

Video not available
 

Overview

 

Sample Customers

Blue Cross Blue Shield, eBay, Cisco, LinkedIn, SAP, King.com, Twilio, Deutsche Presse-Agentur
Information Not Available
Find out what your peers are saying about Splunk, Wazuh, Datadog and others in Log Management. Updated: December 2024.
824,145 professionals have used our research since 2012.