Try our new research platform with insights from 80,000+ expert users
Graylog Logo

Graylog pros and cons

Vendor: Graylog
4.0 out of 5
503 followers
Post review

Pros & Cons summary

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Graylog supports message forwarding through an in-built module, increasing productivity by directly notifying development and support teams.
Custom alert creation enhances information security and compliance, with integration options for tools like Slack and OpsGenie.
Graylog offers powerful capabilities for log management and real-time analysis across containerized microservices environments, allowing detailed search and anomaly detection.
Elasticsearch integration enables fast log retrieval and comprehensive text-based searching, contributing to efficient data analysis and system monitoring.
Graylog is scalable, enabling smooth transitions from small single-machine setups to larger, distributed configurations.

CONS

Graylog lacks direct support for running inside Kubernetes, making deployment challenging and affecting performance and stability.
Elasticsearch's field data size can lead to issues such as circuit-breaking exceptions, especially in high-throughput environments.
Complex initial setup and infrastructure costs are significant concerns for Graylog users.
Improvement is needed in authentication and the scalability process, particularly when updating multiple nodes.
The collector application has architectural issues, leading to preferences for alternatives over Graylog Collector Sidecar.
 

Graylog Pros review quotes

Andrey Mostovykh - PeerSpot reviewer
Sep 27, 2022
What I like about Graylog is that it's real-time and you have access to the raw data. So, you ingest it, and you have access to every message and every data item you ingest. You can then build analytics on top of that. You can look at the raw data, and you can do some volumetric estimations, such as how big traffic you have, how many messages of data of a type you have, etc.
Peter Malaty - PeerSpot reviewer
Sep 30, 2022
Everything stands out as valuable, including the fact that I can quantify and qualify the logs, create pipelines and process the logs in any way I like, and create charts or data maps.
it_user776922 - PeerSpot reviewer
Nov 22, 2017
The ability to write custom alerts is key to information security and compliance.
Learn what your peers think about Graylog. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
Jonas Leeb - PeerSpot reviewer
Sep 22, 2022
One of the most valuable features is that you are able to do a very detailed search through the log messages in the overview.
AN
Aug 26, 2019
I am very proud of how very stable the solution is.
CN
Dec 7, 2020
Graylog's search functionality, alerting functionality, user management, and dashboards are useful.
it_user774168 - PeerSpot reviewer
Nov 16, 2017
Message forwarding through the in-built module.
Lokesh Puthalapattu - PeerSpot reviewer
Sep 21, 2022
The best feature of Graylog is the Elasticsearch integration. We can integrate and we can run filters, such as an event of interest, and those logs we can send to any SIEM tool or as an analytic. Additionally, there are clear and well-documented implementation instructions on their website to follow if needed.
JC
Jan 23, 2018
We run a containerized microservices environment. Being able to set up streams and search for errors and anomalies across hundreds of containers is why a log aggregation platform like Graylog is valuable to us.
JD
Feb 18, 2018
Real-time UDP/GELF logging and full text-based searching.
 

Graylog Cons review quotes

Andrey Mostovykh - PeerSpot reviewer
Sep 27, 2022
The infrastructure cost is the main issue. I like the rest. If the infrastructure costs could be lower, it would be fantastic.
Peter Malaty - PeerSpot reviewer
Sep 30, 2022
Graylog needs to improve their authentication. Also, the fact that Graylog displays logs from the top down is just ridiculous.
it_user776922 - PeerSpot reviewer
Nov 22, 2017
I would like to see a default dashboard widget that shows the topology of the clusters defined for the graylog install.
Learn what your peers think about Graylog. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
814,649 professionals have used our research since 2012.
Jonas Leeb - PeerSpot reviewer
Sep 22, 2022
It would be great if Graylog could provide a better Python package in order to make it easier to use for the Python community.
AN
Aug 26, 2019
I would like to see a date and time in the Graylog Grok patterns so that I can save time when searching for a log. I like how the streams and the search query work, but adding a date and time will allow me to pull out a log in a milli-second.
CN
Dec 7, 2020
Graylog can improve the index rotation as it's quite a complex solution.
it_user774168 - PeerSpot reviewer
Nov 16, 2017
The biggest problem is the collector application, as we wanted to avoid using Graylog Collector Sidecar due to its architecture.
Lokesh Puthalapattu - PeerSpot reviewer
Sep 21, 2022
Graylog could improve the process of creating rules. We have to create them manually by doing parses and applying them. Other SIEM solutions have basic rules and you can create and get more events of interest.
JC
Jan 23, 2018
Elasticsearch recommendations for tuning could be better. Graylog doesn't have direct support for running the system inside of Kubernetes, so it can be challenging to fill in the gaps and set up containers in a way that is both performant and stable.
JD
Feb 18, 2018
More complex visualizations and the ability to execute custom Elasticsearch queries would be great.