Try our new research platform with insights from 80,000+ expert users
Graylog Logo

Graylog pros and cons

Vendor: Graylog
4.0 out of 5
507 followers
Post review

Pros & Cons summary

Graylog integrates with Elasticsearch for fast log retrieval and full text search, enhancing information security through custom alerts. It supports containerized environments for detailed analytics and scalable deployments. However, Elasticsearch tuning needs improvement, facing memory issues in high-throughput settings. Graylog Collector Sidecar has architectural challenges, and setup within Kubernetes lacks support. The initial setup is complex with inadequate documentation, and technical support requires an enterprise license for effective assistance.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Graylog offers message forwarding through an in-built module and provides the ability to write custom alerts for enhanced information security and compliance.
Users benefit from Graylog's Elasticsearch integration, enabling fast log retrieval and detailed searches across messages with full-text search capabilities.
Graylog's real-time UDP/GELF logging supports high performance, making it ideal for sending large volumes of logs with minimal overhead.
The platform allows seamless integration with existing tools like Slack and OpsGenie, enabling proactive user notification about errors and alerts.
Graylog is praised for its open-source nature, scalability, and stability, requiring minimal maintenance while providing significant infrastructure and security event visibility.

CONS

The Collector application complains about the architecture, especially avoiding Graylog Collector Sidecar.
Support for Elasticsearch tuning and running inside Kubernetes is lacking, making setup and performance optimization challenging.
Issues with Elasticsearch circuit-breaking due to large field data size caused instability, highlighting a need for minimum requirements from Graylog.
Technical support is inadequate without an enterprise license, complicating problem-solving for users.
The initial setup and configuring processing pipelines are complex due to insufficient documentation.
 

Graylog Pros review quotes

Andrey Mostovykh - PeerSpot reviewer
Sep 27, 2022
What I like about Graylog is that it's real-time and you have access to the raw data. So, you ingest it, and you have access to every message and every data item you ingest. You can then build analytics on top of that. You can look at the raw data, and you can do some volumetric estimations, such as how big traffic you have, how many messages of data of a type you have, etc.
Read full review
Peter Malaty - PeerSpot reviewer
Sep 30, 2022
Everything stands out as valuable, including the fact that I can quantify and qualify the logs, create pipelines and process the logs in any way I like, and create charts or data maps.
Read full review
it_user776922 - PeerSpot reviewer
Nov 22, 2017
The ability to write custom alerts is key to information security and compliance.
Read full review
Buyer's Guide
Graylog
February 2025
Free Report: Graylog Reviews and More
Learn what your peers think about Graylog. Get advice and tips from experienced pros sharing their opinions. Updated: February 2025.
DOWNLOAD NOW
838,713 professionals have used our research since 2012.
Jonas Leeb - PeerSpot reviewer
Sep 22, 2022
One of the most valuable features is that you are able to do a very detailed search through the log messages in the overview.
Read full review
AK
Jan 27, 2025
It has data adapters and lookup tables that utilize HTTP calls to APIs.
Read full review
AN
Aug 26, 2019
I am very proud of how very stable the solution is.
Read full review
CN
Dec 7, 2020
Graylog's search functionality, alerting functionality, user management, and dashboards are useful.
Read full review
it_user774168 - PeerSpot reviewer
Nov 16, 2017
Message forwarding through the in-built module.
Read full review
Lokesh Puthalapattu - PeerSpot reviewer
Sep 21, 2022
The best feature of Graylog is the Elasticsearch integration. We can integrate and we can run filters, such as an event of interest, and those logs we can send to any SIEM tool or as an analytic. Additionally, there are clear and well-documented implementation instructions on their website to follow if needed.
Read full review
JC
Jan 23, 2018
We run a containerized microservices environment. Being able to set up streams and search for errors and anomalies across hundreds of containers is why a log aggregation platform like Graylog is valuable to us.
Read full review
Show 8 more reviews (out of 18)
 

Graylog Cons review quotes

Andrey Mostovykh - PeerSpot reviewer
Sep 27, 2022
The infrastructure cost is the main issue. I like the rest. If the infrastructure costs could be lower, it would be fantastic.
Read full review
Peter Malaty - PeerSpot reviewer
Sep 30, 2022
Graylog needs to improve their authentication. Also, the fact that Graylog displays logs from the top down is just ridiculous.
Read full review
it_user776922 - PeerSpot reviewer
Nov 22, 2017
I would like to see a default dashboard widget that shows the topology of the clusters defined for the graylog install.
Read full review
Buyer's Guide
Graylog
February 2025
Free Report: Graylog Reviews and More
Learn what your peers think about Graylog. Get advice and tips from experienced pros sharing their opinions. Updated: February 2025.
DOWNLOAD NOW
838,713 professionals have used our research since 2012.
Jonas Leeb - PeerSpot reviewer
Sep 22, 2022
It would be great if Graylog could provide a better Python package in order to make it easier to use for the Python community.
Read full review
AK
Jan 27, 2025
When it comes to configuring the processing pipeline, writing the rules can be very tedious, especially since the documentation isn't extensive on how the functions provided for these rules work.
Read full review
AN
Aug 26, 2019
I would like to see a date and time in the Graylog Grok patterns so that I can save time when searching for a log. I like how the streams and the search query work, but adding a date and time will allow me to pull out a log in a milli-second.
Read full review
CN
Dec 7, 2020
Graylog can improve the index rotation as it's quite a complex solution.
Read full review
it_user774168 - PeerSpot reviewer
Nov 16, 2017
The biggest problem is the collector application, as we wanted to avoid using Graylog Collector Sidecar due to its architecture.
Read full review
Lokesh Puthalapattu - PeerSpot reviewer
Sep 21, 2022
Graylog could improve the process of creating rules. We have to create them manually by doing parses and applying them. Other SIEM solutions have basic rules and you can create and get more events of interest.
Read full review
JC
Jan 23, 2018
Elasticsearch recommendations for tuning could be better. Graylog doesn't have direct support for running the system inside of Kubernetes, so it can be challenging to fill in the gaps and set up containers in a way that is both performant and stable.
Read full review
Show 8 more reviews (out of 18)

Product Categories

Product Categories
Log Management

Popular Comparisons

Popular Comparisons
Wazuh vs Graylog Logo
Wazuh vs Graylog
Dynatrace vs Graylog Logo
Dynatrace vs Graylog
Splunk Enterprise Security vs Graylog Logo
Splunk Enterprise Security vs Graylog
Datadog vs Graylog Logo
Datadog vs Graylog
IBM Security QRadar vs Graylog Logo
IBM Security QRadar vs Graylog
Elastic Security vs Graylog Logo
Elastic Security vs Graylog
Grafana Loki vs Graylog Logo
Grafana Loki vs Graylog
LogRhythm SIEM vs Graylog Logo
LogRhythm SIEM vs Graylog
Security Onion vs Graylog Logo
Security Onion vs Graylog
Fortinet FortiAnalyzer vs Graylog Logo
Fortinet FortiAnalyzer vs Graylog
syslog-ng vs Graylog Logo
syslog-ng vs Graylog
Elastic Stack vs Graylog Logo
Elastic Stack vs Graylog
Amazon CloudWatch vs Graylog Logo
Amazon CloudWatch vs Graylog
SolarWinds Kiwi Syslog Server vs Graylog Logo
SolarWinds Kiwi Syslog Server vs Graylog
ManageEngine Log360 vs Graylog Logo
ManageEngine Log360 vs Graylog
See all alternatives

Product Categories

Product Categories
Log Management

Popular Comparisons

Popular Comparisons
Wazuh vs Graylog Logo
Wazuh vs Graylog
Dynatrace vs Graylog Logo
Dynatrace vs Graylog
Splunk Enterprise Security vs Graylog Logo
Splunk Enterprise Security vs Graylog
Datadog vs Graylog Logo
Datadog vs Graylog
IBM Security QRadar vs Graylog Logo
IBM Security QRadar vs Graylog
Elastic Security vs Graylog Logo
Elastic Security vs Graylog
Grafana Loki vs Graylog Logo
Grafana Loki vs Graylog
LogRhythm SIEM vs Graylog Logo
LogRhythm SIEM vs Graylog
Security Onion vs Graylog Logo
Security Onion vs Graylog
Fortinet FortiAnalyzer vs Graylog Logo
Fortinet FortiAnalyzer vs Graylog
syslog-ng vs Graylog Logo
syslog-ng vs Graylog
Elastic Stack vs Graylog Logo
Elastic Stack vs Graylog
Amazon CloudWatch vs Graylog Logo
Amazon CloudWatch vs Graylog
SolarWinds Kiwi Syslog Server vs Graylog Logo
SolarWinds Kiwi Syslog Server vs Graylog
ManageEngine Log360 vs Graylog Logo
ManageEngine Log360 vs Graylog
See all alternatives
Related questions
  • 34
When evaluating Log Management tools and software, what aspect do you think is the most important to look for?
  • 3,482
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
  • 92
Which Windows event log monitoring tool do you recommend?
  • 282
What is the difference between log management and SIEM?
  • 41
Splunk vs. Elastic Stack
  • 49
How can Cloudtrail logs be used effectively to improve log monitoring?
  • 380
Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?
  • 95
When evaluating Log Management solutions, what aspect do you think is the most important to look for?
  • 13
When evaluating Log Management solutions, what aspects do you think are the most important to look for?
  • 15
Why are Log Management tools important for companies?