Try our new research platform with insights from 80,000+ expert users
Graylog Logo

Graylog pros and cons

Vendor: Graylog
4.0 out of 5
503 followers
Post review

Pros & Cons summary

Graylog excels in efficient message forwarding and real-time logging integration with Elasticsearch, offering robust search and analytics. Custom alert writing boosts security and compliance, while scalability ensures smooth transitions for growing needs. However, users face challenges with Graylog Collector Sidecar, complex initial setup, Kubernetes compatibility issues, and Elasticsearch heap size instability. Insufficient documentation further complicates performance and clarity of requirements.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Graylog supports message forwarding through an in-built module, increasing productivity by directly notifying development and support teams.
Custom alert creation enhances information security and compliance, with integration options for tools like Slack and OpsGenie.
Graylog offers powerful capabilities for log management and real-time analysis across containerized microservices environments, allowing detailed search and anomaly detection.
Elasticsearch integration enables fast log retrieval and comprehensive text-based searching, contributing to efficient data analysis and system monitoring.
Graylog is scalable, enabling smooth transitions from small single-machine setups to larger, distributed configurations.

CONS

Graylog lacks direct support for running inside Kubernetes, making deployment challenging and affecting performance and stability.
Elasticsearch's field data size can lead to issues such as circuit-breaking exceptions, especially in high-throughput environments.
Complex initial setup and infrastructure costs are significant concerns for Graylog users.
Improvement is needed in authentication and the scalability process, particularly when updating multiple nodes.
The collector application has architectural issues, leading to preferences for alternatives over Graylog Collector Sidecar.
 

Graylog Pros review quotes

Andrey Mostovykh - PeerSpot reviewer
Sep 27, 2022
What I like about Graylog is that it's real-time and you have access to the raw data. So, you ingest it, and you have access to every message and every data item you ingest. You can then build analytics on top of that. You can look at the raw data, and you can do some volumetric estimations, such as how big traffic you have, how many messages of data of a type you have, etc.
Read full review
Peter Malaty - PeerSpot reviewer
Sep 30, 2022
Everything stands out as valuable, including the fact that I can quantify and qualify the logs, create pipelines and process the logs in any way I like, and create charts or data maps.
Read full review
it_user776922 - PeerSpot reviewer
Nov 22, 2017
The ability to write custom alerts is key to information security and compliance.
Read full review
Buyer's Guide
Graylog
November 2024
Free Report: Graylog Reviews and More
Learn what your peers think about Graylog. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
DOWNLOAD NOW
816,406 professionals have used our research since 2012.
Jonas Leeb - PeerSpot reviewer
Sep 22, 2022
One of the most valuable features is that you are able to do a very detailed search through the log messages in the overview.
Read full review
AN
Aug 26, 2019
I am very proud of how very stable the solution is.
Read full review
CN
Dec 7, 2020
Graylog's search functionality, alerting functionality, user management, and dashboards are useful.
Read full review
it_user774168 - PeerSpot reviewer
Nov 16, 2017
Message forwarding through the in-built module.
Read full review
Lokesh Puthalapattu - PeerSpot reviewer
Sep 21, 2022
The best feature of Graylog is the Elasticsearch integration. We can integrate and we can run filters, such as an event of interest, and those logs we can send to any SIEM tool or as an analytic. Additionally, there are clear and well-documented implementation instructions on their website to follow if needed.
Read full review
JC
Jan 23, 2018
We run a containerized microservices environment. Being able to set up streams and search for errors and anomalies across hundreds of containers is why a log aggregation platform like Graylog is valuable to us.
Read full review
JD
Feb 18, 2018
Real-time UDP/GELF logging and full text-based searching.
Read full review
Show 7 more reviews (out of 17)
 

Graylog Cons review quotes

Andrey Mostovykh - PeerSpot reviewer
Sep 27, 2022
The infrastructure cost is the main issue. I like the rest. If the infrastructure costs could be lower, it would be fantastic.
Read full review
Peter Malaty - PeerSpot reviewer
Sep 30, 2022
Graylog needs to improve their authentication. Also, the fact that Graylog displays logs from the top down is just ridiculous.
Read full review
it_user776922 - PeerSpot reviewer
Nov 22, 2017
I would like to see a default dashboard widget that shows the topology of the clusters defined for the graylog install.
Read full review
Buyer's Guide
Graylog
November 2024
Free Report: Graylog Reviews and More
Learn what your peers think about Graylog. Get advice and tips from experienced pros sharing their opinions. Updated: November 2024.
DOWNLOAD NOW
816,406 professionals have used our research since 2012.
Jonas Leeb - PeerSpot reviewer
Sep 22, 2022
It would be great if Graylog could provide a better Python package in order to make it easier to use for the Python community.
Read full review
AN
Aug 26, 2019
I would like to see a date and time in the Graylog Grok patterns so that I can save time when searching for a log. I like how the streams and the search query work, but adding a date and time will allow me to pull out a log in a milli-second.
Read full review
CN
Dec 7, 2020
Graylog can improve the index rotation as it's quite a complex solution.
Read full review
it_user774168 - PeerSpot reviewer
Nov 16, 2017
The biggest problem is the collector application, as we wanted to avoid using Graylog Collector Sidecar due to its architecture.
Read full review
Lokesh Puthalapattu - PeerSpot reviewer
Sep 21, 2022
Graylog could improve the process of creating rules. We have to create them manually by doing parses and applying them. Other SIEM solutions have basic rules and you can create and get more events of interest.
Read full review
JC
Jan 23, 2018
Elasticsearch recommendations for tuning could be better. Graylog doesn't have direct support for running the system inside of Kubernetes, so it can be challenging to fill in the gaps and set up containers in a way that is both performant and stable.
Read full review
JD
Feb 18, 2018
More complex visualizations and the ability to execute custom Elasticsearch queries would be great.
Read full review
Show 7 more reviews (out of 17)

Product Categories

Product Categories
Log Management

Popular Comparisons

Popular Comparisons
Wazuh vs Graylog Logo
Wazuh vs Graylog
Splunk Enterprise Security vs Graylog Logo
Splunk Enterprise Security vs Graylog
Dynatrace vs Graylog Logo
Dynatrace vs Graylog
Datadog vs Graylog Logo
Datadog vs Graylog
IBM Security QRadar vs Graylog Logo
IBM Security QRadar vs Graylog
Elastic Security vs Graylog Logo
Elastic Security vs Graylog
LogRhythm SIEM vs Graylog Logo
LogRhythm SIEM vs Graylog
Grafana Loki vs Graylog Logo
Grafana Loki vs Graylog
Security Onion vs Graylog Logo
Security Onion vs Graylog
Devo vs Graylog Logo
Devo vs Graylog
Fortinet FortiAnalyzer vs Graylog Logo
Fortinet FortiAnalyzer vs Graylog
syslog-ng vs Graylog Logo
syslog-ng vs Graylog
Amazon CloudWatch vs Graylog Logo
Amazon CloudWatch vs Graylog
Google Cloud's operations suite (formerly Stackdriver) vs Graylog Logo
Google Cloud's operations suite (formerly Stackdriver) vs Graylog
USM Anywhere vs Graylog Logo
USM Anywhere vs Graylog
See all alternatives

Product Categories

Product Categories
Log Management

Popular Comparisons

Popular Comparisons
Wazuh vs Graylog Logo
Wazuh vs Graylog
Splunk Enterprise Security vs Graylog Logo
Splunk Enterprise Security vs Graylog
Dynatrace vs Graylog Logo
Dynatrace vs Graylog
Datadog vs Graylog Logo
Datadog vs Graylog
IBM Security QRadar vs Graylog Logo
IBM Security QRadar vs Graylog
Elastic Security vs Graylog Logo
Elastic Security vs Graylog
LogRhythm SIEM vs Graylog Logo
LogRhythm SIEM vs Graylog
Grafana Loki vs Graylog Logo
Grafana Loki vs Graylog
Security Onion vs Graylog Logo
Security Onion vs Graylog
Devo vs Graylog Logo
Devo vs Graylog
Fortinet FortiAnalyzer vs Graylog Logo
Fortinet FortiAnalyzer vs Graylog
syslog-ng vs Graylog Logo
syslog-ng vs Graylog
Amazon CloudWatch vs Graylog Logo
Amazon CloudWatch vs Graylog
Google Cloud's operations suite (formerly Stackdriver) vs Graylog Logo
Google Cloud's operations suite (formerly Stackdriver) vs Graylog
USM Anywhere vs Graylog Logo
USM Anywhere vs Graylog
See all alternatives
Related questions
  • 39
When evaluating Log Management tools and software, what aspect do you think is the most important to look for?
  • 4,641
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
  • 165
Which Windows event log monitoring tool do you recommend?
  • 423
What is the difference between log management and SIEM?
  • 47
Splunk vs. Elastic Stack
  • 86
How can Cloudtrail logs be used effectively to improve log monitoring?
  • 461
Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?
  • 44
When evaluating Log Management solutions, what aspect do you think is the most important to look for?
  • 13
When evaluating Log Management solutions, what aspects do you think are the most important to look for?
  • 15
Why are Log Management tools important for companies?