Graylog Reviews

I use this solution regularly for analyzing incidents, collecting them to figure out what's going on. For now, I'm using it myself but would like to also deploy for some of my customers in the near future. I'm an entrepreneur in a security solutions company and a customer of Graylog. 

I like the simplicity of the solution, the fact that it's open source and user friendly.

It would be helpful if they would work more on the documentation because it's not very clear and ideally I'd like to be able to do more myself, but would need some additional guidelines and material for that.

I've been using this solution for a year. 

It's a stable solution. 

I believe it's a scalable solution but haven't tested it yet. 

The technical support is a weak point in this product. It's not so easy to contact them and they don't answer immediately. Sometimes it takes a lot of time and the wait is difficult. If I had enough documentation I might not need the support. 

The initial setup was relatively straightforward. I was able to deploy it myself in a couple of days. For now, I'm the only user. I know it can be scaled for free for up to five users and I'll test that soon. 

This is a good product and I would rate it an eight out of 10. 

On-premises

This had increased productivity for the dev and support teams, because we are directly notifying them. Now, they have to come to dev for every issue. 

The Stream Alert feature is a highlight of this. As for similar products, there are separate integrations, but Graylog ships this with the build.

There should be some user groups and an auto sign-in feature.

One to three years.

No issues.

Not yet.

We are not using any technical support.

No.

It was pretty straightforward.

None, as we are not using an enterprise solution.

We had evaluated ELK Stack, but found Graylog more useful for our use case.

I will say that if you are using this, then explore all the features. You will find this like a swiss army knife.

We use it for central log management and log aggregation. We use it for non-security events.

We're using the Community edition, but I know that it has really good dashboarding and alerts.

More customization is always useful.

It has been about three years. I'm currently not using the tool myself, but my team is using it.

It is stable.

It is scalable.

We're not using the Enterprise license. We're using the Community edition, and support is not offered with it.

It was easy to set up. 

We did it ourselves.

We're using the Community edition.

This decision was already made before I got to the organization.

I would recommend this solution to others. It is for small and medium organizations.

I would rate it a seven out of 10.

On-premises

In my opinion, the best use case for Graylog is for backend services due to its excellent real-time updates. It is especially effective with strong type languages, like Java or C++. The streaming of messages happens with the GELF protocol over UDP, making it quite fast. Deploying Graylog into a Docker image where microservices are placed allows for easy log retrieval. Logs from different Docker machines can be combined into one Graylog instance, providing a complete view of backend behavior for both developers and customer support teams.

Graylog is valuable because it bridges technical knowledge to non-technical teams, presenting complex backend processes in a simple timeline. It boosts the knowledge of sales and customer support teams by allowing them to see the backend operations without needing to read the code. Its API is flexible for visualization, and its powerful search engine efficiently handles large volumes of log data. Moreover, its stability, fast search capabilities, and compatibility with languages like ANSI SQL enhance its utility in IT infrastructure.

An improvement I would suggest is in Graylog's user interface, such as allowing for font size adjustments. A potential enhancement could be the integration with Ollama to run large language models locally, maintaining high privacy standards.

I have been using Graylog for three years.

Deploying Graylog required about one week of preparation to evaluate the best setup, especially regarding Docker integration and the computing power requirements for scalability.

Graylog is very stable and capable of handling millions of messages without sudden shutdowns or service interruptions.

Deploying on the cloud for Graylog is advisable due to its need for scalability under varying message loads. Graylog offers the capability to withstand large volumes of data, adapting to fluctuating inflows.

I never personally reached out to Graylog technical support. I mostly relied on documentation to address my needs, which was adequate for my purposes.

Neutral

I used my own logging service, Elasticsearch, and OpenSearch before transitioning to Graylog. OpenSearch was not as intuitive and had a steeper learning curve compared to Graylog.

The initial setup of Graylog was straightforward, provided the codebase was prepared for logging. The documentation, although not visually appealing, was informative and helpful.

I am not familiar with the pricing details of Graylog, as I was not responsible for that aspect. It was determined that we didn't need an enterprise plan, which is more suited for clients with less programming capabilities.

I evaluated Datadog among other solutions, but its pricing model deterred me since I preferred a solution like Graylog, which allowed testing without initial payment.

I would recommend Graylog for its stability, API capabilities, and fast search engine. However, it's not ideal for developers lacking in setting up comprehensive logging in their codebase. I rate Graylog an eight out of ten.

On-premises