It's been two months since this profile received a new review

Graylog Reviews & Product Details

Graylog is a log management and security information and event management (SIEM) solution designed to assist security and IT teams in detecting, investigating, and responding to potential threats with increased efficiency. By leveraging advanced technologies such as scalable log management, real-time data correlation, and explainable artificial intelligence (AI), Graylog transforms complex data sets into actionable insights, enabling organizations to make informed decisions swiftly. The platform caters to a diverse range of users, from small businesses to large enterprises, all of whom require enhanced visibility and control over their IT environments. Graylog is particularly beneficial for security analysts and IT professionals who need to sift through vast amounts of log data to identify anomalies, track incidents, and ensure compliance with various regulatory standards. Its user-friendly interface and powerful analytical tools streamline the process of threat detection and response, making it an essential asset for organizations aiming to bolster their cybersecurity posture. Key features of Graylog include automated workflows that simplify repetitive tasks, anomaly detection capabilities that flag unusual patterns in data, and guided investigations that assist users in navigating complex security incidents. The platform also offers AI-driven summaries that distill critical information, allowing analysts to focus on high-priority issues without getting bogged down by excessive data. These features collectively enhance the speed and accuracy of threat responses, ensuring that security teams remain in control of their environments. Graylog's versatility is evident in its range of products, which includes Graylog Security, Enterprise, API Security, and Open solutions. Each product is tailored to meet the specific needs of different organizations, providing clarity and context across various operational landscapes. With a user base of over 60,000 organizations globally, Graylog has established itself as a trusted partner in the realm of cybersecurity and log management, helping teams navigate the complexities of modern threats while maintaining a clear focus on their objectives.

Product Website

Seller

Graylog

Discussions

Graylog Community

Languages Supported

English

Overview by

Kimber Spradlin (Chief Marketing Officer, Graylog)

Pricing

Pricing provided by Graylog.

Graylog Enterprise

Starting at $15,000.00

Per Year

View More Pricing Information

Graylog Media

SIEM & Log Management

Official Downloads

(4)

edit

Fixing SIEM Fatigue: A Practical Guide to Smarter Security Ops

5 Essentials Strategies to Combat Phishing Threats

How to Find your Very Attacked People and Protect Them

G2 reviews are authentic and verified.

Here's how.

Verified User in Information Services

Mid-Market (51-1000 emp.)

8/17/2019

"Collect and analyze data"

4.5/5

What do you like best about Graylog?

I like the security in the product and the peace of mind that I’ll get the results I need. Review collected by and hosted on G2.com.

What do you dislike about Graylog?

Integration process and setup takes a bit to get going. Review collected by and hosted on G2.com.

Riccardo P.

Partner, Business Developer

Information Technology and Services

Enterprise (> 1000 emp.)

11/6/2018

Business partner of the seller or seller's competitor, not included in G2 scores.

"Implemented many solutions c/o different end customers for log management and other purpose"

5/5

What do you like best about Graylog?

The product flexibility, when you have some machine data somewhere and you want to get it, manipulate it and analyze it. The possibility to start free and then switch, when needed, to the enterprise solution Review collected by and hosted on G2.com.

What do you dislike about Graylog?

It would be good to have more options to manipulate and present the data without the need of external solutions Review collected by and hosted on G2.com.

Verified User in Information Technology and Services

Small-Business (50 or fewer emp.)

11/23/2018

"Log Management for Everyone"

4/5

What do you like best about Graylog?

You can start with a single server, and migrate to a multi-server, highly available logging monster. Because there is no restriction on licensing for the base Graylog product, you can setup a test deployment and test what will happen when you upgrade etc in production.

The community is helpful and active. The product is getting updates frequently.

The system has a purpose built Graylog Collector client which you can monitor directly through the Graylog web interface to determine if the system is still sending logs properly.

Easily integrates with Active Directory to allow authentication of users. Also has the ability to integrate with AD Groups for providing easy access to new users.

All of the Graylog web interface is using the Graylog API. The API browser is well thought out and fully documented. Development teams should find it easy to navigate the API in order to integrate with Graylog. API access also means that any system used for monitoring that can make API calls will be able to query Graylog for system health statistics easily.

Overall the system is very well thought through and comprehensive. Review collected by and hosted on G2.com.

What do you dislike about Graylog?

Documentation needs improvement. The marketplace is a bit hit or miss as far as the quality of the plugins.

Customer submitted marketplace items are not curated. Anyone who wants to put together a plug-in can, and while that's great it leads to a highly fragmented experience.

Graylog still relies on Elasticsearch 5.6.x which means that a large amount of the new Elasticsearch improvements are not yet supported.

The Collector Sidecar can and will stop sending logs at random, on Windows, or not startup during system startup after a reboot. Having a system that either forces the service to start or automatically restarts the service at a set period is ideal. Review collected by and hosted on G2.com.

Recommendations to others considering Graylog:

Have a solid understanding of Linux. Also learn the basics of MongoDB in an HA cluster, Elasticsearch in a clustered deployment. Graylog relies heavily on these two products in order to properly operate. Ensure that you have either the ability to run HAProxy, Nginx,

If you don't know how your systems log, what those logs look like, or how you're going to get the logs out of the system and into a log stream to another product you need to start there. Graylog will require that you either log things in a well known format (typical of all logging solutions) or use a combo of Regex/GROK/Graylog Processing Pipelines to break out the logs into different fields so they are individually searchable. Other products have a much larger supported base of these available. If you can't find one you'll be left to either ingest logs as a blob in the message field, or learn to write your own processor pipelines. If you have the ability to pay for professional services then you can enlist Graylog corporate to assist you. Review collected by and hosted on G2.com.

What problems is Graylog solving and how is that benefiting you?

Log management for all devices.

Netflow capture of all network devices.

Historic capture of all events and alerting on those events.

Active Directory log analysis and forensics.

Event correlation and issue root cause. Review collected by and hosted on G2.com.

Robert S.

Enterprise (> 1000 emp.)

6/15/2018

"Amazing centralized logging platform with a great looking interface."

4/5

What do you like best about Graylog?

- Easy to try out thanks for the OVA/docker

- Interface updates in real-time

- Good looking dashboards

- Integrates into various platforms like Slack for alerting

- Has API Review collected by and hosted on G2.com.

What do you dislike about Graylog?

- Some aspects such as pipelines and collector snippets can have a bit of a learning curve

- Initial configuration of streams and alerts can take a long time. This can be setup using the API if you have time to look into that. Review collected by and hosted on G2.com.

Recommendations to others considering Graylog:

If you're a business that needs a quick solution to drop in place for centralized logging, definitely look into Graylog. ELK stack also widely used, but that requires more setting up. Depending on your needs, this can be up and running in minutes if using the OVA. Review collected by and hosted on G2.com.

What problems is Graylog solving and how is that benefiting you?

We initially set this up to do basic monitoring of various SQL, disk, and logon events in our Windows environment. Once it was up and running, we saw the large amount of data we could analyze and our dashboards have been expanding ever since. From all this new insight we have been able to address issues we didn't even know were happening. Review collected by and hosted on G2.com.

Verified User in Logistics and Supply Chain

Mid-Market (51-1000 emp.)

11/6/2018

"GraylogReview"

4.5/5

What do you like best about Graylog?

I like graylog ability to ingest data from variety of sources, run analytics, and extremely fast searches. Review collected by and hosted on G2.com.

What do you dislike about Graylog?

Well, not really dislike, but I would be happy if graylog introduce more dashboard graphs something like kibana, rules simulation engine to test the rules, how to use rules with real examples (documentation), ability to run search queries based on Boolean logic between 2 different documents [correlation] for example show data from all the events where logon id matches (something like vlookup/slookup but enhanced), ability to download automatic correlation rules something like alienvault ossim. Review collected by and hosted on G2.com.

Thiago B.

Defensive Security Leader

Information Technology and Services

Enterprise (> 1000 emp.)

11/6/2018

"Great Solution"

4/5

What do you like best about Graylog?

Speedy Searches and Normalized Logs. The interface is easy to use and bery intuitive. The Indices are Flexibles. Review collected by and hosted on G2.com.

What do you dislike about Graylog?

Archiving feature is limited and lack of a better integration to Cloud Storages like Azure Blob and GCP. in addition do Amazon S3. Review collected by and hosted on G2.com.

Serhii M.

Sales Specialist

Information Technology and Services

Mid-Market (51-1000 emp.)

7/24/2018

"Finally, all your log data available and accessible in one central location"

4.5/5

What do you like best about Graylog?

Audit Log records and stores actions taken by a user or administrator that make changes in your Graylog system. With the new archiving functionality in Graylog Enterprise, you can now store everything older than 30 days on slow storage and only re-import it into Graylog when you need it. Review collected by and hosted on G2.com.

What do you dislike about Graylog?

Search through terabytes of log data to discover and analyze important information. Now they have a powerful search syntax, which makes browsing process easier, but before it was a little bit confusing. Visualize metrics and statistics could be more creative and you wish simply for more. Review collected by and hosted on G2.com.

Recommendations to others considering Graylog:

This software has a nice prices for business usage and as well the search is really good developed. If you will need to get an information from the past it will not be a problem for you to do that. So considering this soft for business is a really good idea. I will highly recommend that product for new users. First of all try it for some time before grading it. Review collected by and hosted on G2.com.

What problems is Graylog solving and how is that benefiting you?

We are using this product to work with data that we gather through out the working time. It helps to collect and gather data properly, so whenever you will need to check your archive you will know where to look for a specific information. Review collected by and hosted on G2.com.

Christopher B.

DevOps Engineer

Human Resources

Mid-Market (51-1000 emp.)

11/6/2018

"Takes a bit to setup, but great once running"

3.5/5

What do you like best about Graylog?

The query language is intuitive, and the UI is attractive and usable. Insights into infrastructure quality (e.g. info on the Elasticsearch backend) are great. Review collected by and hosted on G2.com.

What do you dislike about Graylog?

One-way communication to Elasticsearch, and a lack of oversight on extensions can make getting Graylog set up for your own personal environment a bit of a chore. Review collected by and hosted on G2.com.

Recommendations to others considering Graylog:

Get a handle on what types of logs you will need Graylog to ingest and research on the ease of getting those log types into the product. Our biggest barrier to entry was aggregating a lot of different log thypes. Review collected by and hosted on G2.com.

What problems is Graylog solving and how is that benefiting you?

Insight into log analytics, centralized log observation. Review collected by and hosted on G2.com.

Verified User in Textiles

Enterprise (> 1000 emp.)

11/8/2018

"Most advanced and versatile log manager out there"

4.5/5

What do you like best about Graylog?

Together with NXlog, or other log collection tools, Graylog is extremely powerful in the way you can filter/search for specific events. Even the free community version has been, still is actually, very useful to us. Review collected by and hosted on G2.com.

What do you dislike about Graylog?

I don't like that it needs Java to run. Other than that, nothing comes to mind. Review collected by and hosted on G2.com.

Recommendations to others considering Graylog:

If you are considering Graylog, then you must give it a try. I am certain that you will not be disappointed. Review collected by and hosted on G2.com.

What problems is Graylog solving and how is that benefiting you?

Collecting and consolidating security events from certain servers in our organization, using the power of Graylog to create an easy way to search for events. Review collected by and hosted on G2.com.

Brad J.

Head Honcho/Janitor

Information Technology and Services

Small-Business (50 or fewer emp.)

7/30/2018

"Excellent open-source log aggregation, highly-customizable"

5/5

What do you like best about Graylog?

Graylog supports both lower-level log formats (like Syslog TCP/UDP, raw streams) as well as its own Gelf formatter, which is broadly supported by applications. I can combine the two for, say, a Kubernetes cluster where fluentd sends logs via Syslog and my applications use Gelf. Review collected by and hosted on G2.com.

What do you dislike about Graylog?

The initial setup can be a bit confusing depending on your environment; you need to manage an Elasticsearch cluster and it has a bit of a learning curve if you haven't managed your own indexes and retention policies. Some of the terminology in Graylog is used in a very specific way that might not match entirely to your mind-map, but it just takes some getting used to. Review collected by and hosted on G2.com.