Grafana Loki is an efficient log aggregation system known for simple setup and integration with Grafana, supporting seamless log monitoring and data visualization across environments.
| Product | Mindshare (%) |
|---|---|
| Grafana Loki | 3.1% |
| Splunk Enterprise Security | 6.8% |
| Wazuh | 4.8% |
| Other | 85.3% |
| Title | Rating | Mindshare | Recommending | |
|---|---|---|---|---|
| Datadog | 4.3 | 4.0% | 97% | 211 interviewsAdd to research |
| Splunk Enterprise Security | 4.2 | 6.8% | 94% | 403 interviewsAdd to research |
| Company Size | Count |
|---|---|
| Small Business | 7 |
| Midsize Enterprise | 8 |
| Large Enterprise | 4 |
| Company Size | Count |
|---|---|
| Small Business | 366 |
| Midsize Enterprise | 190 |
| Large Enterprise | 598 |
Grafana Loki is a lightweight, open-source log monitoring tool that simplifies the process of dashboard creation and log collection. It offers strong integration capabilities with platforms like Kubernetes and Grafana, enhancing log collection and alert systems while ensuring cost-efficiency. Its strength lies in its robust platform for gathering detailed log data to visualize infrastructure and API performance efficiently. While it supports storing data on object-based storage across clusters, it does have areas needing improvement, such as request correlation, metric creation, and enhanced alerts. Security, dashboard intuitiveness, and Docker performance are also slated for refinements. Deployment challenges exist in environments like ECS, and older versions might experience bugs. Enhancing visualization and easing production setups would further benefit users.
What are Grafana Loki's key features?Grafana Loki finds widespread use in industries requiring comprehensive log monitoring and performance analysis, particularly in technology and infrastructure sectors. It proves essential for system health checks, device security, and network performance monitoring, aiding businesses in accessing and analyzing logs efficiently. Organizations utilize Grafana Loki to monitor system and Docker logs, optimizing performance while visualizing key data for informed decision-making.
| Author info | Rating | Review Summary |
|---|---|---|
| Regional Associate & Engineer at a outsourcing company with 1,001-5,000 employees | 4.0 | I use Grafana Loki for infrastructure and network monitoring across sectors; it's cost-effective, performs well, and integrates with other Grafana tools, though setup complexity could be improved. Support is solid, and on-premises deployment is a plus. |
| Senior System Engineer at Novell | 3.5 | I use Grafana Loki for aggregating and displaying data through dashboards, particularly for Kubernetes and Docker. Its valuable features include integration with various sources, high availability, and effective performance monitoring, surpassing options like Elasticsearch or Kibana. |
| Manager Director at Earth | 4.5 | We use Grafana Loki across various sectors to monitor security and access to devices, utilizing dashboards for tracking. The key feature is log filtering by keywords, aiding quick issue resolution. However, direct Windows Server log access would be beneficial. |
| SRE at Incen AG | 4.0 | Grafana Loki, being open source and Kubernetes native, offers easy management and cost benefits over CloudWatch. However, stability issues arise when deploying in ECS due to integration challenges, making Kubernetes a preferred environment for control and monitoring solutions. |
| Engineering Lead- Cloud and Platform Architecture at a financial services firm with 1,001-5,000 employees | 4.0 | Grafana Loki effectively processes unstructured logs and is cost-efficient, allowing logging to S3 and reading from S3. While its architecture is solid, simplifying the production-grade setup would boost adoption. Its use of Prometheus metadata is beneficial. |
| DevOps Engineer at Orochi Network | 5.0 | I use Grafana for visualizing metrics from Prometheus and logs from Loki, managed by Promtail in our Kubernetes cluster. Grafana's lightweight nature is its most valuable feature. It's stable with no current need for improvements. |
| Information Technology Buyer at BNP Paribas Partners for Innovation | 3.5 | In my company, we use Grafana Loki for infrastructure and API monitoring, creating dashboards, and setting up alerts for specific events. It's simpler to set up than Elastic and Kibana, and we've saved time, although alerting limitations exist. |
| DevOps Engineer at Venturenox | 4.5 | I find Grafana Loki to be user-friendly and particularly appreciate its intuitive GUI, making deployment and management easier compared to Zabbix. However, improvements in alert types are needed. I use AWS for deployment and prefer Grafana for handling metrics. |
| Support Specialis at Orion Innovation Romania | 4.5 | We integrate Grafana Loki across multiple environments for effective log monitoring and analysis, crafting custom dashboards tailored to specific needs. Its robust filtering maximizes search efficiency. Performance improvements could be beneficial, and we utilize AWS for deployment. MongoDB inspired backend query integrations. |
| IT Manager at Software Gurus | 4.0 | I find Grafana Loki's dashboards valuable for their simplicity, making them accessible to nontechnical users. However, improvements are needed in request correlation, alert creation, and report customization. Its fast setup and cost-effectiveness have shown a good return on investment. |
Grafana Loki is part of our observability toolkit focusing on monitoring, network performance, and infrastructure monitoring. We engage with customers specifically on tools such as Splunk, AppDynamics, and Grafana Loki, advising them on choosing the right solutions based on their requirements.
We mainly serve service providers, internet service providers, government entities, defense contractors, enterprise software, and financial sectors.
Grafana Loki's open-source capability is a significant benefit. Grafana has invested in making their enterprise tools competitive with other APM tools, facilitating cross-correlation with Mimir and Tempo for metrics and tracing. The tool offers good search functionality, and its on-premises capability is advantageous. The indexing performance is strong, making it a robust log management tool. Grafana Loki is notably cost-effective.
Improvements could be made in the enablement of the product, addressing the complexity of implementing these tools.
Each customer differs in scalability needs, so I am not entirely certain about Grafana Loki's horizontal scaling capabilities.
I would rate their support an eight—they provide good support.
Positive
A lot of our customers are service providers, internet service providers, government, defense contractors, and some enterprise software and finance organizations, so it spans across the board.
Cost-effectiveness is probably the main reason to choose anything with Grafana. It is a quality tool that is cost-effective, and combining both those factors is a win. I rate this review an 8.
Grafana Loki is used to aggregate and display data through dashboards, summarizing information from different types of systems. It provides performance capability and availability dashboards to indicate the current state of the system as part of the monitoring system.
I use this for Kubernetes and Docker technology, which makes it easy for performance and disaster recovery configuration when dealing with multiple volumes.
Different types of integrations with various sources are the most helpful and useful features of Grafana Loki that I found for myself.
As part of Kubernetes technology, I noticed benefits from using this product such as availability, configuration balancing, high availability solutions for high performance, and failover clustering. It provides a clear picture about the state of the system and gives needed information for taking action and quickly fixing problems.
I have no ideas at this moment about what could be improved in Grafana Loki.
I have been working with Grafana Loki for approximately 1 year.
It is quite easy to integrate and deploy, so it is not difficult to do these types of integrations.
Everything is acceptable for me and the functionality is sufficient regarding stability-wise issues or downtimes that I faced.
I usually do not use official support; I typically rely on community blogs and forums for support of Grafana Loki.
Neutral
Base installation takes one day, and a few days for configuring integrations is approximately how long it takes to deploy Grafana Loki.
Since it is an open source tool, there are no charges or fees.
Elasticsearch or Kibana can be alternatives for aggregation, but I think Grafana Loki is more functional for this task.
Kibana concentrates only on Elasticsearch stack and does not allow integration with other sources such as databases or other API sources.
I would rate Grafana Loki a seven out of ten because it is open source, and sometimes there can be problems that are difficult to fix without official support. It is very functional, but in my case, it can be challenging to resolve certain issues. My overall rating for the tool is seven out of ten.
We use Grafana Loki for various verticals including manufacturing, finance, health, and aerospatial sectors. It primarily helps in monitoring security and access to devices. Grafana dashboards are used to track access success and failure and audit commands issued on devices.
Loki significantly saves time in troubleshooting by quickly pinpointing network issues. It reduces server downtime by efficiently identifying problems, resulting in revenue savings.
The most valuable part of Loki is the ability to filter logs by keywords and devices. This enables quick identification of network events, aiding in swift resolution of potential issues. Additionally, it allows for the creation of dashboards that visualize the access and command logs on devices.
It would be beneficial if Loki could directly access Windows Server logs or events directly from the servers.
Loki offers great scalability, allowing us to manage and compress logs extensively. We can maintain logs for extensive periods, such as five years at an airport, demonstrating effective scalability.
We have not had to open any tickets yet, as we solve issues through forums and wikis. The documentation is comprehensive but sometimes challenging to navigate.
Positive
Previously, we used only rSyslog from Linux, however, it didn't offer a user-friendly interface like Grafana does.
The setup is straightforward and can be completed within less than one hour, allowing for rapid deployment.
Implementation requires only one engineer with open-source and network experience.
Loki leads to significant cost savings by reducing server downtime and aiding engineers in prompt issue resolution.
We use the open-source version of Loki. The cloud version is competitively priced compared to other market solutions.
We have integrated Loki with other solutions like PTRG, Nagios, and are familiar with them. I prefer Zabbix.
I would rate Loki nine out of ten overall. It's a comprehensive and versatile solution.
It's open source, it's Kubernetes native, so we have operators and things like that. It's easy to manage the instances, and fault tolerance is built into Kubernetes.
In addition to that, the cost is less than other paid services like CloudWatch. Because I have experience with Loki, it's better to have a team in-house.
Currently, we use CloudWatch, but Grafana has other signals, like Loki and logs, which have their own metrics. I don't remember the name. And there are new features like that pilot code and things like that for profiling. I think it's a great place to integrate our signals and do forensics and things like that in one single pane of glass instead of doing a lot of context-switching. The alerting system is really great.
There is room for improvement in the stability.
Challenges arise because these open-source tools are mostly intended for Kubernetes and Docker. However, my client uses ECS, and some of the guys on my team don't have expertise in Kubernetes. So, they want the solution to be deployed in ECS, a proprietary service for container management.
In that case, it is difficult to deploy in that kind of environment because we have to use a lot of integration. It's not intended for proprietary services, so you have to struggle with configuration a lot.
So that's why I'm trying to convince my team to use Kubernetes for control plane tools, monitoring, deploying, and things like that. It's easy to manage these tools.
I have worked with Loki before.
I haven't installed millions of records in Grafana so far, but I have used it in a non-production environment. The stability is good, but I know that they are capable of handling millions of logs and records because I'm a fan of the CNCF (Cloud Native Computing Foundation) landscape. Any tool recommended by CNCF is actually good.
My team includes, like, 20 to 30 people in my IT department. I think the number of users doesn't matter. I think the most important thing is if you can install millions of records.
Because it's open source, I can rely on myself and get community support for integration issues and things like that. I know it takes some time, but if you want service, you have to pay for that.
I used Amazon CloudWatch. We've been evaluating the cost associated with CloudWatch. We identified a couple of things that increased log ingestion rates, like 'info' logs and things like that.
So we are doing some optimization to reduce the log records. But we also wanted to take a look at other options like Loki, because I have worked with it before. That's one of the things I recommend, like going with open source.
I usually prefer Kubernetes, and then you can have a Helm chart. Grafana itself has different methods of deployment, like single instance and multi-tenant instances. Just by changing your Helm chart value file, you can get it deployed.
I use open source Grafana. Many companies are interested in open-source solutions that are less costly. So I usually use open source Grafana.
Overall, I would rate it an eight out of ten.
I would recommend it to other and would recommend that they should go for it because I have experience with it for some time, and they keep evolving and continuously improving. I know they have a lot of new features coming up. I think the team is doing great already.
The whole idea is to have logging enabled. We should be able to search for each and every pattern. For example, log patterns are very unstructured these days. You can't predict where they're coming from or their fields.
Fields can be dynamic and change depending on the version; when people moved from Docker Daemon to ContainerD, the log format changed. Most of the logging was impacted, especially when we built solutions using pipelines like ELK. The advantage of Loki's logging is its ability to process unstructured logs. It creates chunks and uses something similar to grep for pattern matching. It can find any pattern for us.
The most valuable feature is the cost. It can be written to S3 and read from S3. For me, cost is critical, especially at the enterprise level.
With this, I don't worry about who is logging or how much they're logging. It's a cost-effective solution. We aren't paying exorbitant amounts just for logging.
There are many advantages because it also uses the same metadata as Prometheus, using the same Discovery agent. Everything seems pretty cool and calm for me.
My main concern is the recommended production-grade setup. They suggest using tools like Tanka or Jsonnet. They should simplify the process to increase adoption. The architecture is solid, with distinct read and write parts and a caching layer, making it fast.
However, setting up a production-grade cluster takes a lot of effort to understand the components and how they fit together. That's where I see room for improvement.
I have been using this solution for one and a half years.
I haven't found any issues with Loki so far. We have stored a decent amount of data, and I feel it's stable. I haven't faced issues with logging.
It is a scalable solution. When we want to scale, we need to do due diligence on the tool and its components. It's highly scalable. Grafana has ensured that the write path and read path are different. The architecture they have, which is optimized, along with the front end, shows that Grafana Loki has put in significant effort to build this solution.
The community is really very active. If we reach out, they come to us with solutions. They are a young community. The way these guys are maintaining the complete portfolio, like Grafana and Prometheus, is impressive. Before Loki, there was only Grafana and Prometheus. Even for microservices, people mostly use solutions like Prometheus Grafana. Given their workload and their contributions to the open-source community and support, I would rate them as an eight.
Positive
If it is HelloGuard setup or doing some setup on the dev cluster, it's pretty straightforward. But when we're dealing with a heavy cluster, like 15 to 20 terabytes of data per day, we need a production-grade cluster.
For that kind of scenario, we must invest time and understand the process. We could have integrated these features within their health check, but they're using processes like Tanka and Jsonnet to implement a production service. I feel this could have been better.
If I use a metric solution for metrics, I'd use Grafana for metrics monitoring. For logging, I'd use a different tool, like ELK. And for tracing another tool. So, to troubleshoot a specific issue, I have to switch between three different consoles.
What I see in metrics isn't the same as in logs because the metadata and collection methods differ. That's where Loki comes in. Within Grafana, you can see metrics, logs, correlations, generate metrics from logs, and also set alerts.
Alerting from logs is something many companies desire. With Loki, if there's a pattern in the log, we can filter it out without altering the entire pipeline. For instance, if I had to add fields in ELK, it would require a lot of configuration changes. Loki, however, is more flexible. It uses a grep-like pattern and the metadata model from Prometheus.
It's highly efficient, with compressed data and block storage like GCS bucket or AWS S3, making log storage cost-effective. Compared to other solutions, it's more economical. Loki also has a Log CLI, which is very effective.
It's all on-premises. Like, it's on the cloud, but it's self-managed, not a managed service.
I would suggest going for it. However, my recommendation would also depend on the use cases. There are heavy solutions like full-text search engines, such as Solar and Elasticsearch. These are built mainly for e-commerce purposes, but the downside is the large metadata.
This means high storage costs. Maintaining logs also contributes significantly to maintaining metadata. For example, for a terabyte of data, if your metadata is just a few GBs, that's an advantage with Loki. If any node fails because your backend data is in S3 and the metadata is small, it recovers quickly. If you need it only for logging purposes, I'd suggest going for it. Loki offers quick wins over other solutions and is also cost-effective.
The operation overhead of maintaining it is very minimal.
Overall, I would rate the solution an eight out of ten. The reason is quite simple. These guys have introduced the concept of a unified dashboard, which is commendable. This unified dashboard allows us to monitor logs and metrics side by side.
In terms of microservice architecture, if you observe a metric from a certain part and you also see the logs for that same part side by side, it makes diagnosing issues straightforward. For instance, if there was a spike at a particular time, you can directly correlate it with the logs right beside it.
Additionally, there's flexibility in log formats. Loki doesn't restrict you to JSON, XML, or CSV. For example, today, if I'm using ContainerD and it's writing in JSON, and tomorrow, if I have another tool writing in plain text format, Loki adapts seamlessly. It parses my logs and allows analytics on top of them. Plus, it now supports SQL-like syntax, which further boosts its versatility.
The tool’s single UI supports metrics, logs, and even tracing. You can integrate tracing tools with Loki and access everything from a unified platform. The data complexity is high, but it’s efficiently stored on S3 or any object-based storage, ensuring cost efficiency.
Loki also utilizes the same service discovery mechanism as used by Prometheus. So, whatever labeled metadata you see in Prometheus, you have the exact same metadata in the Loki system.
Given this level of intricacy and the attempt to address these challenges, I firmly believe that they deserve praise for their work.
I use Grafana for visualizing my metrics, which are taken from Prometheus and node exporter. Grafana can also visualize my Loki, , and the logs is gathered by Promtail. Additionally, I manage everything in our Kubernetes cluster.
The lightweight nature of Grafana and Loki means they do not consume much of our cluster's resources, enabling us to utilize them efficiently.
I do not use Grafana and Loki for features. I use it for their lightweight capability compared to other solutions. Grafana agent is very lightweight and does not cost significant resources of our cluster.
I do not see any areas for improvement at the moment. The solution is very stable, and further improvements might result in it becoming resource-intensive like other solutions.
I have used Grafana for about one and a half years. Loki has been in use for about half a year.
The solution is very stable. We use it in our production environment, and it has not shown any issues of instability.
The scalability of Grafana is very good. I rate it nine out of ten. It performs reliably in our production setting.
I have not had to contact their support team. I resolve any issues using Google or their GitHub platform.
Positive
We have not investigated the pricing yet.
I'd rate the solution ten out of ten.
In my company, we use it for infrastructure monitoring and API monitoring, and for creating dashboards to visualize the data from this system.
Before implementing it, we lacked insight into the status of our HCI infrastructure. Now, we have the capability to directly monitor both our infrastructure and APIs. This enables us to determine whether our APIs and infrastructure are performing optimally and provides us with valuable information about the programs and systems we rely on.
The most valuable feature is the capability to set up alerts, which becomes necessary when we need to receive notifications for specific events. In our scenario, we use these alerts to detect issues such as API failures and infrastructure outages.
We encountered certain limitations when it came to alerting, particularly when dealing with specific data sources. An additional beneficial feature we'd like to see is the integration of AI or machine learning for predictive analytics, which could help anticipate production imbalances or potential issues.
I have been using it for two years.
We encountered some stability issues when it came to retrieving or searching for information within the logs. I would rate it five out of ten.
I would rate its scalability features eight out of ten.
It was remarkably straightforward to set up and deploy.
We saw a return on investment in the form of time saved.
We use a free version.
When we conducted our evaluation, we found that setting up and using Loki was simpler compared to Elastic and Kibana for logging.
I recommend it because it's highly useful. Overall, I rate it seven out of ten.
As an end user of the product, I would say that Grafana Loki is a good tool for my use cases. Though I use Loki, I mostly prefer Grafana for alerts on metrics. Recently, I deployed Grafana's internal metrics. The product's GUI is easy to use.
The product has improved the functioning of my organization, especially considering how we set the error alert during the coding or when a sudden crash occurs.
The most valuable feature of the solution is the tool's GUI. The solution's GUI is very user-friendly. With Zabbix, it is hard to use the GUI. With Grafana Loki's GUI, users can easily define what they need and what they want to deploy.
There is a need for some change in the alerting types of the product. In short, a few changes in the alert area are needed due to minor shortcomings.
It would be better if you could just use Grafana OnCall with images in the solution.
I have been using Grafana Loki for six months. I don't remember the version of the solution.
The stability of the product is good.
Scalability-wise, I rate the solution a nine out of ten.
I rate the technical support a ten out of ten.
Positive
In the past, I have used Zabbix. In the past, I have used Zabbix, and I found Grafana Loki to be easier to use, especially in the area of GUI, which is very user-friendly. I used Kubernetes cluster to run a command and log a command. Over the other products with which I have experience, I chose Grafana Loki since it is user-friendly, offers good plug-in options, is easy to manage, and is easy to deploy. I am not interested in using Zabbix because its GUI is hard to understand.
The product is easy to install, especially when deploying it on the cloud model and opting for the services offered by Amazon AWS.
I use the open-source version of the product.
In the tool, I use Promtail and Loki for log utilization.
Speaking about the scenarios in which I use Grafana Loki in terms of application debugging or incident response, I would say that I use the tool for Kubernetes cluster. In our company, we use the tool when we have to deal with container logs in a pod.
I feel that Grafana Loki is a better tool to use, especially for monitoring your infrastructure and resources.
I rate the overall tool a nine out of ten.
It is an integral part of our workflow across different environments—production, preproduction, and UAT testing. We use it to monitor and analyze logs, and create customized dashboards tailored to specific parameters like execution IDs and processing details.
Having the ability to search and retrieve logs directly on Linux is a real time-saver and a more efficient way to quickly access and store logs in specific directories. It provides a broader perspective on the issues at hand and contributes to a smoother problem-solving process.
It serves as a robust platform for gathering comprehensive information. The effectiveness of filters is pivotal for optimizing the search process and extracting the specific information we need from the extensive log data.
Enhancing speed could be a game-changer, and while it might vary depending on the application, it's a factor worth exploring.
The product is extremely stable, and there haven't been any issues with it.
Scalability varies, but it should work properly most of the times. There are approximately a hundred users in my company.
The initial setup falls somewhere in the middle in terms of ease, it's not overly complicated.
The pricing structure varies based on the number of users; there might be specific taxes to pay for it.
Our choice of a non-relational database, specifically MongoDB, plays a role. The queries generated in the backend resemble selections on MongoDB, resulting in dictionaries or JSON. That's why the decision was made to integrate Grafana Loki into our workflow.
I would recommend starting with some research, maybe a Google search, to understand how to use it. Overall, I would rate it nine out of ten.
We can provide a dashboard really fast with Grafana Loki for nontechnical people. We can generate and provide easy visibility for the people using Grafana Loki.
The most valuable feature of Grafana Loki is the dashboards which are really simple to create. Grafana Loki's dashboard is really simple to create. I usually use Grafana Loki for nontechnical people because it's so simple that they can understand it.
Grafana Loki can improve showing the whole flow of the request. The correlation of requests is not simple in Grafana Loki and can be improved. Currently, creating alerts or alarms on the Grafana Loki dashboard is a little bit complex and should be improved.
Grafana Loki's reports need to be more customizable so that I can show in my reports part of the dashboards and some metrics, etc.
I have been using Grafana Loki for four years.
Grafana Loki's stability needs a little work. The solution is simple on-premises, but sometimes, it has issues. I rate Grafana Loki a seven out of ten for stability.
I rate Grafana Loki an eight out of ten for scalability.
Grafana Loki's technical support is not good. We would be lost if we didn't have the Grafana community support.
Neutral
Grafana Loki's initial setup was simple because we used a docker to set it up.
The time to set up and configure Grafana Loki is really fast, and it provides a quick review of what is happening on the systems. We have seen a return on investment with Grafana Loki, given that its on-premises version is free and the on-cloud version is cheap.
You can use the free version of Grafana Loki on-premises. The on-cloud version of Grafana Loki is also affordable and not expensive.
I am using the latest version of Grafana Loki. I'm using both the cloud and the on-premises Grafana Loki solution.
Grafana Loki is simple to set up. Non-technical people can use it because it's so simple that you don't need to spend many hours checking or studying it. I suggest Grafana Loki as the first simple and cheap solution for somebody who wants some monitoring of their system.
Overall, I rate Grafana Loki an eight out of ten.
