Try our new research platform with insights from 80,000+ expert users

Devo vs Graylog comparison

Devo and Graylog are both solutions in the Log Management category. Devo is ranked #27 with an average rating of 8.5, while Graylog is ranked #16 with an average rating of 6.5. Devo holds a 0.6% mindshare in Log Management, compared to Graylog’s 6.6% mindshare. Additionally, 95% of Devo users are willing to recommend the solution, compared to 94% of Graylog users who would recommend it.
Devo
Read 22 Devo reviews
  • 1,990 Views
  • 947 Comparison Views
95% willing to recommend
Graylog
Read 19 Graylog reviews
  • 9,555 Views
  • 8,400 Comparison Views
94% willing to recommend
 

Comparison Buyer's Guide

Download the report
Executive SummaryUpdated on Oct 9, 2024

Graylog and Devo are competitive in the log management solutions category, with Devo slightly leading due to its advanced features and higher user satisfaction.

Features: Graylog offers effective search capabilities, intuitive usability, and cost-efficient performance, making it appealing to budget-conscious users. Devo provides real-time analytics, comprehensive data visualization, and extensive functionality, attracting those requiring sophisticated solutions.

Room for Improvement: Graylog needs improved documentation, enhanced alerting, and more user-friendly interfaces. Devo could benefit from refining its query language, streamlining navigation, and reducing the complexity of its tools.

Ease of Deployment and Customer Service: Graylog is known for easy deployment backed by strong customer support, aiding users with fewer technical resources. Devo's deployment necessitates more initial setup but is supported by responsive customer service, maintaining parity with Graylog in overall support quality.

Pricing and ROI: Graylog offers a cost-effective solution with notable ROI, ideal for small to medium enterprises. Devo, with higher initial costs, delivers satisfactory ROI due to its advanced features, making it an attractive investment for larger enterprises seeking extensive capabilities.

DOWNLOAD THE COMPLETE REPORT
To learn more, read our detailed Devo vs. Graylog Report (Updated: March 2025).
Buyer's Guide
Devo vs. Graylog
March 2025
Download the complete report
Helped 845,406 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Devo
Ranking in Log Management
27th
Average Rating
8.4
Reviews Sentiment
7.1
Number of Reviews
22
Ranking in other categories
Security Information and Event Management (SIEM) (28th), IT Operations Analytics (6th), AIOps (15th)
Graylog
Ranking in Log Management
16th
Average Rating
8.0
Reviews Sentiment
6.7
Number of Reviews
19
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of April 2025, in the Log Management category, the mindshare of Devo is 0.6%, down from 0.8% compared to the previous year. The mindshare of Graylog is 6.6%, up from 5.7% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

Michael Wenn - PeerSpot reviewer
Has cloud-first architecture with SIEM technology to run security operations
When it comes to scale, they're architected quite well. They handle some of the biggest customers globally, with significant throughput on their platform, managing thousands of customers. One of the most impressive aspects of Devo is its customer community. A large majority, over 80 percent of their customers, actively participate on a Devo-specific community page. They're contributing to product development and support, events, and user group information, helping each other out. This high level of engagement is rare and demonstrates both the loyalty of their customer base and the quality of their product. They offer a range of small, medium, and large options to cater to everyone. I sold Devo products while working with them, focusing on enterprise solutions. However, as a small reseller, my customers were typically smaller businesses. I rate the solution's scalability a nine out of ten.
Read full review
Andrey Mostovykh - PeerSpot reviewer
Real-time analysis, easy setup, and open source
We stopped using it for analytics because of its price, and at the moment, we are using it mostly for log centralization. If you use it with high traffic for analytical purposes, as well as for the logs, the infrastructure costs are unbelievable. Graylog is a great product backed by Elasticsearch as the storage and query engine. It is just an interface on top of Elasticsearch and some Elasticsearch management. The indexes that are kept in Elasticsearch are managed by Graylog software. Elasticsearch is a decent product, but it's very infrastructure-heavy. It requires lots of resources, and if you make a mistake with provisioning, you are likely to not get a cluster back. We had a couple of outages like that, and we hated that. So, we ended up over-provisioning resources just to avoid such situations from happening. If you have a whole team trying to fix the Graylog instance for two days, that's a bit too much. That may be my Norwegian take on it, but the engineering resources are expensive. It's better to just provision the infrastructure. Overall, the product is great, and the features are just fine, but the infrastructure cost is what is killing it. The infrastructure cost is the main issue. I like the rest. If the infrastructure costs could be lower, it would be fantastic. I'm not sure if they can improve the infrastructure cost with the way Elasticsearch is. If they keep using Elasticsearch, maybe there are some opportunities there, or they can support other backends with cheaper storage. They could have a different backend to replace Elasticsearch or do some tweaks to Elasticsearch to reduce the costs. There could be partial parsing of logs or parsing on demand so that when you write data through Graylog to Elasticsearch, it doesn't need to crunch in every detail requiring that much CPU.
Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"Devo helps us to unlock the full power of our data because they have more than 450 parsers, which means that we can ingest pretty much any type of log data."
"One of the biggest features of the UI is that you see the actual code of what you're doing in the graphical user interface, in a little window on the side. Whatever you're doing, you see the code, what's happening. And you can really quickly switch between using the GUI and using the code. That's really useful."
"Devo provides a multi-tenant, cloud-native architecture. This is critical for managed service provider environments or multinational organizations who may have subsidiaries globally. It gives organizations a way to consolidate their data in a single accessible location, yet keep the data separate. This allows for global views and/or isolated views restricted by access controls by company or business unit."
"The querying and the log-retention capabilities are pretty powerful. Those provide some of the biggest value-add for us."
"Scalability is one of Devo's strengths."
"The most powerful feature is the way the data is stored and extracted. The data is always stored in its original format and you can normalize the data after it has been stored."
"The alerting is much better than I anticipated. We don't get as many alerts as I thought we would, but that nobody's fault, it's just the way it is."
"It's very, very versatile."
More Devo pros
"Message forwarding through the in-built module."
"UDP is a fast and lightweight protocol, perfect for sending large volumes of logs with minimal overhead."
"The product is scalable. The solution is stable."
"I am very proud of how very stable the solution is."
"The solution's most valuable feature is its new interface."
"Open source and user friendly."
"The build is stable and requires little maintenance, even compared to some extremely expensive products."
"Real-time UDP/GELF logging and full text-based searching."
More Graylog pros
 

Cons

"They can improve their AI capabilities"
"Where Devo has room for improvement is the data ingestion and parsing. We tend to have to work with the Devo support team to bring on and ingest new sources of data."
"There is room for improvement in the ability to parse different log types. I would go as far as to say the product is deficient in its ability to parse multiple, different log types, including logs from major vendors that are supported by competitors. Additionally, the time that it takes to turn around a supported parser for customers and common log source types, which are generally accepted standards in the industry, is not acceptable. This has impacted customer onboarding and customer relationships for us on multiple fronts."
"The biggest area with room for improvement in Devo is the Security Operations module that just isn't there yet. That goes back to building out how they're going to do content and larger correlation and aggregation of data across multiple things, as well as natively ingesting CTI to create rule sets."
"Some of the documentation could be improved a little bit. A lot of times it doesn't go as deep into some of the critical issues you might run into. They've been really good to shore us up with support, but some of the documentation could be a little bit better."
"The Activeboards feature is not as mature regarding the look and feel. Its functionality is mature, but the look and feel is not there. For example, if you have some data sets and are trying to get some graphics, you cannot change anything. There's just one format for the graphics. You cannot change the size of the font, the font itself, etc."
"Technical support could be better."
"My opinion on the solution's technical support is not as great as it could be because of the issues I have faced regarding the service management element."
More Devo cons
"When it comes to configuring the processing pipeline, writing the rules can be very tedious, especially since the documentation isn't extensive on how the functions provided for these rules work."
"Over six months, I had two similar issues where searches were performed on field "messages". It exhausted all the memory of the ES node causing an ES crash and a Graylog halt."
"More customization is always useful."
"The infrastructure cost is the main issue. I like the rest. If the infrastructure costs could be lower, it would be fantastic."
"Graylog needs to improve their authentication. Also, the fact that Graylog displays logs from the top down is just ridiculous."
"The biggest problem is the collector application, as we wanted to avoid using Graylog Collector Sidecar due to its architecture."
"Lacks sufficient documentation."
"Elasticsearch recommendations for tuning could be better. Graylog doesn't have direct support for running the system inside of Kubernetes, so it can be challenging to fill in the gaps and set up containers in a way that is both performant and stable."
More Graylog cons
 

Pricing and Cost Advice

"It's a per gigabyte cost for ingestion of data. For every gigabyte that you ingest, it's whatever you negotiated your price for. Compared to other contracts that we've had for cloud providers, it's significantly less."
"It's very competitive. That was also a primary draw for us. Some of the licensing models with solutions like Splunk and Sentinel were attractive upfront, but there were so many micro-charges and services we would've had to add on to make them what we wanted. We had to include things like SOAR and extended capabilities, whereas all those capabilities are completely included with the Devo platform. I haven't seen any additional fee."
"I'm not involved in the financial aspect, but I think the licensing costs are similar to other solutions. If all the solutions have a similar cost, Devo provides more for the money."
"I like the pricing very much. They keep it simple. It is a single price based on data ingested, and they do it on an average. If you get a spike of data that flows in, they will not stick it to you or charge you for that. They are very fair about that."
"Pricing is based on the number of gigabytes of ingestion by volume, and it's on a 30-day average. If you go over one day, that's not a big deal as long as the average is what you expected it to be."
"[Devo was] in the ballpark with at least a couple of the other front-runners that we were looking at. Devo is a good value and, given the quality of the product, I would expect to pay more."
"Devo was very cost-competitive... Devo did come with that 400 days of hot data, and that was not the case with other products."
"Be cautious of metadata inclusion for log types in pricing, as there are some "gotchas" with that."
More Devo pricing and cost advice
"We're using the Community edition."
"I am using a community edition. I have not looked at the enterprise offering from Graylog."
"There is an open source version and an enterprise version. I wouldn't recommend the enterprise version, but as an open source solution, it is solid and works really well."
"If you want something that works and do not have the money for Splunk or QRadar, take Graylog.​​"
"It's an open-source solution that can be used free of charge."
"Graylog is a free open-source solution. The free version has a capacity limitation of 2 GB daily, if you want to go above this you have to purchase a license."
"I use the free version of Graylog."
"​You get a lot out-of-the-box with the non-enterprise version, so give it a try first."
More Graylog pricing and cost advice
report
See which vendors are best for you
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
See recommendations
845,406 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Financial Services Firm
17%
Computer Software Company
15%
University
8%
Government
8%
Computer Software Company
17%
Comms Service Provider
10%
Government
8%
University
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

What do you like most about Devo?
Devo has a really good website for creating custom configurations.
See all answers
What is your experience regarding pricing and costs for Devo?
Compared to Splunk or SentinelOne, it is really expensive. I rate the product’s pricing a nine out of ten, where one is cheap and ten is expensive.
See all answers
What needs improvement with Devo?
They can improve their AI capabilities. If you look at some integrations like XDR or AI, which add to the platform to correlate situations in events, there are areas for enhancement. For instance, ...
See all answers
What do you like most about Graylog?
The product is scalable. The solution is stable.
See all answers
What is your experience regarding pricing and costs for Graylog?
We are using the free version of the product. However, the paid version is expensive.
See all answers
What needs improvement with Graylog?
When it comes to configuring the processing pipeline, writing the rules can be very tedious, especially since the documentation isn't extensive on how the functions provided for these rules work. P...
See all answers
 

Comparisons

Splunk Enterprise Security vs Devo Logo
Splunk Enterprise Security vs Devo
Compared 18% of the time
IBM Security QRadar vs Devo Logo
IBM Security QRadar vs Devo
Compared 17% of the time
Microsoft Sentinel vs Devo Logo
Microsoft Sentinel vs Devo
Compared 17% of the time
Wazuh vs Devo Logo
Wazuh vs Devo
Compared 6% of the time
LogRhythm SIEM vs Devo Logo
LogRhythm SIEM vs Devo
Compared 6% of the time
More Devo Competitors
Grafana Loki vs Graylog Logo
Grafana Loki vs Graylog
Compared 41% of the time
Wazuh vs Graylog Logo
Wazuh vs Graylog
Compared 24% of the time
syslog-ng vs Graylog Logo
syslog-ng vs Graylog
Compared 11% of the time
Security Onion vs Graylog Logo
Security Onion vs Graylog
Compared 5% of the time
Seq vs Graylog Logo
Seq vs Graylog
Compared 3% of the time
More Graylog Competitors
 

Product Reports

Buyer's Guide
Devo
March 2025
Devo reportDownload Devo product report
Buyer's Guide
Graylog
March 2025
Graylog reportDownload Graylog product report
 

Also Known As

No data available
Graylog2
 

Overview

Devo is the only cloud-native logging and security analytics platform that releases the full potential of all your data to empower bold, confident action when it matters most. Only the Devo platform delivers the powerful combination of real-time visibility, high-performance analytics, scalability, multitenancy, and low TCO crucial for monitoring and securing business operations as enterprises accelerate their shift to the cloud.

Devo

Graylog is purpose-built to deliver the best log collection, storage, enrichment, and analysis. Graylog is:

  • Considerably faster analysis speeds.
  • More robust and easier-to-use analysis platform.
  • Simpler administration and infrastructure management.
  • Lower cost than alternatives.
  • Full-scale customer service.
  • No expensive training or tool experts required.
Graylog
 

Sample Customers

United States Air Force, Rubrik, SentinelOne, Critical Start, NHL, Panda Security, Telefonica, CaixaBank, OpenText, IGT, OneMain Financial, SurveyMonkey, FanDuel, H&R Block, Ulta Beauty, Manulife, Moneylion, Chime Bank, Magna International, American Express Global Business Travel
Blue Cross Blue Shield, eBay, Cisco, LinkedIn, SAP, King.com, Twilio, Deutsche Presse-Agentur
Buyer's Guide
Devo vs. Graylog
March 2025
Free Report: Devo vs. Graylog
Find out what your peers are saying about Devo vs. Graylog and other solutions. Updated: March 2025.
DOWNLOAD NOW
845,406 professionals have used our research since 2012.
See our Devo vs. Graylog report.
See our list of best Log Management vendors.

We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.