Try our new research platform with insights from 80,000+ expert users
Graylog Logo

Graylog pros and cons

Vendor: Graylog
4.0 out of 5
402 followers
Start review

Pros & Cons summary

Graylog offers message forwarding, alert writing, and integration with Slack and OpsGenie, enhancing security and compliance. It features scalable architecture and Elasticsearch integration for analytics, though lacks Kubernetes support. While bridging technical teams and aiding detailed analysis, its infrastructure costs and complex index rotation need improvement. Challenges include circuit-breaking exceptions in Elasticsearch and limited support without an enterprise license, which can hinder performance and user assistance.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.
Get the report

Prominent pros & cons

PROS

Message forwarding through the in-built module.
The ability to write custom alerts is key to information security and compliance.
Storing logs in Elasticsearch enables extremely fast log retrieval with full text search available by default.
Graylog is valuable because it bridges technical knowledge to non-technical teams, presenting complex backend processes in a simple timeline.
The integration capabilities with existing platforms like Slack and OpsGenie allow for proactive error alerts.

CONS

The collector application architecture is problematic, prompting users to avoid using Graylog Collector Sidecar.
Elasticsearch recommendations for tuning could be improved, and difficulties arise with Kubernetes support.
Users encounter issues with Elasticsearch due to field data size, affecting stability and resource management.
The initial setup is complex, and creating processing pipeline rules is tedious due to insufficient documentation.
Infrastructure costs are a significant concern, impacting the overall affordability.
 

Graylog Pros review quotes

Andrey Mostovykh - PeerSpot reviewer
Sep 27, 2022
What I like about Graylog is that it's real-time and you have access to the raw data. So, you ingest it, and you have access to every message and every data item you ingest. You can then build analytics on top of that. You can look at the raw data, and you can do some volumetric estimations, such as how big traffic you have, how many messages of data of a type you have, etc.
Read full review
SG
May 9, 2025
The Graylog features that have proven to be most beneficial for our data analysis in particular are that we tend to use it as a big data store, so we have the correlation rules that, if something matches under certain conditions, it raises an alarm.
Read full review
Peter Malaty - PeerSpot reviewer
Sep 30, 2022
Everything stands out as valuable, including the fact that I can quantify and qualify the logs, create pipelines and process the logs in any way I like, and create charts or data maps.
Read full review
Buyer's Guide
Graylog
May 2025
Free Report: Graylog Reviews and More
Learn what your peers think about Graylog. Get advice and tips from experienced pros sharing their opinions. Updated: May 2025.
DOWNLOAD NOW
851,604 professionals have used our research since 2012.
it_user776922 - PeerSpot reviewer
Nov 22, 2017
The ability to write custom alerts is key to information security and compliance.
Read full review
Jonas Leeb - PeerSpot reviewer
Sep 22, 2022
One of the most valuable features is that you are able to do a very detailed search through the log messages in the overview.
Read full review
Ivan Kokalovic - PeerSpot reviewer
Apr 23, 2025
Graylog is valuable because it bridges technical knowledge to non-technical teams, presenting complex backend processes in a simple timeline.
Read full review
AK
Jan 27, 2025
It has data adapters and lookup tables that utilize HTTP calls to APIs.
Read full review
it_user995112 - PeerSpot reviewer
Aug 26, 2019
I am very proud of how very stable the solution is.
Read full review
CN
Dec 7, 2020
Graylog's search functionality, alerting functionality, user management, and dashboards are useful.
Read full review
it_user774168 - PeerSpot reviewer
Nov 16, 2017
Message forwarding through the in-built module.
Read full review
Show 10 more reviews (out of 20)
 

Graylog Cons review quotes

Andrey Mostovykh - PeerSpot reviewer
Sep 27, 2022
The infrastructure cost is the main issue. I like the rest. If the infrastructure costs could be lower, it would be fantastic.
Read full review
SG
May 9, 2025
The area in Graylog that needs to be improved or enhanced would be the integrations.
Read full review
Peter Malaty - PeerSpot reviewer
Sep 30, 2022
Graylog needs to improve their authentication. Also, the fact that Graylog displays logs from the top down is just ridiculous.
Read full review
Buyer's Guide
Graylog
May 2025
Free Report: Graylog Reviews and More
Learn what your peers think about Graylog. Get advice and tips from experienced pros sharing their opinions. Updated: May 2025.
DOWNLOAD NOW
851,604 professionals have used our research since 2012.
it_user776922 - PeerSpot reviewer
Nov 22, 2017
I would like to see a default dashboard widget that shows the topology of the clusters defined for the graylog install.
Read full review
Jonas Leeb - PeerSpot reviewer
Sep 22, 2022
It would be great if Graylog could provide a better Python package in order to make it easier to use for the Python community.
Read full review
AK
Jan 27, 2025
When it comes to configuring the processing pipeline, writing the rules can be very tedious, especially since the documentation isn't extensive on how the functions provided for these rules work.
Read full review
it_user995112 - PeerSpot reviewer
Aug 26, 2019
I would like to see a date and time in the Graylog Grok patterns so that I can save time when searching for a log. I like how the streams and the search query work, but adding a date and time will allow me to pull out a log in a milli-second.
Read full review
CN
Dec 7, 2020
Graylog can improve the index rotation as it's quite a complex solution.
Read full review
it_user774168 - PeerSpot reviewer
Nov 16, 2017
The biggest problem is the collector application, as we wanted to avoid using Graylog Collector Sidecar due to its architecture.
Read full review
Lokesh Puthalapattu - PeerSpot reviewer
Sep 21, 2022
Graylog could improve the process of creating rules. We have to create them manually by doing parses and applying them. Other SIEM solutions have basic rules and you can create and get more events of interest.
Read full review
Show 9 more reviews (out of 19)

Product Categories

Product Categories
Log Management

Popular Comparisons

Popular Comparisons
Wazuh vs Graylog Logo
Wazuh vs Graylog
Dynatrace vs Graylog Logo
Dynatrace vs Graylog
Datadog vs Graylog Logo
Datadog vs Graylog
Splunk Enterprise Security vs Graylog Logo
Splunk Enterprise Security vs Graylog
IBM Security QRadar vs Graylog Logo
IBM Security QRadar vs Graylog
Elastic Security vs Graylog Logo
Elastic Security vs Graylog
Grafana Loki vs Graylog Logo
Grafana Loki vs Graylog
Security Onion vs Graylog Logo
Security Onion vs Graylog
LogRhythm SIEM vs Graylog Logo
LogRhythm SIEM vs Graylog
Elastic Stack vs Graylog Logo
Elastic Stack vs Graylog
syslog-ng vs Graylog Logo
syslog-ng vs Graylog
Fortinet FortiAnalyzer vs Graylog Logo
Fortinet FortiAnalyzer vs Graylog
Amazon CloudWatch vs Graylog Logo
Amazon CloudWatch vs Graylog
SolarWinds Kiwi Syslog Server vs Graylog Logo
SolarWinds Kiwi Syslog Server vs Graylog
Cribl vs Graylog Logo
Cribl vs Graylog
See all alternatives

Product Categories

Product Categories
Log Management

Popular Comparisons

Popular Comparisons
Wazuh vs Graylog Logo
Wazuh vs Graylog
Dynatrace vs Graylog Logo
Dynatrace vs Graylog
Datadog vs Graylog Logo
Datadog vs Graylog
Splunk Enterprise Security vs Graylog Logo
Splunk Enterprise Security vs Graylog
IBM Security QRadar vs Graylog Logo
IBM Security QRadar vs Graylog
Elastic Security vs Graylog Logo
Elastic Security vs Graylog
Grafana Loki vs Graylog Logo
Grafana Loki vs Graylog
Security Onion vs Graylog Logo
Security Onion vs Graylog
LogRhythm SIEM vs Graylog Logo
LogRhythm SIEM vs Graylog
Elastic Stack vs Graylog Logo
Elastic Stack vs Graylog
syslog-ng vs Graylog Logo
syslog-ng vs Graylog
Fortinet FortiAnalyzer vs Graylog Logo
Fortinet FortiAnalyzer vs Graylog
Amazon CloudWatch vs Graylog Logo
Amazon CloudWatch vs Graylog
SolarWinds Kiwi Syslog Server vs Graylog Logo
SolarWinds Kiwi Syslog Server vs Graylog
Cribl vs Graylog Logo
Cribl vs Graylog
See all alternatives
Related questions
  • 29
When evaluating Log Management tools and software, what aspect do you think is the most important to look for?
  • 2,460
Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
  • 62
Which Windows event log monitoring tool do you recommend?
  • 163
What is the difference between log management and SIEM?
  • 39
Splunk vs. Elastic Stack
  • 27
How can Cloudtrail logs be used effectively to improve log monitoring?
  • 289
Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?
  • 123
When evaluating Log Management solutions, what aspect do you think is the most important to look for?
  • 14
When evaluating Log Management solutions, what aspects do you think are the most important to look for?
  • 16
Why are Log Management tools important for companies?