Graylog, headquartered in Houston, offers their eponymous platform for centralized log management that helps users find meaning in data faster so as to take action immediately. Graylog is available via Enterprise and Cloud plans, but also has a Small Business Plan, and an Open (free) plan with limited features.
N/A
New Relic
Score 8.5 out of 10
N/A
New Relic is a SaaS-based web and mobile application performance management provider for the cloud and the datacenter. They provide code-level diagnostics for dedicated infrastructures, the cloud, or hybrid environments and real time monitoring.
$0
No credit card required; 100 GB free ingest per month, 1 free full user + unlimited basic users, 8 days retention, 100 Synthetics Checks
Pricing
Graylog
New Relic
Editions & Modules
No answers on this topic
Free (Forever)
$0
No credit card required; 100 GB free ingest per month, 1 free full user + unlimited basic users, 8 days retention, 100 Synthetics Checks
Telemetry Data Platform
$0.25
per month per extra GB data ingest (after first free 100GB per month)
Incident Intelligence
$0.50
per month per event (after first 1000 free events per month)
Standard
$99
per month per full user (after first free full user - unlimited free basic users)
For small companies, Graylog is the best solution possible. It's easy to configure and "just works." Above everything else, it's free. The only thing I hold against it is the fact that it's Linux-based. [This] makes sense because Elasticsearch is Linux-based. But Linux adds a layer of complexity that we don't need for something basic as a logging server. I'm pretty sure that we would have had a logging server years earlier if I had to convince quite a few decision-making people to go ahead with it anyway.
New - relic is well suited if you want to analyse the performance of your services and you want to improve it. Integration with multiple services with same account gives a clear picture of flow of your APIs if you have micro-service architecture. New-relic is less appropriate when you want to do logging of your system. As it does not emits every single calls
Graylog does a great job of its core function: log aggregation, retention, and searching.
Graylog has a very flexible configuration. The backend for storage is Elasticsearch and MongoDB is used to store the configuration. You have to option to make your configuration as simple as possible by storing everything on one box, or you can scale everything out horizontally by using a cluster of Elasticsearch nodes and MongoDB servers with several Graylog servers pointed to all the necessary nodes.
Graylog does a good job of abstracting away a fair portion of Elasticsearch index management (sharding, creation, deletion, rotation, etc).
gives us an monitoring of all our underlying servers and also we can configure some alerts upon them like CPU and memory alerts.
Kubernetes cluster monitoring with new relic for EKS gives us and minute details of our cluster utilisation like node usage, pods memory request and limits
Network traceability for each and every request with response time analysis is great we can trace which component is responsible for generating response delay
log managements of the logs the infrastructure is generating we can view logs through there only
I would like to see sort of simulator inside the user interface, that way we can send requests directly from it to test some configuration instead of setting up a test environment in our end.
It would be nice if the data ingestion can be filtered by APM's. That way we can know which application is ingested most data.
It would be nice if we could ingest logs (apache, system logs, and other logs) and correlate them with the APM.
The only issue that we have had with New Relic is that the price might be a little expensive for smaller companies. The amount of data you store in New Relic impacts the cost, and can get away from you if you don't work closely with the vendor. Overall though the application is top notch.
As an engineer, New Relic has been very quick and easy for me to pick up/install/use. It has been less easy for some of the less technical-minded folks in our organization and their UI still is inconsistent multiple years after refactoring their platform to be New Relic One.
Community support does not give simple straightforward answers; simply search up Graylog Issues and look at some of the responses on the forums. The documentation is your only hope if you are on the free version, as you can NOT purchase only support. The few times I have worked with Graylog Enterprise support they were great though.
There are times I feel that the initial support is lacking. And in some cases the automated responses of not hearing anything are annoying if the reason why there has been no movement is because we are still waiting to hear back from NR support. So, i think they should loose the automation as it can seem disingenuous
It's better to start by implementing New Relic in one project and test everything. Try to follow best recommended practices and read all the official documentation. Everything seems well tested. Then, start by installing agents to the rest of your projects and keep a close look to all logs and metrics New Relic gives you.
In terms of log aggregation, the free product fully stacks up with the competitors listed. Full control over the data ingests for flexible configuration. Graylog even better on that front than AlienVault USM because you cannot configure the variable mapping. We haven't used the threat exchange stuff or correlation. But with regex searches, we have created function dashboards that show threat theater pictures of our network based on logs from our firewall.
New Relic is the most full-featured offering that we've found, and is incredibly easy to start using with a PHP app. The New Relic agent is installed as a PHP extension so it is able to monitor and track the performance of any PHP app being run by the web server. Other tools required the installation and setup of a PHP dependency at the application level.
Graylog is just less expensive than some other options which meant it fit into our budget otherwise we might not be able to justify a higher cost.
Being able to track issues that we normally couldn't track using other tools is a bonus to help us know of any issues we have and can fix before an outage or failure that could potentially cost money.
We have had to spend more time than I would like to understand and customize Graylog which has taken time away from other tasks and projects.
