Graylog, Free Vs. Paid
April 29, 2020

Graylog, Free Vs. Paid

Anonymous | TrustRadius Reviewer
Score 9 out of 10
Vetted Review
Verified User

Overall Satisfaction with Graylog

Graylog is currently implemented for use across the entire organization at each deployment that I have provisioned. However, Graylog is only referenced by myself, or Information Systems Staff. Graylog currently mainly addresses two separate needs for us. First, it allows the capture of NAT translations for DMCA related notifications for subscribers. Secondly, it addresses the need for an internal syslog server.
  • The free edition is extraordinarily powerful.
  • Log searching is quick.
  • The web interface is sleek, and the install is relatively quick.
  • Rotating the indexes are hard! It is also easy to brick your deployment. Purchase support, but it's so ludicrously expensive, that I'd go with a different vendor.
  • Community support dances around questions and points to documentation, which is there, but is not always accurate.
  • Searching logs uses logic that is not always easy to use.
  • There is not a good way to size how much space you need for a given log retention. It also does not tolerate running out of space using a smart feature or such to auto delete. The heap can also overflow.
  • It uses MangoDB instead of a different database.
  • The OVA is not approved for production use.
  • It is resource intensive.
  • Graylog has allowed our clients to successfully log NAT translations and comply with the DMCA, protecting us in terms of Safe Harbor.
  • Graylog allows us to have a central server for syslog, which saves time rather than checking each machine, or figuring out events if we experience a unresponsive failure, lowering downtime.
  • We have also spent a lot of time learning Graylog, which was a considerable investment. However, it is now starting to pay its dividends.
We use the free edition, because it is free and open source. We evaluated numerous other products, but we decided to go down the Graylog track because of initial costs. While the competition (Splunk, AlienVault, etc.) are very good products and come highly recommended, it simply was not in the budget to choose one of those products at this time. I have many clients who have used both, and decided to go with AlienVault, however.
Community support does not give simple straightforward answers; simply search up Graylog Issues and look at some of the responses on the forums. The documentation is your only hope if you are on the free version, as you can NOT purchase only support. The few times I have worked with Graylog Enterprise support they were great though.

Do you think Graylog delivers good value for the price?


Are you happy with Graylog's feature set?


Did Graylog live up to sales and marketing promises?


Did implementation of Graylog go as expected?


Would you buy Graylog again?


If you just need a logging server that will most likely work, and won't break the bank. This is it, you can stop looking. Period.