Graylog, Free Vs. Paid
April 29, 2020
Graylog, Free Vs. Paid
Score 9 out of 10
Vetted Review
Verified User
Overall Satisfaction with Graylog
Graylog is currently implemented for use across the entire organization at each deployment that I have provisioned. However, Graylog is only referenced by myself, or Information Systems Staff. Graylog currently mainly addresses two separate needs for us. First, it allows the capture of NAT translations for DMCA related notifications for subscribers. Secondly, it addresses the need for an internal syslog server.
Pros
- The free edition is extraordinarily powerful.
- Log searching is quick.
- The web interface is sleek, and the install is relatively quick.
Cons
- Rotating the indexes are hard! It is also easy to brick your deployment. Purchase support, but it's so ludicrously expensive, that I'd go with a different vendor.
- Community support dances around questions and points to documentation, which is there, but is not always accurate.
- Searching logs uses logic that is not always easy to use.
- There is not a good way to size how much space you need for a given log retention. It also does not tolerate running out of space using a smart feature or such to auto delete. The heap can also overflow.
- It uses MangoDB instead of a different database.
- The OVA is not approved for production use.
- It is resource intensive.
- Graylog has allowed our clients to successfully log NAT translations and comply with the DMCA, protecting us in terms of Safe Harbor.
- Graylog allows us to have a central server for syslog, which saves time rather than checking each machine, or figuring out events if we experience a unresponsive failure, lowering downtime.
- We have also spent a lot of time learning Graylog, which was a considerable investment. However, it is now starting to pay its dividends.
We use the free edition, because it is free and open source. We evaluated numerous other products, but we decided to go down the Graylog track because of initial costs. While the competition (Splunk, AlienVault, etc.) are very good products and come highly recommended, it simply was not in the budget to choose one of those products at this time. I have many clients who have used both, and decided to go with AlienVault, however.
Do you think Graylog delivers good value for the price?
Yes
Are you happy with Graylog's feature set?
Yes
Did Graylog live up to sales and marketing promises?
Yes
Did implementation of Graylog go as expected?
No
Would you buy Graylog again?
Yes
Comments
Please log in to join the conversation