Loggly: a great Commercially-Oriented Log Shipping / Filter Pipeline, that will add value to your Company DevOps Department
Anonymous | TrustRadius Reviewer
March 27, 2019

Loggly: a great Commercially-Oriented Log Shipping / Filter Pipeline, that will add value to your Company DevOps Department

Score 10 out of 10
Vetted Review
Verified User
Review Source

Overall Satisfaction with Loggly

While Loggly is not technically open-source, it is a modern platform for log-file analysis. Oftentimes, in our projects we will acquire competing DevOps stacks, in order to evaluate their effectiveness for us. Our criteria is usually very simple: 1. Does it work? 2.) Does it work on Linux? 3.) Does it use .config file format, or similar plaintext config files? (we generally try to stay away from XML-based file formats, or proprietary formats (think: binary), due to the overhead, and complexity that we feel does not work for us) 4.) is it modern? (i.e. if there is a UX component to the project, does it employ web-standards, such as NodeJS, HTML5, Angular, et. al) 5. It is open-source friendly? (i.e. is it built with Open Source tools, or is the Licensing less restrictive than Microsoft EULA?) Technical difficulty is almost never a concern for my team.
  • Modern: Loggly is modern: Dashboards, realtime information and the ability speak many different data sources and environments makes it an attractive choice
  • Configurability: Loggly gets log parsing right: by allowing you to in real time- filtering of log data, tagging and identifying data sources
  • DevOps friendly: Loggly is very Componentized: You can have an instance of Loggly running that will Monitor your Linux instance, in addition to all of it's services, as an example. Also, you can start/stop Loggly, without affecting your other components
  • Commodity: Loggly is protected by the company's need to convert Loggly into a retail product. While this is fine for the Company, it may limit individual developers from having immediate access to a product they would otherwise adopt. Therefore, Loggly really is geared towards Companies and Commercial Entities
  • Feature creep: Loggly stands in competition with other packages that are open-sourced. And while this is not bad from a Commercial view point (every needs to eat, right?), it almost automatically makes it a 2nd place package, without adding in a killer feature that adds additional value to Developers and DevOps Analysts
  • Parsing: Sometimes, when working with other packages, you get used to a configuration format. Loggly is not so dissimilar that it's hard to read / write, but it's not a one-to-one with say, Logstash. This is more of an annoyance than a real problem, and if you include putting your files into a Repo, then this is even less an annoyance.
  • (Positive, actually!) Cost of Acquisition: Loggly is not OpenSource (i.e. Free in this case). Therefore, while you have a cost up front, you have a wealth of support from the people that built it, which can translate into Time savings and/or bringing contractors on-board just for augmentation purposes
  • Negative: Loggly covers a lot of the features that other Open Source Projects cover. That being said, it's regulated by supply and demand, and thus it has a certain "desirability" as a commercial (and therefore stable) project. As a result, unless you are an employee working in a company that sees Loggly as a necessary tool, you will probably not be exposed to it on your own
  • (Positive): Tagging of information, and filtering of logs makes this product worthwhile from a commercial perspective: You can train your employees, and have them filtering logs in a day. If they get stuck, you don't have to pull internal resources away to support them, you simply open a ticket with Loggly.
Actually, we did not use any of the out-of-the box dashboards, except to get perspective on what Loggly is capable of doing. I did create custom dashboards, that allows us to monitor the project we are using Loggly for.

Our custom dashboard allows for filtering, logging and mining of the data that we specifically are collecting.
Since our dashboards are custom, we also define custom rules. Our philosophy is to design a "Dashboard" in an abstract sense: define everything from the color palette, to the fonts. We then drop in the controls, forms and charts as needed. to support Those goals, we will define rules based on two factors: What our current UX specification dictates, and what the data calls for in filtering. There are occasions, where we need to grab just literally everything and pool it into some other destination (i.e. ElasticSearch)- which means you don't want any filtering at the Loggly level. Therefore, some of our derived fields maybe as simple as :

[sourceName sourceIP]

and that's it!
Loggly is a great replacement for LogStash, if your project dictates features that LogStash does not have, that Loggly does (which, I can't really think of).

The only real feature of Loggly that most (myself included) can defend, is its cloud logging. Other than that, Loggly does not offer so many more features that Logstash could not replace.

I am recommending Loggly highly, though because its learning curve is so small, that in a commercial environment, where analysts are exposed to it for the first time will have no trouble wrapping their minds around it, and thus can add it to their resume as a real skill. This is really the only real environment for modern, DevOps based software that's not open source: a commercial environment where a company can absorb the cost, and thus maintain control over their investment, also while allowing its employees the ability to easily do what open source platforms are doing for the individual DevOps Analyst/Developer.