Try our new research platform with insights from 80,000+ expert users

Elastic Security vs Graylog comparison

 

Comparison Buyer's Guide

Executive SummaryUpdated on Apr 20, 2025

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Categories and Ranking

Elastic Security
Ranking in Log Management
11th
Average Rating
7.8
Reviews Sentiment
6.8
Number of Reviews
65
Ranking in other categories
Security Information and Event Management (SIEM) (5th), Endpoint Detection and Response (EDR) (17th), Security Orchestration Automation and Response (SOAR) (8th), Extended Detection and Response (XDR) (10th)
Graylog
Ranking in Log Management
15th
Average Rating
8.0
Reviews Sentiment
7.2
Number of Reviews
21
Ranking in other categories
No ranking in other categories
 

Mindshare comparison

As of July 2025, in the Log Management category, the mindshare of Elastic Security is 3.0%, down from 6.0% compared to the previous year. The mindshare of Graylog is 6.5%, up from 5.9% compared to the previous year. It is calculated based on PeerSpot user engagement data.
Log Management
 

Featured Reviews

SyedAli17 - PeerSpot reviewer
Centralized monitoring improves security posture through rapid data processing
The processing part of Elastic Security ( /products/elastic-security-reviews ) is very interesting for us since we handle almost 7,000 to 8,000 alerts per minute. We require rapid processing speed for alerts and event data, and Elastic Security is very efficient at handling this level of data. Additionally, Elastic Security helps improve the security posture of Pakistan through centralized visibility and real-time processing.
Ivan Kokalovic - PeerSpot reviewer
Facilitates backend service monitoring with efficient log retrieval and API flexibility
Graylog is valuable because it bridges technical knowledge to non-technical teams, presenting complex backend processes in a simple timeline. It boosts the knowledge of sales and customer support teams by allowing them to see the backend operations without needing to read the code. Its API is flexible for visualization, and its powerful search engine efficiently handles large volumes of log data. Moreover, its stability, fast search capabilities, and compatibility with languages like ANSI SQL enhance its utility in IT infrastructure.

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:
 

Pros

"The stability of the solution is good."
"The scalability is good. It can be scaled easily in the production environment."
"The most valuable feature is the speed, as it responds in a very short time."
"It's very stable and reliable."
"One of the most valuable features of this solution is that it is more flexible than AlienVault."
"The solution is compatible with the cloud-native environment and they can adapt to it faster."
"The most valuable features of the solution are the prevention methods and the incident alerts."
"It's very customizable, which is quite helpful."
"Real-time UDP/GELF logging and full text-based searching."
"UDP is a fast and lightweight protocol, perfect for sending large volumes of logs with minimal overhead."
"We're using the Community edition, but I know that it has really good dashboarding and alerts."
"One of the most valuable features is that you are able to do a very detailed search through the log messages in the overview."
"Graylog is valuable because it bridges technical knowledge to non-technical teams, presenting complex backend processes in a simple timeline."
"The Graylog features that have proven to be most beneficial for our data analysis in particular are that we tend to use it as a big data store, so we have the correlation rules that, if something matches under certain conditions, it raises an alarm."
"It is used as a log manager/SIEM. It provides visibility into the infrastructure and security related events."
"Storing logs in Elasticsearch means log retrieval is extremely fast, and full text search is available by default."
 

Cons

"The solution should generate an automatic product that integrates with ELK Stack to use artificial intelligence."
"I would like the process of retrieving archived data and viewing it in Kibana to be simplified."
"Authentication is not a default in Kibana. We need to have another tool to have authentication and authorization. These two should be part of Kibana."
"Continuous upgrades can be quite inconvenient. My security testing team continuously reports vulnerabilities, and we have to fix and update the versions frequently."
"It's a little bit of a learning curve to understand the logic of searching for things and trying to find what you're looking for in Elastic Security."
"There is room for improvement in the Kibana dashboard and in the asset management for the program."
"In terms of improvement, there could be more automation in responding to and evaluating detections."
"With Elastic, you have to build the use cases for the specific requirement. Other products have a simple integration and more use cases to integrate out-of-the-box solutions for SIEM."
"I would like to see a date and time in the Graylog Grok patterns so that I can save time when searching for a log. I like how the streams and the search query work, but adding a date and time will allow me to pull out a log in a milli-second."
"Graylog could improve the process of creating rules. We have to create them manually by doing parses and applying them. Other SIEM solutions have basic rules and you can create and get more events of interest."
"More complex visualizations and the ability to execute custom Elasticsearch queries would be great."
"I would like to see a default dashboard widget that shows the topology of the clusters defined for the graylog install."
"Lacks sufficient documentation."
"It would be great if Graylog could provide a better Python package in order to make it easier to use for the Python community."
"When it comes to configuring the processing pipeline, writing the rules can be very tedious, especially since the documentation isn't extensive on how the functions provided for these rules work."
"Dashboards, stream alerts and parsing could be improved."
 

Pricing and Cost Advice

"I can say that the product is cheaply priced."
"Compared to other products such as Dynatrace, this is one of the cheaper options."
"Affordable but with additional costs"
"It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."
"Its price is fine. Its licensing works on a yearly basis. We have to renew the license every year. I also have a good experience with Darktrace. When we buy Darktrace, we get training free of cost, which is not there in Elastic. We have to pay extra for training. There is certainly room for improvement."
"We are using the free, open-source version of this solution."
"The solution is not expensive and costs around ten dollars a month."
"The base product is open-source but if you need advanced security features then you need to pay for the subscription. Elastic Security's price is reasonable in some cases and in other cases it's not."
"Having paid official support is wise for projects."
"It's an open-source solution that can be used free of charge."
"​You get a lot out-of-the-box with the non-enterprise version, so give it a try first."
"I am using a community edition. I have not looked at the enterprise offering from Graylog."
"If you want something that works and do not have the money for Splunk or QRadar, take Graylog.​​"
"It's open source and free. They have a paid version, but we never looked into that because we never needed the features of the paid version."
"Consider Enterprise support if you have atypical needs or setup requirements.​"
"We are using the free version of the product. However, the paid version is expensive."
report
Use our free recommendation engine to learn which Log Management solutions are best for your needs.
860,168 professionals have used our research since 2012.
 

Top Industries

By visitors reading reviews
Computer Software Company
16%
Government
9%
Financial Services Firm
9%
Comms Service Provider
7%
Computer Software Company
17%
Comms Service Provider
10%
University
7%
Educational Organization
7%
 

Company Size

By reviewers
Large Enterprise
Midsize Enterprise
Small Business
 

Questions from the Community

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?
With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good c...
What do you like most about Elastic Security?
Elastic provides the capability to index quickly due to the reverse indexes it offers. This data is crucial as it contains critical information. The reverse index allows fast data indexing because ...
What is your experience regarding pricing and costs for Elastic Security?
Since Elastic Security is community-based, it does not require significant costs. This is beneficial for SMEs as they do not need extensive budgets for security solutions.
What do you like most about Graylog?
The product is scalable. The solution is stable.
What is your experience regarding pricing and costs for Graylog?
I am not familiar with the pricing details of Graylog, as I was not responsible for that aspect. It was determined that we didn't need an enterprise plan, which is more suited for clients with less...
What needs improvement with Graylog?
An improvement I would suggest is in Graylog's user interface, such as allowing for font size adjustments. A potential enhancement could be the integration with Ollama to run large language models ...
 

Comparisons

 

Also Known As

Elastic SIEM, ELK Logstash
Graylog2
 

Overview

 

Sample Customers

Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
Blue Cross Blue Shield, eBay, Cisco, LinkedIn, SAP, King.com, Twilio, Deutsche Presse-Agentur
Find out what your peers are saying about Elastic Security vs. Graylog and other solutions. Updated: June 2025.
860,168 professionals have used our research since 2012.