We compared Fortinet FortiAnalyzer and Graylog based on our users' reviews in five categories. We reviewed all of the data and you can find the conclusion below.
Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. Graylog stands out with its exceptional search functions, seamless integration with Elasticsearch, and real-time data access. FortiAnalyzer enables users to centrally manage and analyze logs in real time. Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. Graylog could benefit from additional customization options and an improved rule-creation process.
Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. Graylog's customer service is generally well-regarded, with reviewers noting effective solutions and satisfactory experiences. While response times may differ, Graylog's support is considered superior compared to that of other products.
Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. Some Graylog users said the setup was easy. Other reviewers faced challenges, but these were easily resolved with help from the vendor’s support staff. Graylog is easier to set up in smaller environments, but it could get complicated in large clusters.
Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. Graylog offers an enterprise edition and an open-source option with a daily capacity restriction. Some users said that data costs can be expensive.
ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. Graylog can offer some cost savings. The precise ROI may vary depending on the organization’s size and use case.
"Storage in SSD helps in generating customized reports."
"Technical reports clearly identify system checks, locations and areas, how many times things escape, which firewall is affected, and source IDs."
"The feature that I have found the most valuable is to be able to see everything in our network in a single task. A single menu and the graphical bar charts that it provides to give insights are very useful. It also gives very good metrics on bandwidth utilization, CPU, and device performance. It is very simple and easy to use as well."
"The most valuable features of Fortinet FortiAnalyzer are the dashboards and supporting services."
"FortiAnalyzer's reporting features like graphs, threat intelligence, and vulnerabilities analysis are helpful. Fortinet knows how to do reporting. You can customize your reports to show exactly what you want to analyze. It's user-friendly and doesn't require a lot of effort."
"FortiAnalyzer's best feature is centralized log analysis. It's based on SQL database, so I can fully customize my report, chart-wise and log-wise, and can create as many reports as I want without any limit."
"It is very stable and reliable."
"The most valuable features are customizing reports, and the ability to drill down to display critical information in real-time."
"Allowing us to set up alerts and integrate with platforms we already use, such as Slack and OpsGenie to alert users of these errors proactively, is also a very useful feature."
"The best feature of Graylog is the Elasticsearch integration. We can integrate and we can run filters, such as an event of interest, and those logs we can send to any SIEM tool or as an analytic. Additionally, there are clear and well-documented implementation instructions on their website to follow if needed."
"Open source and user friendly."
"I am very proud of how very stable the solution is."
"Everything stands out as valuable, including the fact that I can quantify and qualify the logs, create pipelines and process the logs in any way I like, and create charts or data maps."
"We run a containerized microservices environment. Being able to set up streams and search for errors and anomalies across hundreds of containers is why a log aggregation platform like Graylog is valuable to us."
"I like the correlation and the alerting."
"The build is stable and requires little maintenance, even compared to some extremely expensive products."
"The setup of the solution can be improved because it is currently complex."
"The UI can be more user-friendly for new users."
"The support could be better for Fortinet FortiAnalyzer here in Mexico."
"The solution should include the ability to customize reports so that customers receive greater value and high level reporting."
"The solution should be more price competitive."
"The following could be better: operation and maintenance, high-availability architecture, and management link embedded in the transmission link."
"Software reports are good but should match the dashboard and include top-level output instead of just base or low-level devices."
"Fortinet FortiAnalyzer could improve by having better integration with other vendors."
"It would be great if Graylog could provide a better Python package in order to make it easier to use for the Python community."
"More complex visualizations and the ability to execute custom Elasticsearch queries would be great."
"Elasticsearch recommendations for tuning could be better. Graylog doesn't have direct support for running the system inside of Kubernetes, so it can be challenging to fill in the gaps and set up containers in a way that is both performant and stable."
"I would like to see a default dashboard widget that shows the topology of the clusters defined for the graylog install."
"With technical support, you are on your own without an enterprise license."
"Graylog could improve the process of creating rules. We have to create them manually by doing parses and applying them. Other SIEM solutions have basic rules and you can create and get more events of interest."
"I hope to see improvements in Graylog for more interactivity, user-friendliness, and creating alerts. The initial setup is complex."
"Graylog can improve the index rotation as it's quite a complex solution."
Fortinet FortiAnalyzer is ranked 8th in Log Management with 81 reviews while Graylog is ranked 11th in Log Management with 18 reviews. Fortinet FortiAnalyzer is rated 8.0, while Graylog is rated 8.0. The top reviewer of Fortinet FortiAnalyzer writes "We can automate event-based handling solutions, is stable, and is great for heavy traffic". On the other hand, the top reviewer of Graylog writes "Great detailed search features and easy Java integration, but needs improvement in integration with Python". Fortinet FortiAnalyzer is most compared with Wazuh, Splunk Enterprise Security, Grafana Loki, LogRhythm SIEM and ManageEngine EventLog Analyzer, whereas Graylog is most compared with Grafana Loki, Wazuh, syslog-ng, Splunk Enterprise Security and Elastic Security. See our Fortinet FortiAnalyzer vs. Graylog report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.