Graylog vs Microsoft Purview Audit comparison

Graylog and Microsoft are both solutions in the Log Management category. Graylog is ranked #16 with an average rating of 6.5, while Microsoft is ranked #45 with an average rating of 8.0. Graylog holds a 6.7% mindshare in Log Management, compared to Microsoft’s 0.3% mindshare. Additionally, 95% of Graylog users are willing to recommend the solution, compared to 100% of Microsoft users who would recommend it.

Graylog

Read 20 Graylog reviews

9,555 Views
8,400 Comparison Views

95% willing to recommend

Microsoft Purview Audit

Read 2 Microsoft Purview Audit reviews

551 Views
446 Comparison Views

100% willing to recommend

Graylog

Microsoft Purview Audit

Comparison Buyer's Guide

Download the report

Executive SummaryUpdated on Oct 9, 2024

Graylog and Microsoft Purview Audit compete in the log management and auditing solutions category. Microsoft Purview Audit appears to have the upper hand due to its comprehensive feature set, despite its cost.

Features: Graylog provides efficient log management, scalability, and a streamlined approach that makes it appealing to users. Microsoft Purview Audit is distinguished by its extensive compliance tracking, detailed event logging, and robust auditing capabilities that fulfill corporate security requirements.

Room for Improvement: Users indicate Graylog could enhance integration capabilities, improve documentation, and expand its feature set. For Microsoft Purview Audit, users suggest simplification of the system, enhanced customization options, and a more user-friendly interface.

Ease of Deployment and Customer Service: Graylog is known for its straightforward deployment process and responsive customer service. In contrast, Microsoft Purview Audit presents setup challenges and a complex deployment, paired with reliable but less intuitive customer support.

Pricing and ROI: Graylog offers lower setup costs with a quick positive ROI due to its efficient pricing model. Microsoft Purview Audit, although requiring higher initial investment, is considered valuable for its comprehensive security features, leading to significant ROI over time.

To learn more, read our detailed Graylog vs. Microsoft Purview Audit Report (Updated: April 2025).

Buyer's Guide

Graylog vs. Microsoft Purview Audit

April 2025

Download the complete report

Helped 849,686 peers since 2012

Review summaries and opinions

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Categories and Ranking

Graylog

Ranking in Log Management

16th

Average Rating

8.0

Reviews Sentiment

6.9

Number of Reviews

Ranking in other categories

No ranking in other categories

Microsoft Purview Audit

Ranking in Log Management

45th

Average Rating

8.0

Reviews Sentiment

8.1

Number of Reviews

Ranking in other categories

Microsoft Security Suite (31st)

Mindshare comparison

As of May 2025, in the Log Management category, the mindshare of Graylog is 6.7%, up from 5.8% compared to the previous year. The mindshare of Microsoft Purview Audit is 0.3%, down from 0.4% compared to the previous year. It is calculated based on PeerSpot user engagement data.

Log Management

Featured Reviews

Ivan Kokalovic

DevOps Engineer at Proton Technologies

Facilitates backend service monitoring with efficient log retrieval and API flexibility

Graylog is valuable because it bridges technical knowledge to non-technical teams, presenting complex backend processes in a simple timeline. It boosts the knowledge of sales and customer support teams by allowing them to see the backend operations without needing to read the code. Its API is flexible for visualization, and its powerful search engine efficiently handles large volumes of log data. Moreover, its stability, fast search capabilities, and compatibility with languages like ANSI SQL enhance its utility in IT infrastructure.

Read full review

Nagendra Nekkala

Senior Manager ICT & Innovations at Bangalore International Airport Limited

Enables us to create a user in the cloud and give them access to resources through a single workflow

The PAM for Active Directory is good. ActiveOps is quite useful as a feature. The One Identity active role enables us to create a user in the cloud and give them access to resources through a single workflow. We can create rules-based access. It helps us control audit management and IT access management. We can decide what people can access and detect job functions. It enables zero trust security with hybrid AD, find delegation, and role-based access control. It provides all certificates and provides secure authentication, call-based access control, et cetera. It's really important for my critical applications. We can see who's using what, whether they are authorized, and other information to decide what access to offer. With the active role console, I can find out the obvious issues and also perform a decent setup. The One Identity active roles enable us to reduce password reset times. We can handle tasks in a matter of a minute. It simplifies AD and Azure AD management, efficiency, and security overall. The password manager is very secure and is a self-service password manager solution. It is considerably decreasing my help desk tasks. Our engineering users can reset forgotten passwords, and it can implement a stronger password. The management around access to enterprise resources keeps my data and systems secure. We're easily saving at least one hour per day using this solution. The migration from AD to Azure AD is very easy. There are simple configurations, and the migration goes rather smoothly. We use the solution support for SaaS apps through Cloud Delivered SCIM connectors. There are controls that can be configured and we can add and set permissions easily.

Read full review

Quotes from Members

We asked business professionals to review the solutions they use. Here are some excerpts of what they said:

Pros

"I like the correlation and the alerting."

"Open source and user friendly."

"Real-time UDP/GELF logging and full text-based searching."

"One of the most valuable features is that you are able to do a very detailed search through the log messages in the overview."

"The ability to write custom alerts is key to information security and compliance."

"We run a containerized microservices environment. Being able to set up streams and search for errors and anomalies across hundreds of containers is why a log aggregation platform like Graylog is valuable to us."

"We're using the Community edition, but I know that it has really good dashboarding and alerts."

"It is used as a log manager/SIEM. It provides visibility into the infrastructure and security related events."

More Graylog pros

"We're easily saving at least one hour per day using this solution."

"The platform has significantly enhanced our operational insight into the overall Microsoft 365 environment."

Cons

"Its scalability gets complicated when we have to update or edit multiple nodes."

"Dashboards, stream alerts and parsing could be improved."

"The biggest problem is the collector application, as we wanted to avoid using Graylog Collector Sidecar due to its architecture."

"The infrastructure cost is the main issue. I like the rest. If the infrastructure costs could be lower, it would be fantastic."

"We ran into problems with Elasticsearch throwing a circuit-breaking exception due to field data size being too large. It turned out that the heap size directly impacted this size in a high-throughput environment, causing unexplained instability in Graylog. We were able to troubleshoot on the Elasticsearch size, but we should have been able to reference some minimum requirements for Graylog to know that our settings weren't sufficient."

"I would like to see a default dashboard widget that shows the topology of the clusters defined for the graylog install."

"Since container orchestration systems are popular and Graylog fits the niche well, perhaps they could officially support running in docker containers on Kubernetes as a StatefulSet as a use case. That way, the declarative nature of Kubernetes config files would document their best case deployment scenario-"

"Over six months, I had two similar issues where searches were performed on field "messages". It exhausted all the memory of the ES node causing an ES crash and a Graylog halt."

More Graylog cons

"Areas for product improvement include enhancing customization options and integrating more comprehensive compliance features."

"We do have a Denial of Access happening."

Pricing and Cost Advice

"Consider Enterprise support if you have atypical needs or setup requirements."

"I am using a community edition. I have not looked at the enterprise offering from Graylog."

"I use the free version of Graylog."

"If you want something that works and do not have the money for Splunk or QRadar, take Graylog."

"It's open source and free. They have a paid version, but we never looked into that because we never needed the features of the paid version."

"You get a lot out-of-the-box with the non-enterprise version, so give it a try first."

"Graylog is a free open-source solution. The free version has a capacity limitation of 2 GB daily, if you want to go above this you have to purchase a license."

"Having paid official support is wise for projects."

More Graylog pricing and cost advice

Information not available

See which vendors are best for you

Use our free recommendation engine to learn which Log Management solutions are best for your needs.

See recommendations

849,686 professionals have used our research since 2012.

Top Industries

By visitors reading reviews

Computer Software Company

18%

Comms Service Provider

10%

Educational Organization

Government

Financial Services Firm

17%

Computer Software Company

13%

Educational Organization

Government

Company Size

By reviewers

Large Enterprise

Midsize Enterprise

Small Business

No data available

Questions from the Community

What do you like most about Graylog?

The product is scalable. The solution is stable.

See all answers

What is your experience regarding pricing and costs for Graylog?

We are using the free version of the product. However, the paid version is expensive.

See all answers

What needs improvement with Graylog?

When it comes to configuring the processing pipeline, writing the rules can be very tedious, especially since the documentation isn't extensive on how the functions provided for these rules work. P...

See all answers

What is your experience regarding pricing and costs for Microsoft Purview Audit?

I'm not aware of the pricing of licensing terms.

See all answers

What needs improvement with Microsoft Purview Audit?

Areas for product improvement include enhancing customization options and integrating more comprehensive compliance features.

See all answers

What is your primary use case for Microsoft Purview Audit?

We utilize Microsoft Purview Audit for monitoring security and compliance aspects.

See all answers

Comparisons

Grafana Loki vs Graylog

Compared 39% of the time

Wazuh vs Graylog

Compared 24% of the time

syslog-ng vs Graylog

Compared 11% of the time

Security Onion vs Graylog

Compared 5% of the time

Fortinet FortiAnalyzer vs Graylog

Compared 3% of the time

More Graylog Competitors

Splunk Enterprise Security vs Microsoft Purview Audit

Compared 14% of the time

Datadog vs Microsoft Purview Audit

Compared 13% of the time

Splunk Cloud Platform vs Microsoft Purview Audit

Compared 13% of the time

Microsoft Purview eDiscovery vs Microsoft Purview Audit

Compared 11% of the time

Microsoft Sentinel vs Microsoft Purview Audit

Compared 10% of the time

More Microsoft Purview Audit Competitors

Product Reports

Buyer's Guide

Graylog

April 2025

Download Graylog product report

Buyer's Guide

Log Management

April 2025

Download Microsoft Purview Audit product report

Also Known As

Graylog2

No data available

Overview

Graylog is purpose-built to deliver the best log collection, storage, enrichment, and analysis. Graylog is:

Considerably faster analysis speeds.
More robust and easier-to-use analysis platform.
Simpler administration and infrastructure management.
Lower cost than alternatives.
Full-scale customer service.
No expensive training or tool experts required.

Graylog

The unified auditing functionality in Microsoft 365 provides organizations with visibility into many types of audited activities across many different services in Microsoft 365. Advanced Audit helps organizations to conduct forensic and compliance investigations by increasing audit log retention required to conduct an investigation, providing access to crucial events that help determine scope of compromise, and faster access to Office 365 Management Activity API.

Microsoft

Sample Customers

Blue Cross Blue Shield, eBay, Cisco, LinkedIn, SAP, King.com, Twilio, Deutsche Presse-Agentur

Information Not Available

Buyer's Guide

Graylog vs. Microsoft Purview Audit

April 2025

Free Report: Graylog vs. Microsoft Purview Audit

Find out what your peers are saying about Graylog vs. Microsoft Purview Audit and other solutions. Updated: April 2025.

DOWNLOAD NOW

849,686 professionals have used our research since 2012.

See our Graylog vs. Microsoft Purview Audit report.

See our list of best Log Management vendors.

We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.