We performed a comparison between Graylog and syslog-ng based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I am very proud of how very stable the solution is."
"Everything stands out as valuable, including the fact that I can quantify and qualify the logs, create pipelines and process the logs in any way I like, and create charts or data maps."
"The solution's most valuable feature is its new interface."
"What I like about Graylog is that it's real-time and you have access to the raw data. So, you ingest it, and you have access to every message and every data item you ingest. You can then build analytics on top of that. You can look at the raw data, and you can do some volumetric estimations, such as how big traffic you have, how many messages of data of a type you have, etc."
"Real-time UDP/GELF logging and full text-based searching."
"Graylog's search functionality, alerting functionality, user management, and dashboards are useful."
"We have scaled from a single machine installation (a VM with a Graylog + ES + MongoDB) to (2 Graylog + 2 ES + 3 MongoDB). This was done smoothly with a minimal impact on logging."
"The ability to write custom alerts is key to information security and compliance."
"Syslog-ng has a separate config file in addition to the core configuration."
"Syslog-ng provides easy access to all my logs. It helps me show managers and other clients precisely where an incident occurred. I also like it because you can integrate syslog-ng with multiple solutions to allow real-time monitoring."
"The ability to extract and store the logs is the most valuable feature of syslog-ng."
"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."
"For us, the most valuable feature is the use of compound search for searching logs at a specific time, by a specific user, or specific behavior."
"Graylog can improve the index rotation as it's quite a complex solution."
"The biggest problem is the collector application, as we wanted to avoid using Graylog Collector Sidecar due to its architecture."
"Over six months, I had two similar issues where searches were performed on field "messages". It exhausted all the memory of the ES node causing an ES crash and a Graylog halt."
"Elasticsearch recommendations for tuning could be better. Graylog doesn't have direct support for running the system inside of Kubernetes, so it can be challenging to fill in the gaps and set up containers in a way that is both performant and stable."
"Lacks sufficient documentation."
"I hope to see improvements in Graylog for more interactivity, user-friendliness, and creating alerts. The initial setup is complex."
"More complex visualizations and the ability to execute custom Elasticsearch queries would be great."
"With technical support, you are on your own without an enterprise license."
"There is always the potential for additional integration and protocol extensions."
"There is room for improvement in terms of observability."
"The filtering has room for improvement."
"Syslog-ng has built-in features that we can use to create alerts for a SIEM solution. It isn't a true SIEM solution, but it's sufficient for the time being."
"It's hard to find people who know how to use syslog-ng. I often find problems with configurations, and solutions aren't integrated correctly with syslog-ng. For example, there might be data with extra decimals, or the collector agents are incorrectly named. It isn't a problem with the solution; it's a lack of professionals."
Graylog is ranked 11th in Log Management with 18 reviews while syslog-ng is ranked 17th in Log Management with 5 reviews. Graylog is rated 8.0, while syslog-ng is rated 8.6. The top reviewer of Graylog writes "Great detailed search features and easy Java integration, but needs improvement in integration with Python". On the other hand, the top reviewer of syslog-ng writes "It's a user-friendly open-source solution that can replace or augment a commercial product in some cases". Graylog is most compared with Grafana Loki, Wazuh, Splunk Enterprise Security, Fortinet FortiAnalyzer and Elastic Security, whereas syslog-ng is most compared with SolarWinds Kiwi Syslog Server, Grafana Loki, Logstash, Elastic Security and Fortinet FortiAnalyzer. See our Graylog vs. syslog-ng report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.