You must select at least 2 products to compare!
Graylog Logo
11,182 views|9,352 comparisons
AT&T Logo
5,647 views|3,888 comparisons
Comparison Buyer's Guide
Executive Summary
Updated on Jul 23, 2023

We compared Graylog and USM Anywhere based on our users' reviews in five categories. We reviewed all of the data and you can find the conclusion below.

  • Features: Graylog stands out with its exceptional search functions, seamless integration with Elasticsearch, and real-time data access. USM Anywhere is highly regarded for its extensive reporting capabilities, thorough vulnerability assessment, seamless file integration, and user-friendly management features. Graylog could benefit from additional customization options and an improved rule-creation process. USM Anywhere users have suggested improvements in self-service plugin management, database optimization, and third-party threat intelligence integration.

  • Service and Support: Graylog's customer service is generally well-regarded, with reviewers noting effective solutions and satisfactory experiences. While response times may differ, Graylog's support is considered superior compared to that of other products. Some users say that USM Anywhere's customer service is knowledgeable and responsive, while others have faced delays and incomplete answers.

  • Ease of Deployment: Some Graylog users said the setup was easy. Other reviewers faced challenges, but these were easily resolved with help from the vendor’s support staff. Graylog is easier to set up in smaller environments, but it could get complicated in large clusters. The initial setup for USM Anywhere is generally considered to be straightforward if the user has technical knowledge. Vendor assistance is also available during the deployment phase.

  • Pricing: Graylog offers an enterprise edition and an open-source option with a daily capacity restriction. Some users said that data costs can be expensive. USM Anywhere is seen as more cost-effective than premium solutions like IBM QRadar and Splunk, with pricing considered reasonable and relatively low.

  • ROI: Graylog can offer some cost savings. The precise ROI may vary depending on the organization’s size and use case. USM Anywhere has garnered favorable feedback regarding its ROI.

Conclusion: Users find the setup process for USM Anywhere to be straightforward and easy, with professional service hours provided for best practices. The intuitive user interface and vulnerability assessment package are highly appreciated. Users also value cloud deployment, reporting capabilities, and ease of management. On the other hand, Graylog is praised for its detailed search capabilities but is criticized for requiring more customization options and improvements in rule creation and infrastructure cost. USM Anywhere is considered a cost-effective option in comparison to other solutions, making it the preferred product.
To learn more, read our detailed Graylog vs. USM Anywhere Report (Updated: November 2023).
745,140 professionals have used our research since 2012.
Featured Review
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
"Everything stands out as valuable, including the fact that I can quantify and qualify the logs, create pipelines and process the logs in any way I like, and create charts or data maps.""The solution's most valuable feature is its new interface.""One of the most valuable features is that you are able to do a very detailed search through the log messages in the overview.""The best feature of Graylog is the Elasticsearch integration. We can integrate and we can run filters, such as an event of interest, and those logs we can send to any SIEM tool or as an analytic. Additionally, there are clear and well-documented implementation instructions on their website to follow if needed.""We're using the Community edition, but I know that it has really good dashboarding and alerts.""What I like about Graylog is that it's real-time and you have access to the raw data. So, you ingest it, and you have access to every message and every data item you ingest. You can then build analytics on top of that. You can look at the raw data, and you can do some volumetric estimations, such as how big traffic you have, how many messages of data of a type you have, etc."

More Graylog Pros →

"AlienVault's reporting is good. I like that vulnerability assessment is part of the solution, and the UI is intuitive. Also, the overhead is low, which is to say we don't need a dedicated SOC team to manage and analyze things constantly. We're a small company that doesn't have those resources.""AT&T AlienVault USM is good for ELK Stack, the user experience is great because of its architecture. The ELK has a great performance and it has very good speed in the search and Kibana. Additionally, the visuals and dashboards and very nice and customizable.""Easy to use, scalable, stable, and very intuitive platform that provides protection against security threats.""The most valuable feature in AT&T AlienVault USM is the reporting.""The most valuable feature is vulnerability management because it gives you insight into your environment to know what systems need to be updated or patched.""What I find the most valuable about USM Anywhere is its compliance. It shows a list of all the administrators logged on and does it quite well. There are no whistles and bells, it's reliable and simple to use.""Having everything in a central place has been helpful.""The ease of implementation is the most valuable feature."

More USM Anywhere Pros →

"The infrastructure cost is the main issue. I like the rest. If the infrastructure costs could be lower, it would be fantastic.""Its scalability gets complicated when we have to update or edit multiple nodes.""Graylog could improve the process of creating rules. We have to create them manually by doing parses and applying them. Other SIEM solutions have basic rules and you can create and get more events of interest.""Graylog needs to improve their authentication. Also, the fact that Graylog displays logs from the top down is just ridiculous.""It would be great if Graylog could provide a better Python package in order to make it easier to use for the Python community.""More customization is always useful."

More Graylog Cons →

"The AT&T AlienVault USM is okay, but the relational database is not very good for large amounts of data. For example, many logs cannot be processed. It has been very slow for the queries and some data which are large, it is not very good in this case.""Adding a parsing interface for the customers would make AT&T AlienVault USM better.""The price of AT&T AlienVault USM could be reduced.""I think plugin management should be self-service on AlienVault USM. The other product is self-service but on the USM side. You have to submit a ticket then AT&T creates and updates the plugins.""Their threat intelligence platform needs to be broadened. They should integrate it with more threat intelligence platforms. For the threat feed that they get from open intelligence, I would like them to add a few premium threat intelligence platforms. They can provide a bundle in which AlienVault has the threat intelligence background of other premium products.""I want to see more compliance management capability. The quality of integrations seems to be a little bit low.""The reporting and dashboards have room for improvement.""Sometimes the log is unclear, and the report is a bit ambiguous."

More USM Anywhere Cons →

Pricing and Cost Advice
  • "We're using the Community edition."
  • "Graylog is a free open-source solution. The free version has a capacity limitation of 2 GB daily, if you want to go above this you have to purchase a license."
  • "There is an open source version and an enterprise version. I wouldn't recommend the enterprise version, but as an open source solution, it is solid and works really well."
  • "It's open source and free. They have a paid version, but we never looked into that because we never needed the features of the paid version."
  • More Graylog Pricing and Cost Advice →

  • "They charge a license based on the storage. ATT AlienVault USM is a less expensive solution than IBM QRadar."
  • "It is affordable, and it also has many features that the premium products such as ArcSight and QRadar have. It is a very good platform for a SIEM solution. Everything is included in the price."
  • "AlienVault is certainly not nearly as expensive as Splunk or QRadar. It's decently priced, but I don't have the exact figure."
  • "I rate the price of AT&T AlienVault USM a four out of five."
  • "AT&T AlienVault USM is an expensive solution and we pay for the license and the support separately. We paid for the license and support for three years."
  • "They are a little more expensive than Microsoft."
  • "We pay around $12,000 a year including storage."
  • More USM Anywhere Pricing and Cost Advice →

    Use our free recommendation engine to learn which Log Management solutions are best for your needs.
    745,140 professionals have used our research since 2012.
    Questions from the Community
    Top Answer:The solution's most valuable feature is its new interface.
    Top Answer:Graylog is a free open-source solution. The free version has a capacity limitation of 2 GB daily, if you want to go above this you have to purchase a license.
    Top Answer:They depleted the legacy alarm callback feature from the current version. They should make it available in the newest version as well. Also, they should include SSO integration in Graylog 5.0's… more »
    Top Answer:What I find the most valuable about USM Anywhere is its compliance. It shows a list of all the administrators logged on and does it quite well. There are no whistles and bells, it's reliable and… more »
    Top Answer:The solution is not expensive at all. When it comes to costliness, I would rate it a two out of ten.
    Top Answer:USM Anywhere relies a lot on the community putting the data in. Often, you'll right-click on the attack, but nothing will be found. That's a weakness of it.
    out of 74 in Log Management
    Average Words per Review
    out of 74 in Log Management
    Average Words per Review
    Also Known As
    AT&T AlienVault USM, AlienVault, AlienVault USM, Alienvault Cybersecurity
    Learn More

    Graylog is purpose-built to deliver the best log collection, storage, enrichment, and analysis. Graylog is:

    • Considerably faster analysis speeds.
    • More robust and easier-to-use analysis platform.
    • Simpler administration and infrastructure management.
    • Lower cost than alternatives.
    • Full-scale customer service.
    • No expensive training or tool experts required.

    USM Anywhere centralizes security monitoring of networks and devices in the cloud, on premises, and in remote locations, helping you to detect threats virtually anywhere.


    • Network asset discovery
    • Software & services discovery
    • AWS asset discovery
    • Azure asset discovery
    • Google Cloud Platform asset discovery


    • SIEM event correlation, auto-prioritized alarms
    • User activity monitoring
    • Up to 90-days of online, searchable events


    • Cloud intrusion detection (AWS, Azure, GCP)
    • Network intrusion detection (NIDS)
    • Host intrusion detection (HIDS)
    • Endpoint Detection and Response (EDR)


    • Forensics querying
    • Automate & orchestrate response
    • Notifications and ticketing


    • Vulnerability scanning
    • Cloud infrastructure assessment
    • User & asset configuration
    • Dark web monitoring


    • Pre-built compliance reporting templates
    • Pre-built event reporting templates
    • Customizable views and dashboards
    • Log storage
    Learn more about Graylog
    Learn more about USM Anywhere
    Sample Customers
    Blue Cross Blue Shield, eBay, Cisco, LinkedIn, SAP,, Twilio, Deutsche Presse-Agentur
    Abel & Cole, Bank of Ireland, Bluegrass Cellular, CareerBuilder, Claire's, Hays Medical Center, Hope International, McCurrach, McKinsey & Company, Party Delights, Pepco Holdings, Richland School District, Ricoh, SaveMart, Shake Shack, Steelcase, TaxAct, Taylor Morrison, Vonage and Zoom
    Top Industries
    Computer Software Company16%
    Comms Service Provider11%
    Financial Services Firm7%
    Financial Services Firm19%
    Healthcare Company17%
    Comms Service Provider8%
    Computer Software Company8%
    Computer Software Company17%
    Comms Service Provider8%
    Educational Organization6%
    Company Size
    Small Business54%
    Large Enterprise46%
    Small Business30%
    Midsize Enterprise17%
    Large Enterprise53%
    Small Business55%
    Midsize Enterprise25%
    Large Enterprise20%
    Small Business36%
    Midsize Enterprise19%
    Large Enterprise46%
    Buyer's Guide
    Graylog vs. USM Anywhere
    November 2023
    Find out what your peers are saying about Graylog vs. USM Anywhere and other solutions. Updated: November 2023.
    745,140 professionals have used our research since 2012.

    Graylog is ranked 10th in Log Management with 6 reviews while USM Anywhere is ranked 13th in Log Management with 13 reviews. Graylog is rated 7.6, while USM Anywhere is rated 7.8. The top reviewer of Graylog writes "Real-time analysis, easy setup, and open source". On the other hand, the top reviewer of USM Anywhere writes "A very scalable solution with vulnerability management that helps avoid weaknesses, but needs broader compliance management capabilities". Graylog is most compared with Wazuh, Grafana Loki, syslog-ng, Splunk Enterprise Security and ManageEngine Log360, whereas USM Anywhere is most compared with Wazuh, AlienVault OSSIM, Splunk Enterprise Security, IBM Security QRadar and Zabbix. See our Graylog vs. USM Anywhere report.

    See our list of best Log Management vendors.

    We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.