Try our new research platform with insights from 80,000+ expert users

Graylog Enterprise pros and cons

Vendor: Graylog

4.0 out of 5

21 reviews
95% willing to recommend

Pros & Cons summary

Graylog Enterprise enhances communication efficiency and productivity via its message forwarding module. It supports custom alerts for security and compliance, integrates with Slack and OpsGenie, and facilitates fast log retrieval with Elasticsearch. While powerful for containerized microservices, challenges include Elasticsearch tuning and high costs. The setup complexity, limited Kubernetes support, and insufficient documentation pose additional concerns. Improved integrations and a better Python package could boost its usability for tech buyers.

Buyer's Guide

Get pricing advice, tips, use cases and valuable features from real users of this product.

Prominent pros & cons

PROS

Graylog Enterprise enables seamless message forwarding through its in-built module and supports writing custom alerts crucial for information security and compliance.

Its log management capabilities provide visibility into infrastructure and security events, making it essential for real-time tracking and analysis of errors and anomalies across containerized environments.

Integration with platforms like Slack and OpsGenie for proactive alerting, as well as the ability to scale installations with minimal impact on logging, enhances its flexibility and usability.

The use of Elasticsearch ensures fast log retrieval with full-text search by default, which makes detailed analysis and data processing efficient and effective for both technical and non-technical teams.

Graylog Enterprise's user-friendly open-source nature, together with valuable features like data adapters, lookup tables, and detailed exploration of log messages, makes it a versatile tool for data analysis and big data storage.

CONS

Complex configurations and lack of extensive documentation make initial setup and rule-writing tedious, especially for the processing pipeline.

Graylog Enterprise lacks direct Kubernetes support, which challenges filling gaps in stable container setups and contributes to Elasticsearch issues.

Security features, including authentication, could be improved, alongside infrastructure costs being a primary concern.

Support for sidecar collector apps and visualizations needs enhancement, along with integration updates.

Tuning recommendations for Elasticsearch need improvement, especially to avoid high memory usage issues in high-throughput environments.

Graylog Enterprise Pros review quotes

Andrey Mostovykh

Senior Data Architect at a non-tech company with 201-500 employees

Sep 27, 2022

What I like about Graylog is that it's real-time and you have access to the raw data. So, you ingest it, and you have access to every message and every data item you ingest. You can then build analytics on top of that. You can look at the raw data, and you can do some volumetric estimations, such as how big traffic you have, how many messages of data of a type you have, etc.

Read full review

Sr. DevOps Engineer at TechStyle Fashion Group

Sep 30, 2022

Everything stands out as valuable, including the fact that I can quantify and qualify the logs, create pipelines and process the logs in any way I like, and create charts or data maps.

Read full review

reviewer2704128

Head of Cyber Security & CTO at a tech services company with 51-200 employees

May 22, 2025

The Graylog features that have proven to be most beneficial for our data analysis in particular are that we tend to use it as a big data store, so we have the correlation rules that, if something matches under certain conditions, it raises an alarm.

Read full review

Graylog Enterprise

Free Report: Graylog Enterprise Reviews and More

Learn what your peers think about Graylog Enterprise. Get advice and tips from experienced pros sharing their opinions. Updated: August 2025.

866,857 professionals have used our research since 2012.

Release Engineering Manager

Nov 22, 2017

The ability to write custom alerts is key to information security and compliance.

Read full review

Software Engineer & Co-Founder at Plexify GmbH

Sep 22, 2022

One of the most valuable features is that you are able to do a very detailed search through the log messages in the overview.

Read full review

DevOps Engineer at Proton Technologies

Apr 23, 2025

Graylog is valuable because it bridges technical knowledge to non-technical teams, presenting complex backend processes in a simple timeline.

Read full review

AK

Security Analyst at Netsharqs cybersecurity GmbH

Jan 27, 2025

It has data adapters and lookup tables that utilize HTTP calls to APIs.

Read full review

Head of Infrastructure at a financial services firm with 201-500 employees

Aug 26, 2019

I am very proud of how very stable the solution is.

Read full review

CN

CharlesNetshivhera

Senior DevOps Engineer at a financial services firm with 10,001+ employees

Dec 7, 2020

Graylog's search functionality, alerting functionality, user management, and dashboards are useful.

Read full review

Systémový inenýr DS senior

Nov 16, 2017

Message forwarding through the in-built module.

Read full review

Show 10 more reviews (out of 20)

Graylog Enterprise Cons review quotes

Andrey Mostovykh

Senior Data Architect at a non-tech company with 201-500 employees

Sep 27, 2022

The infrastructure cost is the main issue. I like the rest. If the infrastructure costs could be lower, it would be fantastic.

Read full review

Sr. DevOps Engineer at TechStyle Fashion Group

Sep 30, 2022

Graylog needs to improve their authentication. Also, the fact that Graylog displays logs from the top down is just ridiculous.

Read full review

reviewer2704128

Head of Cyber Security & CTO at a tech services company with 51-200 employees

May 22, 2025

The area in Graylog that needs to be improved or enhanced would be the integrations.

Read full review

Graylog Enterprise

Free Report: Graylog Enterprise Reviews and More

Learn what your peers think about Graylog Enterprise. Get advice and tips from experienced pros sharing their opinions. Updated: August 2025.

866,857 professionals have used our research since 2012.

Release Engineering Manager

Nov 22, 2017

I would like to see a default dashboard widget that shows the topology of the clusters defined for the graylog install.

Read full review

Software Engineer & Co-Founder at Plexify GmbH

Sep 22, 2022

It would be great if Graylog could provide a better Python package in order to make it easier to use for the Python community.

Read full review

AK

Security Analyst at Netsharqs cybersecurity GmbH

Jan 27, 2025

When it comes to configuring the processing pipeline, writing the rules can be very tedious, especially since the documentation isn't extensive on how the functions provided for these rules work.

Read full review

Head of Infrastructure at a financial services firm with 201-500 employees

Aug 26, 2019

I would like to see a date and time in the Graylog Grok patterns so that I can save time when searching for a log. I like how the streams and the search query work, but adding a date and time will allow me to pull out a log in a milli-second.

Read full review

CN

CharlesNetshivhera

Senior DevOps Engineer at a financial services firm with 10,001+ employees

Dec 7, 2020

Graylog can improve the index rotation as it's quite a complex solution.

Read full review

Systémový inenýr DS senior

Nov 16, 2017

The biggest problem is the collector application, as we wanted to avoid using Graylog Collector Sidecar due to its architecture.

Read full review

Senior Marketing Specialist II at Harman International

Sep 21, 2022

Graylog could improve the process of creating rules. We have to create them manually by doing parses and applying them. Other SIEM solutions have basic rules and you can create and get more events of interest.

Read full review

Show 9 more reviews (out of 19)

Product Categories

Product Categories

Popular Comparisons

Popular Comparisons

Wazuh vs Graylog Enterprise

Dynatrace vs Graylog Enterprise

Datadog vs Graylog Enterprise

Splunk Enterprise Security vs Graylog Enterprise

IBM Security QRadar vs Graylog Enterprise

Elastic Security vs Graylog Enterprise

Grafana Loki vs Graylog Enterprise

Security Onion vs Graylog Enterprise

LogRhythm SIEM vs Graylog Enterprise

Elastic Stack vs Graylog Enterprise

Cribl vs Graylog Enterprise

Amazon OpenSearch Service vs Graylog Enterprise

Amazon CloudWatch vs Graylog Enterprise

syslog-ng vs Graylog Enterprise

Fortinet FortiAnalyzer vs Graylog Enterprise

See all alternatives

Product Categories

Product Categories

Popular Comparisons

Popular Comparisons

Wazuh vs Graylog Enterprise

Dynatrace vs Graylog Enterprise

Datadog vs Graylog Enterprise

Splunk Enterprise Security vs Graylog Enterprise

IBM Security QRadar vs Graylog Enterprise

Elastic Security vs Graylog Enterprise

Grafana Loki vs Graylog Enterprise

Security Onion vs Graylog Enterprise

LogRhythm SIEM vs Graylog Enterprise

Elastic Stack vs Graylog Enterprise

Cribl vs Graylog Enterprise

Amazon OpenSearch Service vs Graylog Enterprise

Amazon CloudWatch vs Graylog Enterprise

syslog-ng vs Graylog Enterprise

Fortinet FortiAnalyzer vs Graylog Enterprise

See all alternatives

Related questions

28

When evaluating Log Management tools and software, what aspect do you think is the most important to look for?

1,340

Datadog vs ELK: which one is good in terms of performance, cost and efficiency?

41

Which Windows event log monitoring tool do you recommend?

51

What is the difference between log management and SIEM?

42

Splunk vs. Elastic Stack

12

How can Cloudtrail logs be used effectively to improve log monitoring?

192

Why hot data and cold data differences in SIEM solutions are not discussed sufficiently?

130

When evaluating Log Management solutions, what aspect do you think is the most important to look for?

16

When evaluating Log Management solutions, what aspects do you think are the most important to look for?

15

Why are Log Management tools important for companies?