Try our new research platform with insights from 80,000+ expert users

Graylog Valuable Features

reviewer2704128 - PeerSpot reviewer
Head of Cyber Security & CTO at a tech services company with 51-200 employees

The features and capabilities of Graylog that we have found most valuable are related to its basis on open search, which was ElasticSearch. We appreciate being able to integrate custom feeds and do custom parsers, and to be able to do some of the correlation on it. That all works effectively.

The Graylog features that have proven to be most beneficial for our data analysis in particular are that we tend to use it as a big data store, so we have the correlation rules that, if something matches under certain conditions, it raises an alarm. We use it for investigating problems and problem management. We throw all the information at it, we have it alerting for certain conditions, but generally we use it for deep diving into issues as needed.

View full review »
AK
Security Analyst at Netsharqs cybersecurity GmbH

I would say log enrichment via these data adapters and lookup tables is valuable, especially the caching ability since Graylog doesn't always have to make API calls for every single instance if it is enriching the same value. That is very handy and makes it scalable.

View full review »
Ivan Kokalovic - PeerSpot reviewer
DevOps Engineer at Proton Technologies
Graylog is valuable because it bridges technical knowledge to non-technical teams, presenting complex backend processes in a simple timeline. It boosts the knowledge of sales and customer support teams by allowing them to see the backend operations without needing to read the code. Its API is flexible for visualization, and its powerful search engine efficiently handles large volumes of log data. Moreover, its stability, fast search capabilities, and compatibility with languages like ANSI SQL enhance its utility in IT infrastructure. View full review »
Buyer's Guide
Graylog
June 2025
Learn what your peers think about Graylog. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
859,687 professionals have used our research since 2012.
Andrey Mostovykh - PeerSpot reviewer
Senior Data Architect at a non-tech company with 201-500 employees

What I like about Graylog is that it's real-time and you have access to the raw data. So, you ingest it, and you have access to every message and every data item you ingest. You can then build analytics on top of that. You can look at the raw data, and you can do some volumetric estimations, such as how big traffic you have, how many messages of data of a type you have, etc.

View full review »
Peter Malaty - PeerSpot reviewer
Sr. DevOps Engineer at TechStyle Fashion Group

Everything stands out as valuable, including the fact that I can quantify and qualify the logs, create pipelines and process the logs in any way I like, and create charts or data maps. One time, I created a geo map based on IP addresses accessing a website. The web server generates logs based on who's accessing the application, and we were able to extract the IPs from the logs and even create a chart on Graylog to map out exactly what countries the requests were coming from. Graylog is amazing. It's a beast.

View full review »
Lokesh Puthalapattu - PeerSpot reviewer
Senior Marketing Specialist II at Harman International

The best feature of Graylog is the Elasticsearch integration. We can integrate and we can run filters, such as an event of interest, and those logs we can send to any SIEM tool or as an analytic. Additionally, there are clear and well-documented implementation instructions on their website to follow if needed.

View full review »
Jonas Leeb - PeerSpot reviewer
Software Engineer & Co-Founder at Plexify GmbH

One of the most valuable features is that you are able to do a very detailed search through the log messages in the overview. You are also able to attach a lot of details into your log messages. 

When it came to integrating the solution with Java, it was quite easy. My colleagues used Graylog for some dashboards to show how many bugs there were per day or the overall performance of the applications. For the developers it's not super important, but it was quite a good way for the project manager to see that everything was all right.

View full review »
Shivam-Tiwari - PeerSpot reviewer
DevOps Engineer Intern at MyKaarma

The solution's most valuable feature is its new interface. It enhances our cluster's performance as well.

View full review »
CN
Senior DevOps Engineer at a financial services firm with 10,001+ employees

Graylog's search functionality, alerting functionality, user management, and dashboards are useful. They also provide an easy way to create dashboards, and the interface is also quite easy to use.

View full review »
it_user1270395 - PeerSpot reviewer
Entrepreneur at a tech services company with 51-200 employees

I like the simplicity of the solution, the fact that it's open source and user friendly.

View full review »
it_user995112 - PeerSpot reviewer
Head of Infrastructure at a financial services firm with 201-500 employees

What I like most about this solution, is that it caches the log. I also like it's filtration because we have various layers of data that needs to be captured - from flat filing to Windows servers, Linux-based servers and the like. I like the diversity and the number of environments it can cover, including the switches.

View full review »
JD
Technology Consultant at a computer software company with 5,001-10,000 employees

Real-time UDP/GELF logging and full text-based searching. Since UDP is a stateless, connectionless protocol, it simplifies error handling for the log sender/producer in the event that Graylog is not available. UDP is also a fast and lightweight protocol, perfect for sending large volumes of logs with minimal overhead. Storing logs in Elasticsearch means log retrieval is extremely fast, and full text search is available by default. Additionally, Graylog has support via plugins for Slack-based alerts. These have been wonderful for notifying us when exceptional log messages are encountered.

View full review »
JC
Senior Architect at a tech vendor with 51-200 employees
  • Searching errors
  • Alerting through Slack and OpsGenie using their plugins.

We run a containerized microservices environment. Being able to set up streams and search for errors and anomalies across hundreds of containers is why a log aggregation platform like Graylog is valuable to us. 

Allowing us to set up alerts and integrate with platforms we already use, such as Slack and OpsGenie to alert users of these errors proactively, is also a very useful feature. 

View full review »
ITSecuri4852 - PeerSpot reviewer
IT Security Consultant at a tech services company with 10,001+ employees

The most valuable part is an open source. The build is stable and requires little maintenance, even compared to some extremely expensive products.

View full review »
it_user805368 - PeerSpot reviewer
Software Engineer, DevOps at a tech services company with 51-200 employees

The Stream Alert feature is a highlight of this. As for similar products, there are separate integrations, but Graylog ships this with the build.

View full review »
it_user776928 - PeerSpot reviewer
Java Software Developer at a financial services firm with 5,001-10,000 employees
  • Logging aggregation and querying. We have multiple applications, therefore it is no longer feasible to check logs from our file system per each application.
  • When adopting microservices architecture, centralized logging is a must have.
View full review »
it_user776922 - PeerSpot reviewer
Release Engineering Manager

The ability to write custom alerts is key to information security and compliance. Also, I love the improvements I can make on dashboard widgets. 

View full review »
it_user774168 - PeerSpot reviewer
Systémový inženýr DS senior

We are using only a few parts of its functionality. Its most valuable functions for us are:

  • Log collection
  • Quick string search in central storage
  • Message forwarding through the in-built module
  • Message filters. 

We need all these function to fulfill law requirements for cyber security.

View full review »
reviewer1751748 - PeerSpot reviewer
Systems Architect at a tech services company with 51-200 employees

We're using the Community edition, but I know that it has really good dashboarding and alerts.

View full review »
reviewer1530855 - PeerSpot reviewer
Network Engineer at a media company with 10,001+ employees

I like the correlation and the alerting. If I have multiple monitoring systems and I alert Graylog, Graylog will collect them and analyze them, and issue one alert.

We are only approximately four months into production and have not explored all of the features this solution offers. So far, it has everything we wanted.

View full review »
Buyer's Guide
Graylog
June 2025
Learn what your peers think about Graylog. Get advice and tips from experienced pros sharing their opinions. Updated: June 2025.
859,687 professionals have used our research since 2012.