We compared Fortinet FortiAnalyzer and Graylog based on our users' reviews in five categories. We reviewed all of the data and you can find the conclusion below.
Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. Graylog stands out with its exceptional search functions, seamless integration with Elasticsearch, and real-time data access. FortiAnalyzer enables users to centrally manage and analyze logs in real time. Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. Graylog could benefit from additional customization options and an improved rule-creation process.
Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. Graylog's customer service is generally well-regarded, with reviewers noting effective solutions and satisfactory experiences. While response times may differ, Graylog's support is considered superior compared to that of other products.
Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. Some Graylog users said the setup was easy. Other reviewers faced challenges, but these were easily resolved with help from the vendor’s support staff. Graylog is easier to set up in smaller environments, but it could get complicated in large clusters.
Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. Graylog offers an enterprise edition and an open-source option with a daily capacity restriction. Some users said that data costs can be expensive.
ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. Graylog can offer some cost savings. The precise ROI may vary depending on the organization’s size and use case.
"The feature that I have found the most valuable is to be able to see everything in our network in a single task. A single menu and the graphical bar charts that it provides to give insights are very useful. It also gives very good metrics on bandwidth utilization, CPU, and device performance. It is very simple and easy to use as well."
"FortiAnalyzer's reporting features like graphs, threat intelligence, and vulnerabilities analysis are helpful. Fortinet knows how to do reporting. You can customize your reports to show exactly what you want to analyze. It's user-friendly and doesn't require a lot of effort."
"The initial setup is pretty straightforward."
"Logging is the best feature."
"The most valuable is its robust and comprehensive reporting functionality, providing a thorough overview of various metrics."
"I like its simplicity. It is straightforward. We get reports and emails about the logs, and that's it."
"The log analysis and reporting are both quite good."
"The feature I find most useful is the handy dashboard."
"We have scaled from a single machine installation (a VM with a Graylog + ES + MongoDB) to (2 Graylog + 2 ES + 3 MongoDB). This was done smoothly with a minimal impact on logging."
"What I like about Graylog is that it's real-time and you have access to the raw data. So, you ingest it, and you have access to every message and every data item you ingest. You can then build analytics on top of that. You can look at the raw data, and you can do some volumetric estimations, such as how big traffic you have, how many messages of data of a type you have, etc."
"UDP is a fast and lightweight protocol, perfect for sending large volumes of logs with minimal overhead."
"We're using the Community edition, but I know that it has really good dashboarding and alerts."
"The solution's most valuable feature is its new interface."
"Message forwarding through the in-built module."
"The build is stable and requires little maintenance, even compared to some extremely expensive products."
"I like the correlation and the alerting."
"The technical support takes at least two days to reply on any ticket post raised on their website."
"Fortinet FortiAnalyzer should come bundled with other Fortinet solutions. Additionally, the performance and updates could improve. They need to test their updates better so there are not as many bugs."
"One of the main disadvantages is not having a direct link to the security policy when you see something in the log."
"I feel that Fortinet FortiAnalyzer is a little bit heavy, making it an area where improvements are required."
"They need to make the monitor better."
"In future releases, we'd like to see more granular reporting. The reports on offer right now are pretty short."
"One thing we struggled with FortiAnalyzer was integration with SIEM. We also had issues with the new threats and APTs. There were false positives, so we needed to have some ratings related to false positives."
"The user interface could be a bit more user-friendly."
"I hope to see improvements in Graylog for more interactivity, user-friendliness, and creating alerts. The initial setup is complex."
"Dashboards, stream alerts and parsing could be improved."
"Since container orchestration systems are popular and Graylog fits the niche well, perhaps they could officially support running in docker containers on Kubernetes as a StatefulSet as a use case. That way, the declarative nature of Kubernetes config files would document their best case deployment scenario-"
"Graylog can improve the index rotation as it's quite a complex solution."
"The biggest problem is the collector application, as we wanted to avoid using Graylog Collector Sidecar due to its architecture."
"We ran into problems with Elasticsearch throwing a circuit-breaking exception due to field data size being too large. It turned out that the heap size directly impacted this size in a high-throughput environment, causing unexplained instability in Graylog. We were able to troubleshoot on the Elasticsearch size, but we should have been able to reference some minimum requirements for Graylog to know that our settings weren't sufficient."
"More complex visualizations and the ability to execute custom Elasticsearch queries would be great."
"The infrastructure cost is the main issue. I like the rest. If the infrastructure costs could be lower, it would be fantastic."
Fortinet FortiAnalyzer is ranked 8th in Log Management with 86 reviews while Graylog is ranked 11th in Log Management with 18 reviews. Fortinet FortiAnalyzer is rated 8.0, while Graylog is rated 8.0. The top reviewer of Fortinet FortiAnalyzer writes "We can automate event-based handling solutions, is stable, and is great for heavy traffic". On the other hand, the top reviewer of Graylog writes "Great detailed search features and easy Java integration, but needs improvement in integration with Python". Fortinet FortiAnalyzer is most compared with Wazuh, Splunk Enterprise Security, Grafana Loki, LogRhythm SIEM and Datadog, whereas Graylog is most compared with Grafana Loki, Wazuh, syslog-ng, Splunk Enterprise Security and Elastic Security. See our Fortinet FortiAnalyzer vs. Graylog report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.