What is our primary use case?
Our primary use case of this solution is for logging. Because we have financial systems, we also use it for audit trailing.
I basically run the entire program in our company. Whenever there's an audit, I get the people on board and give them the information they require.
How has it helped my organization?
Graylog captures our financial logs and preserves them, mainly for any audit that may come up. The compliance is very good.
What is most valuable?
What I like most about this solution, is that it caches the log. I also like it's filtration because we have various layers of data that needs to be captured - from flat filing to Windows servers, Linux-based servers and the like. I like the diversity and the number of environments it can cover, including the switches.
What needs improvement?
I would like to see a date and time in the Graylog Grok patterns so that I can save time when searching for a log. I like how the streams and the search query work, but adding a date and time will allow me to pull out a log in a milli-second.
For how long have I used the solution?
I have been using Graylog for at least three years now on site in our data center.
What do I think about the stability of the solution?
I am very proud of how very stable the solution is. One time I had an entire node on my VxRail VMware collapse, so I basically restored the template, gave it the same IP address and everything was working again.
What do I think about the scalability of the solution?
We've grown from 500 to 2,000 independent devices on this solution, and it captures them all. We even plan to increase our usage. So, yes, the program is scalable.
How are customer service and technical support?
There hasn't been a need for me to call support, because I only went through the forums and hundreds of pages of manuals to get to understand it.
How was the initial setup?
The initial setup was really complex because I did it myself. I had no support and I didn't understand the whole ecosystem. The first deployment took about a month because I had to figure out exactly what I'm capturing, and how to query it afterwards. I also had to manage the clientele, client installations, and the like. After a month or so I had an overall view of everything.
What about the implementation team?
I am responsible for the deployment and maintenance of Graylog. I've even done smaller setups and deployments for other people.
What's my experience with pricing, setup cost, and licensing?
I use the free version of Graylog.
What other advice do I have?
In the next version I would perhaps like to see less overlapping in in the interface. Some users feel that it is still very rigid and boxy. Pretty old school. So a more user-friendly interface with less overlapping in the structures would be great. I rate this solution 9.5 out of 10.