• Home
  • Elastic Security vs. Graylog

Elastic Security vs Graylog comparison

Cancel
You must select at least 2 products to compare!
Elastic Logo

Elastic Security

Read 58 Elastic Security reviews
16,151 views|13,259 comparisons
86% willing to recommend
Graylog Logo

Graylog

Read 18 Graylog reviews
10,317 views|8,658 comparisons
94% willing to recommend
Comparison Buyer's Guide
Download the complete report
Buyer's Guide
Elastic Security vs. Graylog
April 2024
Executive Summary
Updated on Jul 23, 2023

We performed a comparison between Elastic Security and Graylog based on our users’ reviews in five categories. After reading all of the collected data, you can find our conclusion below.

  • Features: Elastic Security is commended for its adaptability, extensive customization options, and seamless integration with the ELK Stack. Graylog stands out with its exceptional search functions, seamless integration with Elasticsearch, and real-time data access. Elastic Security could improve by reducing resource usage, automating threat response, and simplifying the user experience. Graylog could benefit from additional customization options and an improved rule-creation process.

  • Service and Support: Some Elastic Security users found their support helpful, while others experienced difficulties and delays. Graylog's customer service is generally well-regarded, with reviewers noting effective solutions and satisfactory experiences. While response times may differ, Graylog's support is considered superior compared to that of other products.

  • Ease of Deployment: Elastic Security generally has a straightforward setup but may require trained specialists. Some Graylog users said the setup was easy. Other reviewers faced challenges, but these were easily resolved with help from the vendor’s support staff. Graylog is easier to set up in smaller environments, but it could get complicated in large clusters.

  • Pricing: Elastic Security is considered affordable and cost-effective, with pricing based on the size of the monitored environment. Graylog offers an enterprise edition and an open-source option with a daily capacity restriction. Some users said that data costs can be expensive.

  • ROI: Elastic Security has shown mixed results in terms of ROI, with some users expressing concerns about the quality of their premium support. Graylog can offer some cost savings. The precise ROI may vary depending on the organization’s size and use case.

Conclusion: Users appreciate Graylog's simple setup process, which can be easily done by someone with basic Linux command knowledge. On the other hand, Elastic Security's setup is seen as more complicated and may require trained specialists. Furthermore, Graylog's ability to conduct detailed searches and attach additional information to log messages is highly valued. Users particularly appreciate its integration with Elasticsearch. Comparatively, Elastic Security is praised for its flexibility and customization options, but Graylog's search capabilities and Elasticsearch integration are more highly regarded.
To learn more, read our detailed Elastic Security vs. Graylog Report (Updated: April 2024).
Download the complete report
768,415 professionals have used our research since 2012.
Featured Review
Don Jarmon
A stable and scalable tool that provides visibility along with the consolidation of logs to its users
Elastic Security has allowed my organization to have visibility with the consolidation of the logs while also providing it the ability to be able... Read more →
JasonCrow
Researched Elastic Security but chose Graylog: Enables us to set up streams and error/anomaly searches across hundreds of containers
Quotes From Members
We asked business professionals to review the solutions they use.
Here are some excerpts of what they said:
Pros
"The visualization is very good.""It is scalable.""The most valuable features are the speed, detail, and visualization. It has the latest standards.""We chose the product based on the ability to scan for malware using a malware behavioral model as opposed to just a traditional hash-based antivirus. Therefore, it's not as intensive.""The performance is good and it is faster than IBM QRadar.""The stability of the solution is good.""It's very customizable, which is quite helpful.""The most valuable feature is the machine learning capability."

More Elastic Security Pros →

"This had increased productivity for the dev and support teams, because we are directly notifying them.""We're using the Community edition, but I know that it has really good dashboarding and alerts.""Graylog's search functionality, alerting functionality, user management, and dashboards are useful.""I am very proud of how very stable the solution is.""The build is stable and requires little maintenance, even compared to some extremely expensive products.""Real-time UDP/GELF logging and full text-based searching.""The product is scalable. The solution is stable.""Message forwarding through the in-built module."

More Graylog Pros →

Cons
"We're using the open-source edition, for now, I think maybe they can allow their OLED plugin to be open source, as at the moment it is commercialised.""Improvements in Elastic Security could include refining and normalizing queries to make them more user-friendly, enhancing the user experience with better documentation, and addressing any latency issues.""It is difficult to anticipate and understand the space utilization, so more clarity there would be great.""Technical support could respond faster.""There isn't really a very good user experience. You need a lot of training.""The solution needs to be more reactive to investigations. We need to be able to detect and prevent any attacks before it can damage our infrastructure. Currently, this solution doesn't offer that.""The price of this product could be improved, especially the additional costs. I would also like to see better-quality graphics.""One limitation of Elastic Security is that it does not have built-in workflows for all tasks. For example, if you need a workflow for compliance, you will need to create a custom workflow."

More Elastic Security Cons →

"The infrastructure cost is the main issue. I like the rest. If the infrastructure costs could be lower, it would be fantastic.""More complex visualizations and the ability to execute custom Elasticsearch queries would be great.""Graylog could improve the process of creating rules. We have to create them manually by doing parses and applying them. Other SIEM solutions have basic rules and you can create and get more events of interest.""It would be great if Graylog could provide a better Python package in order to make it easier to use for the Python community.""Over six months, I had two similar issues where searches were performed on field "messages". It exhausted all the memory of the ES node causing an ES crash and a Graylog halt.""Dashboards, stream alerts and parsing could be improved.""I would like to see a date and time in the Graylog Grok patterns so that I can save time when searching for a log. I like how the streams and the search query work, but adding a date and time will allow me to pull out a log in a milli-second.""The biggest problem is the collector application, as we wanted to avoid using Graylog Collector Sidecar due to its architecture."

More Graylog Cons →

Pricing and Cost Advice
  • "We use the open-source version, so there is no charge for this solution."
  • "We are using the free, open-source version of this solution."
  • "Elastic Stack is an open-source tool. You don't have to pay anything for the components."
  • "There is no charge for using the open-source version."
  • "This is an open-source product, so there are no costs."
  • "It's a monthly cost with Elastic SIEM, but I am not sure of the exact cost."
  • "It is easy to deploy, easy to use, and you get everything you need to become operational with it, and have nothing further to pay unless you want the OLED plugin."
  • "Compared to other products such as Dynatrace, this is one of the cheaper options."

    • More Elastic Security Pricing and Cost Advice →

  • "Having paid official support is wise for projects."
  • "I am using a community edition. I have not looked at the enterprise offering from Graylog."
  • "If you want something that works and do not have the money for Splunk or QRadar, take Graylog.​​"
  • "​You get a lot out-of-the-box with the non-enterprise version, so give it a try first."
  • "Consider Enterprise support if you have atypical needs or setup requirements.​"
  • "I use the free version of Graylog."
  • "It's an open-source solution that can be used free of charge."
  • "We're using the Community edition."

    • More Graylog Pricing and Cost Advice →

    report
    See Which Vendors Are Best For You
    Use our free recommendation engine to learn which Log Management solutions are best for your needs.
    See Recommendations
    768,415 professionals have used our research since 2012.
    Questions from the Community
    Datadog vs ELK: which one is good in terms of performance, cost and effic...
    Top Answer:With Datadog, we have near-live visibility across our entire platform. We have seen APM metrics impacted several times lately using the dashboards we have created with Datadog; they are very good core… more »
    Read all 7 answers   →
    What do you like most about Elastic Security?
    Top Answer:It is an extremely stable solution. Stability-wise, I rate the solution a ten out of ten.
    Read all 26 answers   →
    What is your experience regarding pricing and costs for Elastic Security?
    Top Answer:The product offers an amazing pricing structure. Price-wise, the product is very competitive.
    Read all 18 answers   →
    What do you like most about Graylog?
    Top Answer:The product is scalable. The solution is stable.
    Read all 9 answers   →
    What is your experience regarding pricing and costs for Graylog?
    Top Answer:We are using the free version of the product. However, the paid version is expensive.
    Read all 5 answers   →
    What needs improvement with Graylog?
    Top Answer:Since it's a free tool, I don't have much to say. Troubleshooting is important to me. The initial setup is complex. I hope to see improvements in Graylog for more interactivity, user-friendliness, and… more »
    Read all 9 answers   →
    Ranking
    5th
    out of 95 in Log Management
    Views
    16,151
    Comparisons
    13,259
    Reviews
    26
    Average Words per Review
    483
    Rating
    7.7
    11th
    out of 95 in Log Management
    Views
    10,317
    Comparisons
    8,658
    Reviews
    6
    Average Words per Review
    802
    Rating
    7.3
    Comparisons
    Also Known As
    Elastic SIEM, ELK Logstash
    Graylog2
    Learn More
    Elastic
    Graylog
    Overview
    Elastic Security is a robust, open-source security solution designed to offer integrated threat prevention, detection, and response capabilities across an organization's entire digital estate. Part of the Elastic Stack (which includes Elasticsearch, Logstash, and Kibana), Elastic Security leverages the power of search, analytics, and data aggregation to provide real-time insight into threats and vulnerabilities. It is a comprehensive platform that supports a wide range of security needs, from endpoint protection to cloud and network security, making it a versatile choice for organizations looking to enhance their cybersecurity posture.


    Elastic Security combines the features of a security information and event management (SIEM) system with endpoint protection, allowing organizations to detect, investigate, and respond to threats in real time. This unified approach helps reduce complexity and improve the efficiency of security operations.

    Additional offerings and benefits:

    • The platform utilizes advanced analytics, machine learning algorithms, and anomaly detection to identify threats and suspicious activities.
    • It offers extensive integration options with other tools and platforms, facilitating a more cohesive and comprehensive security ecosystem.
    • With Kibana, users gain access to powerful visualization tools and dashboards that provide real-time insight into security data.

    Finally, Elastic Security benefits from a global community of users who contribute to its threat intelligence, helping to enhance its detection capabilities. This collaborative approach ensures that the solution remains on the cutting edge of cybersecurity, with up-to-date information on the latest threats and vulnerabilities.

    Graylog is purpose-built to deliver the best log collection, storage, enrichment, and analysis. Graylog is:

    • Considerably faster analysis speeds.
    • More robust and easier-to-use analysis platform.
    • Simpler administration and infrastructure management.
    • Lower cost than alternatives.
    • Full-scale customer service.
    • No expensive training or tool experts required.
    Sample Customers
    Texas A&M, U.S. Air Force, NuScale Power, Martin's Point Health Care
    Blue Cross Blue Shield, eBay, Cisco, LinkedIn, SAP, King.com, Twilio, Deutsche Presse-Agentur
    Top Industries
    REVIEWERS
    Financial Services Firm29%
    Computer Software Company25%
    Healthcare Company13%
    Comms Service Provider8%
    VISITORS READING REVIEWS
    Computer Software Company17%
    Financial Services Firm10%
    Government9%
    Comms Service Provider7%
    VISITORS READING REVIEWS
    Computer Software Company16%
    Comms Service Provider11%
    Government8%
    Educational Organization7%
    Company Size
    REVIEWERS
    Small Business60%
    Midsize Enterprise18%
    Large Enterprise23%
    VISITORS READING REVIEWS
    Small Business26%
    Midsize Enterprise17%
    Large Enterprise57%
    REVIEWERS
    Small Business50%
    Midsize Enterprise7%
    Large Enterprise43%
    VISITORS READING REVIEWS
    Small Business32%
    Midsize Enterprise18%
    Large Enterprise50%
    Buyer's Guide
    Elastic Security vs. Graylog
    April 2024
    Free Report: Elastic Security vs. Graylog
    Find out what your peers are saying about Elastic Security vs. Graylog and other solutions. Updated: April 2024.
    DOWNLOAD NOW
    768,415 professionals have used our research since 2012.

    Elastic Security is ranked 5th in Log Management with 58 reviews while Graylog is ranked 11th in Log Management with 18 reviews. Elastic Security is rated 7.6, while Graylog is rated 8.0. The top reviewer of Elastic Security writes "A stable and scalable tool that provides visibility along with the consolidation of logs to its users". On the other hand, the top reviewer of Graylog writes "Great detailed search features and easy Java integration, but needs improvement in integration with Python". Elastic Security is most compared with Wazuh, Splunk Enterprise Security, Microsoft Sentinel, IBM Security QRadar and VMware Aria Operations for Logs, whereas Graylog is most compared with Grafana Loki, Wazuh, syslog-ng, Splunk Enterprise Security and LogRhythm SIEM. See our Elastic Security vs. Graylog report.

    See our list of best Log Management vendors.

    We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.