We performed a comparison between Graylog and VMware Aria Operations for Logs based on real PeerSpot user reviews.
Find out in this report how the two Log Management solutions compare in terms of features, pricing, service and support, easy of deployment, and ROI."I am very proud of how very stable the solution is."
"The ability to write custom alerts is key to information security and compliance."
"We're using the Community edition, but I know that it has really good dashboarding and alerts."
"We have scaled from a single machine installation (a VM with a Graylog + ES + MongoDB) to (2 Graylog + 2 ES + 3 MongoDB). This was done smoothly with a minimal impact on logging."
"The solution's most valuable feature is its new interface."
"The best feature of Graylog is the Elasticsearch integration. We can integrate and we can run filters, such as an event of interest, and those logs we can send to any SIEM tool or as an analytic. Additionally, there are clear and well-documented implementation instructions on their website to follow if needed."
"Open source and user friendly."
"UDP is a fast and lightweight protocol, perfect for sending large volumes of logs with minimal overhead."
"The interface of the solution is good."
"The setup and installation are very easy."
"One of the things I like about it is its interface. When it comes to generating reports on VMs and stuff, it's very quick. This is very handy for the technical team, who need to generate reports quickly. So that's really good."
"The trace log is the solution's most valuable feature. It's very helpful in troubleshooting problems."
"The root cause analysis feature is very valuable."
"What I like is that you can have different storage locations for different applications."
"The solution is quite user-friendly."
"The events are notably more descriptive, aiding in security and event analysis. We've also integrated Sky Collector, providing valuable insights and solutions for troubleshooting."
"Over six months, I had two similar issues where searches were performed on field "messages". It exhausted all the memory of the ES node causing an ES crash and a Graylog halt."
"Elasticsearch recommendations for tuning could be better. Graylog doesn't have direct support for running the system inside of Kubernetes, so it can be challenging to fill in the gaps and set up containers in a way that is both performant and stable."
"We ran into problems with Elasticsearch throwing a circuit-breaking exception due to field data size being too large. It turned out that the heap size directly impacted this size in a high-throughput environment, causing unexplained instability in Graylog. We were able to troubleshoot on the Elasticsearch size, but we should have been able to reference some minimum requirements for Graylog to know that our settings weren't sufficient."
"More complex visualizations and the ability to execute custom Elasticsearch queries would be great."
"More customization is always useful."
"Since container orchestration systems are popular and Graylog fits the niche well, perhaps they could officially support running in docker containers on Kubernetes as a StatefulSet as a use case. That way, the declarative nature of Kubernetes config files would document their best case deployment scenario-"
"The biggest problem is the collector application, as we wanted to avoid using Graylog Collector Sidecar due to its architecture."
"Its scalability gets complicated when we have to update or edit multiple nodes."
"The tool does not provide a centralized pane for monitoring."
"The tool is expensive."
"They should improve their web interface to make it more user-friendly."
"The solution isn't user-friendly for admins."
"In the VMware environment, one area for improvement is the handling of VM failovers due to host failures, such as unexpected shutdowns from hardware issues. Currently, High Availability (HA) doesn't seem to recognize whether the VMs are online during failover, treating them as offline or unavailable."
"Documentation is lacking, including some guide as to how to use the expressions. It is not clear how to look for a log, for example. Some examples in the documentation might be helpful. I think that VMware had good documentation, but it's no longer hosted. The documentation is not as easy to understand as it was before."
"The pricing of the solution could be improved."
"The solution is a very good tool, but it has a lot of limitations. One of the main issues is around how you define your retention policy, for instance, in Log Insight. It doesn't have it. You can't define a log retention policy. You also can't define the destination or location for your logs. All of the logs are in one index or one bucket."
More VMware Aria Operations for Logs Pricing and Cost Advice →
Graylog is ranked 11th in Log Management with 18 reviews while VMware Aria Operations for Logs is ranked 10th in Log Management with 24 reviews. Graylog is rated 8.0, while VMware Aria Operations for Logs is rated 8.2. The top reviewer of Graylog writes "Great detailed search features and easy Java integration, but needs improvement in integration with Python". On the other hand, the top reviewer of VMware Aria Operations for Logs writes "Gives a clear forecast about existing machines, and has an automation feature that helps in reducing a lot of ambiguities and managing operational efficiencies". Graylog is most compared with Grafana Loki, Wazuh, syslog-ng, Splunk Enterprise Security and Security Onion, whereas VMware Aria Operations for Logs is most compared with Splunk Enterprise Security, Elastic Security, LogRhythm SIEM, IBM Security QRadar and Wazuh. See our Graylog vs. VMware Aria Operations for Logs report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.