Graylog Enterprise Edition
Graylog is a centralized log management (CLM) platform that seamlessly collects, enhances, stores, and analyzes log data. Logs are fundamental to any IT operations or security program, and placing them all in a single location greatly simplifies their use.
Graylog is composed of three components: Graylog, MongoDB, and Elasticsearch. All components can be installed on one server for evaluation or POC deployments. For production installations, we recommend that you separate the Elasticsearch component onto a separate server.
For a typical installation up to a 5 GB daily ingest volume, we recommend starting with the following requirements:
- 4 CPU Cores
- 8 GB RAM
- SSD Hard Disk Space with High IOPS for Elasticsearch Log Storage
We love logs. Purpose-built for modern log analytics, Graylog removes complexity from data exploration, compliance audits, and threat hunting so you can find meaning in data easily and take action faster. Founded in 2013, and primarily operating out of Houston, Texas and Germany, Graylog is used to ingest and analyze terabytes of log data across the globe by tens of thousands of users every day.
Collection & Processing
Search & Visualization
Best performance, user friendly interface, very smart charts, lot of functionality, cross-platform compatibility, data very speed searching, very clear indices management, easy to configure dashboard, a very clear and easy message setup and streaming configuration, graylog server configuration is not complicated.— Andy Larry R.
Moved to Graylog for ease of managing log data. Great for generating reports to deliver on business security and audit requirements. Ease of moving logs from Microsoft and Linux devices.— Data Storage Engineer - Education
We run a containerized microservices environment. Being able to set up streams and search for errors and anomalies across hundreds of containers is why a log aggregation platform like Graylog is valuable to us.— Jason Crow