ContactSupportBlogPartner Portal

Graylog Enterprise Edition


Graylog is a centralized log management (CLM) platform that seamlessly collects, enhances, stores, and analyzes log data. Logs are fundamental to any IT operations or security program, and placing them all in a single location greatly simplifies their use.


Graylog is composed of three components: Graylog, MongoDB, and Elasticsearch. All components can be installed on one server for evaluation or POC deployments. For production installations, we recommend that you separate the Elasticsearch component onto a separate server.

System Requirements

For a typical installation we recommend the following minimum system requirements:

  • 4 CPU Cores
  • 8 GB RAM
  • SSD Hard Disk Space with High IOPS for Elasticsearch Log Storage

About Graylog

We love logs. Purpose-built for modern log analytics, Graylog removes complexity from data exploration, compliance audits, and threat hunting so you can find meaning in data easily and take action faster. Founded in 2013, and primarily operating out of Houston, Texas and Germany, Graylog is used to ingest and analyze terabytes of log data across the globe by tens of thousands of users every day.


Role-based Access Control
Control who can access what data and Graylog capabilities, includes LDAP/Active Directory integration.
Rest API
Extract data and Graylog alerts to other systems to automate reporting, workflow, and research across your entire Operations Center tech stack.
Content Packs
Import collections of parsers, alerts, dashboards, and reports tied to a specific data source from Graylog or the Graylog Marketplace. Export all or parts of the configuration of a Graylog instance to move easily from Test to Production. You can also share your custom solutions in the Marketplace.
User Audit Logs
Log the log management system! Compliance and security best practices require tracking of who accessed what log data and what actions they took against that data.

Collection & Processing

Data Enrichment & Lookup Tables
Add data such as threat intelligence, WHOIS, IP geolocation, or other structured data to assist in analytics. Use to whitelist/blacklist data to remove noise or known “ignore this” situations, and perform faster research.
Convert raw machine data into structured data for storage, search, and analysis.
Control data processing with staged processing rules to ensure the right parser, data enrichment, and lookup table(s) are applied.
Centralize deployment and management of 3rd party, and custom log collectors.
Route log messages into categories in real time while they are processed to make it easy to target queries, dashboards, and reports for faster results.

Search & Visualization

Correlation Engine & Event Management
Be alerted via email, text, Slack, or other mechanisms based on a single event, many combined events, or even a lack of events.
Interactive Dashboards
Customize data visualization using widgets with sophisticated data aggregation for result counts, histograms, statistical values, field value charts, stacked charts, pie charts, and pivot tables.
Automate the delivery of key dashboard widgets to your inbox.
Scalable Search
Build complex, even chained queries in minutes, with many different data visualization output options using Graylog’s web console. No proprietary query language needed. Use Elasticsearch with Graylog’s architecture of multiple processors, and multiple buffers on a single machine, that then multiplies that threaded search across the number of participating nodes in the cluster for immense scalability and speed.
Views / Research Workflow
Rethink the intersection of dashboards, data queries, and workflows to greatly speed up an analyst’s job investigating errors, performance issues, and security threats. Using a single input parameter, initiate common multi-step analyses to generate multiple  searches and present the results on one dashboard-like widget screen. You can easily share Views with the rest of the team to ensure consistency and empower more junior team members, with pre-configured workflows.

Stay In The Know

Get Graylog email updates and be the first to know about new content, product updates, and tips and tricks!