Graylog

• Full return on investment for the free version.
• Paid features aren't fully justifiable at the enterprise cost.

IBM QRadar, Splunk Enterprise Security, AlienVault OSSIM and AlienVault USM

Palo Alto Networks Next-Generation Firewalls - PA Series, Palo Alto Networks GlobalProtect Mobile Security Manager, Palo Alto Networks URL Filtering PAN-DB

Allows insight into logs from various systems and products that would otherwise be time consuming to access and identify. Dashboards can be customised to your preferences and Alerts/emails can be defined when specific events or patterns occur, which is not possible directly from the log source. Our use case is primarily security related looking at access/sign-in logs from various platforms and then sending alerts as required.

• Multiple log sources
• Customisable Dashboards
• Event alerts/emails

• Able to offer monitoring services to new and existing clients to increase revenue
• Staff have increased billing percentage
• Potential to expand security services

M‑Files, Microsoft Azure Active Directory, Windows Server

We have more than 60 applications, ranging from websites, Winforms, windows services, API's and console executables. All of them need to log their tracing and/or error information to a central location. It needs to be central because you don't want to search for this location, especially when you only have 5 minutes to solve a problem. We used to have a dedicated database for logging, but this does not eliminate the time lost searching for "the" logs. Also, [the] configuration used to be a manual and self-made business that wasn't always clear. Graylog is a dedicated logging solution that comes "out of the box" and is made accessible through a well-known plugin architecture (log4net if you're developing with the .NET framework).

• Central (the fact that it's central), one place to log them all
• Multiple ways to log, one I already mentioned (log4net)
• AD support
• The fact that it's free

• Negative: None. There is no negative impact by using Graylog.
• Speed of solving bugs. Logging is so accessible and easy to search that we spend a lot less time [searching] for specific errors.
• Better health of applications. Since monitoring the logs is so easy, it's very easy to keep an eye on the tracing to see if things are going smoothly and according to plan.

Azure Monitor

Azure API Management, Azure Blob Storage, Azure Data Factory

• Graylog has allowed our clients to successfully log NAT translations and comply with the DMCA, protecting us in terms of Safe Harbor.
• Graylog allows us to have a central server for syslog, which saves time rather than checking each machine, or figuring out events if we experience a unresponsive failure, lowering downtime.
• We have also spent a lot of time learning Graylog, which was a considerable investment. However, it is now starting to pay its dividends.

Splunk Enterprise and AlienVault USM

Microsoft Teams, Microsoft 365 Business, Windows Server

• Graylog is just less expensive than some other options which meant it fit into our budget otherwise we might not be able to justify a higher cost.
• Being able to track issues that we normally couldn't track using other tools is a bonus to help us know of any issues we have and can fix before an outage or failure that could potentially cost money.
• We have had to spend more time than I would like to understand and customize Graylog which has taken time away from other tasks and projects.

Splunk Enterprise