Graylog

Pricing

Threat Detection & Response Solutions

Enterprise Log Management for SecOps, ITOps, and DevOps teams. Built on the Graylog Platform, Graylog Enterprise is designed to maximize your systems’ uptime, alert you to issues and outages, enhance productivity, and meet data retention requirements for larger teams and complex situations.
Learn More

Graylog Security delivers on the promise of SIEM without all the complexity, alert fatigue, and high costs. Built on the Graylog platform, Graylog Security reduces the strain on your cybersecurity staff, improves your overall security posture, and reduces risk. Technical support included. 
Learn More

Graylog API Security is a comprehensive solution designed to offer discovery and end-to-end protection for your business-critical APIs and peace of mind as your business thrives, safe in the knowledge that you are guarded by a smart, state-of-the-art, adaptable shield against the most sophisticated cyber threats.
Learn More

Compare Graylog Platform Plans

*Graylog Open only supports a very limited number of Parsers and Spotlights. Graylog Open users must first upgrade their 6.2+ instance to include the Enterprise plug-in before being able to install the Illuminate Content Hub.

Feature
Graylog Open
Graylog Enterprise
Graylog Security

Support for Syslog, CEF, GELF, BEATS, HTTP-JSON, IPFIX, Netflow, Plain Text

Log Collection & Fleet Management

Index Field Type Profiles

Pipelines & Streams

Data Normalization

Visualization Widgets

Save To Dashboard

Guided Search

Save & Share

Filters

×

Parameters

×

Customizable Data Visualization Widgets

Save & Share

Right-click Graylog & Custom Saved Searches

×

Scheduled E-mail Reports

×

Custom Reports

×

REST API

Content Pack Import/Export

TCP Raw & TCP Syslog Outputs

Direct Ingest

Basic

Advanced

Advanced

Direct Output

GELF Output
STDOUT

GELF, STDOUT-Enterprise, Google Cloud Big Query

GELF, STDOUT-Enterprise, Google Cloud Big Query

Graylog Schema

Manual

Illuminate

Illuminate

Input Wizard

×

Illuminate Content Hub

×

Illuminate Content

Basic Parsers

Ops Content

All Content

Data Enrichment Connectors

Support for IPinfo, MaxMind GeoIP Integration

IPinfo GeoIP Data

×

Cloud

Cloud

Lookup Tables

Static

Dynamic

Dynamic

Asset Data

×

×

Feature
Graylog Open
Graylog Enterprise
Graylog Security

Support for Syslog, CEF, GELF, BEATS, HTTP-JSON, IPFIX, Netflow, Plain Text

Log Collection & Fleet Management

Index Field Type Profiles

Pipelines & Streams

Data Normalization

Visualization Widgets

Save To Dashboard

Guided Search

Save & Share

Filters

×

Parameters

×

Customizable Data Visualization Widgets

Save & Share

Right-click Graylog & Custom Saved Searches

×

Scheduled E-mail Reports

×

Custom Reports

×

REST API

Content Pack Import/Export

TCP Raw & TCP Syslog Outputs

Direct Ingest

Basic

Advanced

Advanced

Direct Output

GELF Output
STDOUT

GELF, STDOUT-Enterprise, Google Cloud Big Query

GELF, STDOUT-Enterprise, Google Cloud Big Query

Graylog Schema

Manual

Illuminate

Illuminate

Input Wizard

×

Illuminate Content Hub

×

Illuminate Content

Basic Parsers

Ops Content

All Content

Data Enrichment Connectors

Support for IPinfo, MaxMind GeoIP Integration

IPinfo GeoIP Data

×

Cloud

Cloud

Lookup Tables

Static

Dynamic

Dynamic

Asset Data

×

×

Feature
Graylog Open
Graylog Enterprise
Graylog Security

Basic Triggers & Aggregations

Alerting

Notifications

Basic

Advanced

Advanced

Automated Script Triggers

×

Correlation Engine

×

Sigma Rules

×

×

MITRE ATT&CK Framework

×

×

User Activity

×

×

Suspicious Data Movement

×

×

File & System Integrity

×

×

Network / Perimeter Threats

×

×

Custom Detectors

×

×

Evidence Collection

×

×

AI Report Generation

×

×

Investigation Timeline Visualization

×

×

Investigations Analytics

×

×

Automation

×

×

Guided Response

×

×


Workflow

×

×

3rd Party SOAR, Ticketing Integration (custom add-on)

×

×

Feature
Graylog Open
Graylog Enterprise
Graylog Security

Basic Triggers & Aggregations

Alerting

Notifications

Basic

Advanced

Advanced

Automated Script Triggers

×

Correlation Engine

×

Sigma Rules

×

×

MITRE ATT&CK Framework

×

×

User Activity

×

×

Suspicious Data Movement

×

×

File & System Integrity

×

×

Network / Perimeter Threats

×

×

Custom Detectors

×

×

Evidence Collection

×

×

AI Report Generation

×

×

Investigation Timeline Visualization

×

×

Investigations Analytics

×

×

Automation

×

×

Guided Response

×

×


Workflow

×

×

3rd Party SOAR, Ticketing Integration (custom add-on)

×

×

Feature
Graylog Open
Graylog Enterprise
Graylog Security

Asset-based Risk Scoring

×

×

Events & Alerts Risk Scoring

×

×

Adversary Campaign Intelligence

×

×

Field Action Menus with Threat Intel Lookups and Watchlists

×

×

Threat Coverage Analyzer

×

×

Threat Coverage Visualization

×

×

Vulnerability Scan Ingest

×

×

Compliance Reports

×

Role-based

Internal

AD/LDAP

AD/LDAP

Teams Management

×

OIDC, OKTA, Auth0, AzureAD, Google, Keycloak, PingIdentity, OneLogin Support

×

Graylog User Audit Logs

×

Feature
Graylog Open
Graylog Enterprise
Graylog Security

Asset-based Risk Scoring

×

×

Events & Alerts Risk Scoring

×

×

Adversary Campaign Intelligence

×

×

Field Action Menus with Threat Intel Lookups and Watchlists

×

×

Threat Coverage Analyzer

×

×

Threat Coverage Visualization

×

×

Vulnerability Scan Ingest

×

×

Compliance Reports

×

Role-based

Internal

AD/LDAP

AD/LDAP

Teams Management

×

OIDC, OKTA, Auth0, AzureAD, Google, Keycloak, PingIdentity, OneLogin Support

×

Graylog User Audit Logs

×

Feature
Graylog Open
Graylog Enterprise
Graylog Security

Multi-Cluster

Enterprise Forwarder

×

Cluster-to-Cluster Forwarder

×

Cloud Forwarder

×

Data Node

×

 

Data Pipeline Management / Data Routing

×

Data Lake

×

Data Lake Preview

×

Selective Retrieval

×

Data Tiering - Hot, Warm, Archive

×

Searchable Snapshots

×

Feature
Graylog Open
Graylog Enterprise
Graylog Security

Multi-Cluster

Enterprise Forwarder

×

Cluster-to-Cluster Forwarder

×

Cloud Forwarder

×

Data Node

×

 

Data Pipeline Management / Data Routing

×

Data Lake

×

Data Lake Preview

×

Selective Retrieval

×

Data Tiering - Hot, Warm, Archive

×

Searchable Snapshots

×

Feature
Graylog Open
Graylog Enterprise
Graylog Security

Documentation

Graylog Academy

Graylog Community

Onboarding & Architecture Review Services

×

TAM Services (optional add-on)

×

Access To Professional Services (SOW required)

×

24x5 Global Technical Support

×

Feature
Graylog Open
Graylog Enterprise
Graylog Security

Documentation

Graylog Academy

Graylog Community

Onboarding & Architecture Review Services

×

TAM Services (optional add-on)

×

Access To Professional Services (SOW required)

×

24x5 Global Technical Support

×