We’ve been using Graylog and Graylog Sidecar for a couple of years. We’ve recently started using Ansible for managing our environment, and so now I’m considering using Ansible for managing our log shipper configuration. We have a decently wide variety of servers and configurations, and managing that in Graylog Sidecar has basically resulted in the manual combination of each aspect, which is a rather long list of configurations. We could build these config files in a more modular fashion using Ansible, but I don’t want to “jump ship” just because it appears to be better.
I was curious if anyone has had experience with both that could provide some real-world insight into the considerations between the two? I know enough about both now to do an “on paper” comparison, but some real world insight would be nice, too.