I’m recently using Graylog Open and I was wondering why long-term users of Graylog Open, are “still” Open users and not Enterprise nor Security.
I’ve been implementing Graylog within my company for few months now. I have some Network appliance, VPN, Access logs of critical servers plugged and when I reached a salesperson for a quotation, they estimated around 50K$ for our current load, which will probably double soon because I intend to plug all our Windows Servers and other verbose servers. The price tag is something my company will probably not validate so I’m looking for possibilities within Open or outside to implement features like archiving, reporting and probably others.
So, in short, I would love to know if long-term users of Open found a way to implement similar features as Enterprise/Security will staying in Open license.
We use it for years now and even moving back from enterprise to open because of a customer not wiling to pay the price tag and we do not need the enterprise features. Just the really good and central log management and alerting possibilities that almost everyone is able to use.
We do pay for support tho. Graylog is flexible and willing to their customers.
Same as @Arie , because of the amount for enterprise we stayed with Open. I do like the the easy setup, and if done right, the pipelines are awesome. it kind of build as you go software. Our GL server is isolated from the internet so we don’t need SSO we just use LDAP/AD. as for anything else works great. TBH I still have Graylog version 2.4 && 3.3 running now.
EDIT: some of the function with Graylog enterprise we don’t need, like report’s and Security, with pipeline I can perform the same widgets/alerts needed to identify intrusions. It may not be as pretty as the paid version but it gets the job done.
Open does a solid job, but archives are a very sweet feature, if you need long time storage.
Newer Graylog Open Versions bring also new features. I think of entropy-calculations for strings and debugging for sidecars e.g. Also the play button for events/alerts is very nice.
