Tried Graylog v.3.3, mainly disappointed

Karlis · May 22, 2020, 8:16am

Tested new Graylog 3.3 by upgrade from v.3.1.
Have simple installation, Graylog and Elastic on one machine, no proxy, no clustering.
Upgrade itself was easy, that’s good. All dashboards, saved searches in place. OK.
Good things ended here. The same mouse-click oriented UI, clumsy compared to v.3.1. I already wrote about it previosly when tested v.3.2. Perhaps a little easier to orientate, some clicks less, compared to v.3.2. And that’s all I found. Yes, some nice features, not critical to me.
About missing Quick values there was said so much, nothing changed in this version.
Conclusion - no upgrade, keeping v.3.1, sorry.

As quick example how UI went to worse since v.3.1, I tested quite typical task - search simple query Channel:Microsoft-Windows-Backup AND source:someserver using built-in hints. We don’t save such queries, they are not in day-to-day tasks, so…
v.3.3: typing so -> arrow down for source: -> enter -> typing someserver AND Ch -> arrow down for Channel: -> enter -> typing Microsoft-Windows-Backup -> enter, 8 operations.
v.3.1: typing so -> arrow down for source: -> typing someserver AND Ch -> arrow down for Channel: -> typing Microsoft-Windows-Backup` -> enter, 6 operations. 25% less, if you want.

konrad · May 22, 2020, 8:29am

Hi @Karlis,

thanks a lot for your input. We know that we did not address all issues which were brought up in 3.2 and we will probably never will satisfy everyone, but we are aware of some of these issues and want to address them in future releases.

Thanks again, and I hope we can bring you onto the next release.

- Konrad

maniel · May 22, 2020, 9:13am

to add to that, I got already used to quick values regression when upgrading to 3.1 from 3.2, but I’m not really a fan of new color palette in 3.3, as i can live with different shade of red of notification indicator and different shade of blue in top right actions buttons and blacker text for example, the heap usage indicator in node page is burning my eyes, I might be picky though

konrad · May 22, 2020, 9:38am

@maniel thanks for the feedback about the colors. I will relay it to the right people.
\ - Konrad

newbenji · May 29, 2020, 6:52am

SAdly thats the common thing around as i hear…
Many loved the easy way in graylog 3.1
All here hate the 3.2 way for search etc

Karlis · May 29, 2020, 7:35am

All here hate - I think it’s overstated a little bit It seems Graylog team wanted to change the way we work with their product. Starting from v.3.2 it’s more like routine monitoring with predefined sets of searches and dashboards. Before it was more like reaction to alerts with investigation, which is not predefinable, it’s improvisation all the time. Some of us don’t want to change this, we already adapted this tool in our workflow, and it fits.