We compared Fortinet FortiAnalyzer and Graylog based on our users' reviews in five categories. We reviewed all of the data and you can find the conclusion below.
Features: Fortinet FortiAnalyzer features exceptional log collection capabilities and customizable reporting. Graylog stands out with its exceptional search functions, seamless integration with Elasticsearch, and real-time data access. FortiAnalyzer enables users to centrally manage and analyze logs in real time. Fortinet FortiAnalyzer could simplify its reporting module and cloud storage capabilities. Graylog could benefit from additional customization options and an improved rule-creation process.
Service and Support: Some Fortinet customers were dissatisfied with support, but others said it was helpful and responsive. Graylog's customer service is generally well-regarded, with reviewers noting effective solutions and satisfactory experiences. While response times may differ, Graylog's support is considered superior compared to that of other products.
Ease of Deployment: FortiAnalyzer's initial setup is uncomplicated and manageable, typically taking approximately 30 minutes to a few hours. Some IT knowledge may be required. Some Graylog users said the setup was easy. Other reviewers faced challenges, but these were easily resolved with help from the vendor’s support staff. Graylog is easier to set up in smaller environments, but it could get complicated in large clusters.
Pricing: While FortiAnalyzer isn't the most expensive option, users say the pricing could be more competitive. FortiAnalyzer's cost depends on the storage requirements, and many customers consider it reasonable. Graylog offers an enterprise edition and an open-source option with a daily capacity restriction. Some users said that data costs can be expensive.
ROI: FortiAnalyzer helps customers by providing insight into network traffic and speeding up issue resolution. Graylog can offer some cost savings. The precise ROI may vary depending on the organization’s size and use case.
"Special notifications about compromised phones are valuable because we have some guest networks, and sometimes, people are connecting phones that are connected to compromised websites. We want to be informed about it. We sometimes have some cases where we want to analyze the connection from inside to outside ports. So, it helps with a lot of things. It depends on our needs."
"The solution provides good standardized reports and is easy to troubleshoot."
"The product works well with other products."
"The log events are quite useful for us."
"I would say that Fortinet's tech support is really good."
"The most valuable features of the solution are the reports and the playbooks."
"Stability-wise, I rate the solution a ten out of ten since, in our company, we have never experienced the solution crashing or having any other issues."
"The anti-virus protection it offers our clients is solid."
"UDP is a fast and lightweight protocol, perfect for sending large volumes of logs with minimal overhead."
"Everything stands out as valuable, including the fact that I can quantify and qualify the logs, create pipelines and process the logs in any way I like, and create charts or data maps."
"One of the most valuable features is that you are able to do a very detailed search through the log messages in the overview."
"The build is stable and requires little maintenance, even compared to some extremely expensive products."
"What I like about Graylog is that it's real-time and you have access to the raw data. So, you ingest it, and you have access to every message and every data item you ingest. You can then build analytics on top of that. You can look at the raw data, and you can do some volumetric estimations, such as how big traffic you have, how many messages of data of a type you have, etc."
"Allowing us to set up alerts and integrate with platforms we already use, such as Slack and OpsGenie to alert users of these errors proactively, is also a very useful feature."
"The best feature of Graylog is the Elasticsearch integration. We can integrate and we can run filters, such as an event of interest, and those logs we can send to any SIEM tool or as an analytic. Additionally, there are clear and well-documented implementation instructions on their website to follow if needed."
"We have scaled from a single machine installation (a VM with a Graylog + ES + MongoDB) to (2 Graylog + 2 ES + 3 MongoDB). This was done smoothly with a minimal impact on logging."
"When somebody is new to the system they find it difficult to perform certain operations, like backups, and to see where the reports are."
"I feel that Fortinet FortiAnalyzer is a little bit heavy, making it an area where improvements are required."
"Fortinet FortiAnalyzer could improve by having better integration with other vendors."
"The setup of the solution can be improved because it is currently complex."
"It's possible that they could add some advanced analytics and some proactive controls for logging analytics. That will help a lot."
"I would like to see an improvement in the technical support. Stronger authentication will also be a plus."
"The integration between specific tenants and FortiAnalyzer can be simplified when utilizing a multi-tenant EMS for our FortiClient."
"The solution could embed monitoring."
"More complex visualizations and the ability to execute custom Elasticsearch queries would be great."
"The infrastructure cost is the main issue. I like the rest. If the infrastructure costs could be lower, it would be fantastic."
"More customization is always useful."
"It would be great if Graylog could provide a better Python package in order to make it easier to use for the Python community."
"Over six months, I had two similar issues where searches were performed on field "messages". It exhausted all the memory of the ES node causing an ES crash and a Graylog halt."
"Graylog needs to improve their authentication. Also, the fact that Graylog displays logs from the top down is just ridiculous."
"Lacks sufficient documentation."
"The biggest problem is the collector application, as we wanted to avoid using Graylog Collector Sidecar due to its architecture."
Fortinet FortiAnalyzer is ranked 7th in Log Management with 87 reviews while Graylog is ranked 11th in Log Management with 18 reviews. Fortinet FortiAnalyzer is rated 8.0, while Graylog is rated 8.0. The top reviewer of Fortinet FortiAnalyzer writes "We can automate event-based handling solutions, is stable, and is great for heavy traffic". On the other hand, the top reviewer of Graylog writes "Great detailed search features and easy Java integration, but needs improvement in integration with Python". Fortinet FortiAnalyzer is most compared with Wazuh, Splunk Enterprise Security, Grafana Loki, Datadog and ManageEngine EventLog Analyzer, whereas Graylog is most compared with Grafana Loki, Wazuh, syslog-ng, Splunk Enterprise Security and Elastic Security. See our Fortinet FortiAnalyzer vs. Graylog report.
See our list of best Log Management vendors.
We monitor all Log Management reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.