Graylog is not open source it’s using the Server Side Public License its a source available license. If I am choosing software to use at work I always try to use projects where you can buy support for open source version. Getting rug pull is never fun have seen it so many times with closed source monitoring software.
@Joshko824 ай бұрын
Awesome video Tom. I truly appreciate all the efforts you put into creating high quality, focused and easy to understand content. Also looking especially to the non-paid version here makes sense, since many smaller companies do not have these big budgets!
@ManuelWhiskey-3UHF4 ай бұрын
Great video, thank you!
@omgoood2 ай бұрын
Thank you. How to split logs from different sources? I mean "Index pattern" analog in ELK. For example, I want to query all logs from index "dev-app", or "stage-app".
@ronaldabalza97133 ай бұрын
Hi Lawrence, how can I apply HTTPS or Let's Encrypt for a Docker Graylog instance? thanks
@LAWRENCESYSTEMS3 ай бұрын
Put a reverse proxy in front of it that supports Let's Encrypt. I use pfsense with HAProxy.
@RaidOwl4 ай бұрын
Tom makes me want to implement Graylog but my laziness overpowers it every time.
@LAWRENCESYSTEMS4 ай бұрын
But docker males it so easy!
@manbash053 ай бұрын
@@LAWRENCESYSTEMS Hi i always find dockers so confusing ..please have u got a tutorial ideo for graylog using docker?
Way to many paywalls for app that claims that they're open source. Open version is opensource it offers just logging and nothing more. Enterprise and securtiy also anything paid shouldn't even be in dashboard of open source version.
@LAWRENCESYSTEMS4 ай бұрын
You have identified a problem that you have with the project, but not a solution. How do you propose they fund this project?
@MrAltairantares4 ай бұрын
@@LAWRENCESYSTEMS I heard thoughts and prayers go pretty far.
@egenhoferj4 ай бұрын
Open-source does NOT mean free, its important to remember that.
@raughboy1884 ай бұрын
@@LAWRENCESYSTEMS they can fund it by offering paid technical support along with extra services that will benefit enterprises not by making difference enterprises and non enterprise users. I've seen few others where you get everthing enterprise does but you don't get techical support if you use free version. Graylog open should reflect it's open source nature without offering demos of paid stuff. It should only have a button with link to enterprise version for more info and subscription. There are ways for them fund it but not by locking features behind paywall.
@raughboy1884 ай бұрын
@@egenhoferj i know that. I know they need money for hardware,they need to earn money for living,monsy for software they use for development and so on. All i wanted to say how i don't like way some open source apps are funded. In open source world best way to fund development isn't locking up advanced features behind paywall it can instead be thruogh royalties like unreal engine does, it can be by offering techincal support,hosting server on your cloud for enterprise,basicaly anything but locking features behind paywall.
@kolt93074 ай бұрын
Moved from Graylog to Grafana Loki, never looked back. Damn elastic shards are just a pain
@tullyelliston62544 ай бұрын
w/ the warm tier and the way index rotation/retention have changed, this actually a problem that 6.0 pretty much solved
@Kunalchander-c8jАй бұрын
Hi we were also using Grafana Loki earlier but we were only able to download 5000 log lines at a time . Is this the case with your team as well ?
@kolt9307Ай бұрын
@@Kunalchander-c8jfrom what I remember we set the max_entries_limit_per_query and max_global_streams_per_user to your desired size
@Kunalchander-c8j23 күн бұрын
In our case when we are querying high volume logs the Grafana interface starts lagging as hell. It was only stable upto 50k line of logs .
@muhammad-alani16 күн бұрын
Hello Lawrence! How can I change the log colors, like: If the log is info: make it green, if is warning: make it orange, if it's error: make it red and etc.
@DPCTechnology4 ай бұрын
Good stuff..
@ashuggtube4 ай бұрын
Nice one Tom, thank you
@pproba4 ай бұрын
Thanks for the video. I would be very much interested in a comparison between the most popular log management solutions for homelabbers. Any chance you might be working on such a comparison in the future?
@LAWRENCESYSTEMS4 ай бұрын
What other ones are there besides graylog? Wazuh is not really a log server and OpneSeaech and Elastic are overly manual compared to graylog.
@pproba4 ай бұрын
@@LAWRENCESYSTEMS To be honest, I'm not even sure which ones are real alternatives. Reddit suggestions include splunk, vector+promtail+loki, datadog, elk, something+grafana, etc. Tbh even getting an overview for which free/cheap options for personal use exist is not easy.
@EViL36664 ай бұрын
I've long had a soft spot for Graylog... but alas, the Splunk dev license makes it too easy..
@nivideus4 ай бұрын
Great summary video! I was just looking at graylog, this is great timing. Lots of threads to explore, thank you. I am using proxmox to manage my NFS mounts which are passed to Docker like you are, but I struggle with the situation where the mount is there but empty if the NAS is unreachable for any reason, causing some services to regard data as "deleted" which can cause quite a bit of chaos. I'd like to store my logs remotely like you are, but I'm not sure about how this scenario will affect graylog. How do you handle this in your setup? Is there some way to guard against it or suspend containers that depend on the share?
@KunalChander-b1j3 ай бұрын
Can i get more than 2 lakh log lines at a time in gray cloud ??
@sabir40944 ай бұрын
This is a great tool, but requirew a lot resources.
@simons91674 ай бұрын
The UI is similar to Wazah..
@nitrogarbo15894 ай бұрын
What is the difference between Zabbix vs Graylog?
@LAWRENCESYSTEMS4 ай бұрын
Zabbix is more of a monitoring tool, Graylog is a logging tool.
@DieterFrueh-cp1go4 ай бұрын
Vs grafana loki?
@theatlastech87924 ай бұрын
Will your Greylog update video still work to get onto this newest version?
@LAWRENCESYSTEMS4 ай бұрын
Yes
@WeathermanMark14 ай бұрын
Unfortunately I'm running an older server for my virtual environment with CPUs that don't support MongoDB's AVX requirement. I wish MongoDB had a legacy switch for older hardware or we could use a different DB.
@LAWRENCESYSTEMS4 ай бұрын
AVX enabled processors have been shipping since 2012 and the latest AVX-512 version since 2016. Might be time to consider upgrading.
@WeathermanMark14 ай бұрын
@@LAWRENCESYSTEMS Yes, I'm still running (3) 4U Supermicro servers with (2) Xeon X5675 3Ghz CPUs, 300G ram, and 36 drive bays. I have been looking at some of the newer/used Supermicros with 512G DDR4, newer CPUs, etc. Just have not committed yet.
@double_DD4 ай бұрын
are there any plans on testing and making a video of WAZUH SIEM? It would be very nice if you would do so.
@LAWRENCESYSTEMS4 ай бұрын
I think enough people have already done a video on and I don't really use it therefore don't have anything more to add. Let me know if I am wrong.
@double_DD4 ай бұрын
@@LAWRENCESYSTEMS I agree with you there are many videos already out there, but the quality of those videos is questionable. On other hand, your videos are much more professional, providing more information and steps in proper order, with more clarity. In my opinion, Wazuh is much better than Graylog security wise. Also, it's lighter for hardware resources, and provides full unlocked features in free version (you can have paid subscription, but it's for support). You could do great job with video explaining how to tweak it, and configure it properly for security alerts, as it has many options, because your videos stand out in this ocean of low-quality videos.
@LAWRENCESYSTEMS4 ай бұрын
@@double_DD Thanks, but for clarification is it that many of the videos are sponsored by Wazuh that brings up the question of their quality?
@scratius4 ай бұрын
Thanks for the review, Tom. Informative as always. Graylog is a wonderful tool.
@lindhe4 ай бұрын
Last I looked at Graylog, I recall being deterred by them depending on some deprecated version of a database. Know what I'm talking about? Is that fixed now?
@LAWRENCESYSTEMS4 ай бұрын
Look at the docker compose and see if something in there that makes you not want to use it.
@bobstar48004 ай бұрын
Was willing to use graylog but the lack of libraries for nodejs forced me to switch to Loki.
@oxxysaurus4 ай бұрын
Followed the instructions exactly, on a new install (VM), didnt work. Tried again, didnt work. Might want to review the instructions mate.
@LAWRENCESYSTEMS4 ай бұрын
I did and they worked.
@yeahmanitsmurph4 ай бұрын
Hardly the best logging tool especially when a lot of the main functionality is behind a paywall. When stacked up against the free tiers of Elastic, Splunk, OpenSearch or even solutions like Wazuh, Malcolm and S1EM, Graylog doesn’t even compete.
@MortenEghj4 ай бұрын
Do you have any links to such an comparison?
@yeahmanitsmurph4 ай бұрын
@@MortenEghj My opinion is based off my own evaluation of each. However, If you just want a product, ignore me and just pick whatever the KZbinr tells you. If you have any responsibility to critical work or to a customer base, identify what’s important for your organization and reach out to competing vendors, get their demonstration and decide which makes the most sense. If you’re just playing around in a homelab, install them and see for yourself.
@jasonperry60464 ай бұрын
What one do you recommend I look at first? Better yet, what type of person would you recommend each solution for?
@MarkConstable4 ай бұрын
Stopped watching at the first mention of docker.
@dyto22874 ай бұрын
If docker is to hard to for you then you should retire from IT bud.
@MarkConstable4 ай бұрын
@@dyto2287 I will do that, thanks for the advice.
@double_DD4 ай бұрын
@@dyto2287 and you are an idiot!!! So the WHOLE IT world is based only on docker, so if someone doesn't know how to use docker, he should retire from IT.... you dumbhead...
@samsampier71474 ай бұрын
Graylog has installation docs for Ubuntu, Debian, Red Hat, and SUSE if you don't' want to use Docker. And manual if your distro is none of these.