Centralized log management and SIEM for collecting, searching, and analyzing log data
- Stars8.1k
- Forks1.1k
- Open Issues2k
Other
- Java
- TypeScript
- JavaScript
About Graylog
Graylog pulls logs from across your stack into one place to collect, store, search, and analyze them, so lean teams get a central view instead of checking systems separately. It ingests data over GELF, Syslog, AMQP, and Kafka, and turns raw events into searches, dashboards, and alerts.
Beyond plain log management, Graylog positions itself for security work: it markets SIEM, anomaly detection, and API protection alongside its core log pipeline. That makes it a fit for both operational troubleshooting and threat investigation on the same data.
The open-source server (graylog2-server) is source-available under the Server Side Public License (SSPL), not a standard OSI-approved license. It is self-hosted, with the server written in Java and a TypeScript web interface; source lives on GitHub and the company behind it is Graylog Inc.
Key features
- Central log management for collection, storage, and analysis
- Log viewing and log analysis
- Supports GELF, Syslog, AMQP, and Kafka
- Security and SIEM use cases
- API protection
Details
- First released
- 2010
- Inputs
- GELF · Syslog · AMQP · Kafka
- Deployment
- Self-hostable
- Language
- Java · TypeScript
- License
- Source-available (SSPL)
- Company
- Graylog Inc