Graylog Operations is built on the Graylog platform for IT, Network, and DevOps professionals. Available in a self-managed or cloud experience, Graylog Operations offers a powerful, flexible, and seamless centralized log management experience.

The following list details the features Operations installation adds to Graylog. A valid operations license is required to access the features included in this list.

  • Archiving
    • Stores your data in a long-term retention location for an infinite period of time and can be local or removable media. The archiving feature allows most users to meet compliance regulations around data retention.
  • Audit log
    • Keeps a record of changes done in-product by all users.
  • Reporting
    • Places current dashboard widgets into a scheduled report that can be delivered to your inbox.
  • Search extensions
    • Parameter support - Search extensions serve as placeholders in the query and ask users for values to put into queries to eliminate the need to copy and paste queries themselves.
  • Alerting extensions
    • Event Correlation
    • Dynamic Lists - Looks up values in lookup tables and uses the results in the alert query field within the correlation rule. This feature is based on search parameters.
    • Cluster-Wide Scheduler - Open Source runs alerts on a single node. Operations runs alerts on all Graylog nodes, increasing capacity.
    • Script Notification - Allows a custom native program to run in response to a generated alert, simplifying the integration of third-party systems.
  • MongoDB Lookup Table
    • Collects settings values from pipelines and other sources to maintain a list of suspicious IP addresses for Dynamic Lists.
  • Forwarding
    • Forwards specific data streams to remote locations with journaling support in case of outages. Cluster-to-cluster forwarder output requires two fully functioning Graylog clusters.
  • Indexing and Processing Failures
    • A feature that allows you to log and receive notifications of indexing and processing failures that occur in log data.
  • Output Framework
    • A plugable solution that forwards events from Graylog to any other system. Output Framework includes advanced options to manipulate the events before handover and format them as a Syslog message, JSON, and any other format.
  • Inputs

Please see the Graylog Operations page for more details.