Users of open-source log collectors and log monitoring solutions often prefer these solutions due to them being well suited for speed, flexibility and their ability to attract talented contributors who are willing to invest time to maintain technology projects they are passionate about.
In this post, we’ll look at some of the best free and open-source logging tools out there today.
Graylog is a well established open-source log management solution that is used by Sysadmins and DevOps engineers alike. Users of this solution often state that whilst configuring and maintaining the solution on-premise was somewhat difficult to maintain, choosing to use this solution saved them greatly in comparison to typical licensing fee costs for tools such as Splunk (discover more Splunk alternatives).
- Log collector configuration
- Fault tolerance
- Content packs
GoAccess has been touted by users for its usefulness in providing quick insights for use cases such as timely web server reporting without the need to generate entire extensive reporting dashboards. GoAccess supports any custom log format as well as a number of popular predefined log file types including S3, CloudFront, Apache and Nginx logs.
- Minimal configuration
- Terminal dashboards
- Web log analyser
- HTTP statistics
Syslog-ng is most commonly used by system administrators, in part due to its ability to reliably dump Syslog events to files. This takes very little configuration and this open-source tool can easily handle log data transfers of upwards of 100MB.
Periodically, users will post on software support forums that they are having difficulty with configuring Syslog-ng to ingest Syslogs, so if you are short on time it may be worth you considering using another open-source log aggregator that is easier to configure.
- Open source log management
- tamper-proof storage
- Big data ingestion
- Optimise SIEM
- Rapid search
The open-source log monitoring solution provided by Nagios allows for log monitoring to be conducted across a variety of applications and operating systems. Nagios can be fully integrated with a number of third-party tools including PagerDuty, OpsGenie, Flowdock, VictorOps and ElementaryOS.
One of the most common complaints about Nagios is that scaling this tool can be notably tedious to achieve successfully and users may also feel the pain of troubleshooting issues when configuring a tool that is notably older than many of its contemporaries (Nagios was released all the way back in 2002).
- Application monitoring
- Windows monitoring
- Server monitoring
- SNMP monitoring
- Linux monitoring
- Log monitoring
LOGalyze was specifically built as an open-source centralised platform that offered network monitoring and log management. If you needed to house data from Linux servers, network devices and Windows hosts then LOGalyze was able to offer both real-time event detection and extensive search capabilities for these use cases.
Unfortunately since August 2021, the official LOGalyze website has been down and new users are unable to download the tool (As commented by user David Koňařík on Twitter at August 26th 2021). As of the beginning of 2020 it seems that the Logalyse team were not responding to requests for support based upon their lack of response to user @Evolutionsec for their query posted on the 27th of January 2020.
In light of this, it is worth considering an alternative solution to support your logging activities.
- Collect log data from any device
- Real-time event detection
- Scheduled reports
6. ELK Stack
The ELK Stack is composed of several complementary logging offerings including Elasticsearch, Logstash and Kibana.
Elasticsearch is a powerful & fast search and analytics engine that is well known for its ability to suggest intelligent results based on prior search queries and returns accurate results for any near matches.
Logstash is a powerful, flexible pipeline that works as an extract, transform & load (ETL) tool for collecting log messages and forwarding them onto Elasticsearch for visualisation within Kibana.
Kibana is an open-source visualisation and reporting user interface that allows users to create visualisations from a variety of data inputs. Kibana can be easily used to create pie charts, heat maps, line graphs, scatter plots and more. Unfortunately, while the ELK Stack was considered one of the foremost open-source logging solutions, the company behind this technology stack, Elastic, decided to release version 7.11 (and all versions onward) under dual license SSPL (Server Side Public License). This means that if you want to keep your log collector open source, you will need to stick to using versions prior to this release or the alternative, OpenSearch solution.
If you prefer to have the option to use OpenSearch, Open Distro or another legacy version of the ELK Stack then you should consider using a managed service such as Logit.io that provides these solutions as ready to launch Stacks.
- Inverted indexes for faster search querying
- Over 100+ compatible integrations
- BKD trees for geodata
- Instance balancing
Logit.io provides a highly affordable solution that included hosted ELK and allows you to experience the best benefits from an open-source log analysis tool with high availability and SLAs up to 99.999%.
The Logit.io platform is not limited to only log management unlike some services and also offers complete infrastructure monitoring, metrics management, managed OpenSearch, hosted Grafana and even business analytics.
Logit.io is also rated 5/5 stars on Capterra, Software Advice and Gartner (as of May 2022).
- Highly available Elasticsearch, Prometheus and Grafana side-by-side
- Centralised Logging, Metrics and Tracing in a single pane view
- Highly rated and knowledgeable Support Engineers
- Advanced role-based access controls
- Lightning-fast deployment
- Hundreds of integrations
- Compliance & auditing
- Alerting & notifications
Unfortunately, upon looking at the official resource website for Logary, it is apparent that a number of pages have been deleted and the last version of this library was released over two years ago. In light of this, this service may very well benefit from more contributions being made to this tool’s Github repository.
- App metric and log analysis
- Never throw exceptions
- F# idiomatic code
Fluentd is suitable for use as an open-source log collector that supports memory and file-based buffering to prevent inter-node data loss. Companies that currently use FluentD include Alibaba, Colondee, Yousign and Paralect. Fluentd boasts an extensive array of integrations including pre-existing integrations available for Google's BigQuery, Logmatic, Honeycomb, Coralogix and Sematext.
- Active community support
- Easy to deploy plugins
- Unified logging layer