When comparing Fluentd vs LogZilla, the Slant community recommends Fluentd for most people. In the question“What are the best log aggregation & monitoring tools?” Fluentd is ranked 4th while LogZilla is ranked 15th. The most important reason people chose Fluentd is:
Logs aren't lost due to network issues
Ranked in these QuestionsQuestion Ranking
Pro Logs stored to FS buffer while network is down
Logs aren't lost due to network issues
Pro Logs everything in JSON
Gives structure to unstructured logs.
Pro In-stream processing
With a list of 150+ plugins, Fluentd can perform all kinds of in-stream data processing tasks.
Pro Huge plugin ecosystem
Fluentd has a plugin ecosystem that has resulted in developers creating over 150 plugins for the service.
Pro Prioritizes simplicity and robustness
For example, inputs and outputs have built-in support for buffering, load-balancing, timeouts and retries so to be able to deliver data reliably.
Pro Free and open source
Licensed under Apache 2.0.
Pro Routing based on tags
Pro Exponential retry wait
Pro Copy to multiple storages
Pro Based on CRuby
Pro Average repair time is heavily reduced by scripted responses
Proactive, automated remediation of problems that always take way too long to find and solve are easily and actively repaired by using scripted responses.
Pro Integrates with many third-party services
They have a "Trigger" interface which lets you set alerts, send to email, send to Slack (Webhooks) and also can send to scripts which lets you do just about anything imaginable such as looking up other sources of information about an event (device info, last 5 logins, change management, etc.).
Pro The dashboards are great
You can see the data in real time and choose what you want to see. You can also create several dashboards (easy to create) to get all the views of your data, allowing you to be proactive with your network.
Pro Easy to install
LogZilla can be installed with a single command and usually takes less than ten minutes to install.
Pro Great usability
Logzilla gives users the ability to pull real time data sorted by host severity and lets users watch actual network events come through.
Pro Relatively low cost
Pro Unlimited retention
Patented deduplication means that 120TB of data may be as little as 6 TB (95% reduction) with zero bytes lost.
Pro Lets you create custom reports
LogZilla lets you create lots of customized reports including Top Hosts, Top Errors, Top Security Violations, etc. It is also useful for generating compliance reports to support PCI, HIPAA and other auditable requirements.
Pro Log spike flooding does not take down the logging system
There have been instances where the flood increased almost 17,000 more logs per second with no performance degredation.
Pro Automated Remediation
Automated Remediation was added a few months ago. It's amazing. Any data can be parsed using a simple script, and arbitrary responses can be created. Problems are identified in millisecond real-time, and solved a few seconds later. Any NetOps team can be proactive about the network, rather constantly chasing problems. The pre-loaded dashboards can be chosen or deleted as needed. Kuddos to LogZilla. There is nothing that is this simple to use, and certainly nothing this powerful.
Con Difficult to setup
Requires a significant time investment to get up and running.
Con Does not run on Windows
No Windows version is available.
Con Poor customer support
Support is lacking and not as responsive as would be desirable.
The system is self-hosted and complicated to setup.
You must purchase a license that is based on the number of messages sent. This quickly becomes more expensive. Additionally, the pricing is not public, you have to reach out to them to get pricing for your specific setup.
Con Interface is hard to use
The interface is very data centric, which is good, but it is hard to use and often confusing. Many times actions result in no data or errors.