Skip to content
share library_books

Sematext Logs Documentation

Think of Sematext Logs as logging as a service or your own logging box in the cloud (or on your own infrastructure if you really can't ship logs out to the cloud).

It is cheaper alternative to Splunk, or even as Hosted Elasticsearch, since one of the APIs Logsene exposes is Elasticsearch API for indexing and searching.

Data can be indexed from virtually any source, format or location. Search real-time and historical data using the same interface and familiar search commands to define, limit or widen your search, and correlate events across multiple data sources to reveal new insights.

Turn searches into real-time alerts and automatically trigger notifications via email and various other 3rd party integrations. Alerts can be triggered based on a variety of thresholds, trend-based conditions and other complex searches, assisting with faster analysis and issue resolution.

You can create custom dashboards that can integrate multiple charts and views of your real-time data that helps you understand important trends, summarize top values and view the frequency of conditions. Sematext log management system lets your devops and business teams analyze your data further with advanced visualizations, chart overlay and pan and zoom controls and more.

Sematext Monitoring UI screen

Creating a Logs App

After you get logged into Sematext Cloud at https://apps.sematext.com (or https://apps.eu.sematext.com if using Sematext Cloud Europe), the first step is to create a Logs App. An App is an independent namespace for your data.

For example, if you have a development and a production environment, it might make sense to have one App for each. You can create as many Apps as you want.

After creating an App you will get a confirmation screen that tells you how to send data to your new application. Once you start sending data, you can start searching and analyzing those events via the native Sematext UI or explore your data with Kibana.

Adding Data to Your App

There are two ways to send data: through Elasticsearch's API or through syslog.

Elasticsearch API

The easiest way to send logs is through Logstash, Filebeat, or Logagent. You can also use any tool that works with Elasticsearch's REST API, for both indexing and searching.

The only condition is to use the App's token as the index name, and https://logsene-receiver.sematext.com:443 (or https://logsene-receiver.eu.sematext.com:443 if using Sematext Cloud Europe) as the address.

For more details on using the Elasticsearch REST API with Sematext see Index Events via Elasticsearch API.

Syslog

You can forward syslog via UDP (port 514), TCP (port 514), RELP (port 20514) and TLS (port 10514). The host name is logsene-syslog-receiver.sematext.com / logsene-syslog-receiver.eu.sematext.com

To get started with syslog shipping quickly, you can use our configuration script and add your App token as a parameter:

curl -O https://apps.sematext.com/logsene/configure-syslog.py
sudo python configure-syslog.py $ADD-YOUR-APP-TOKEN-HERE

For more details, take a look at the Syslog page, and the pages that are linked from it.

App Settings

App's settings include, but are not limited to:

Sematext Logging App Settings

Getting Support

We hope you enjoy using Sematext Infrastructure Monitoring and Log Management tools. If you need further support or have any feedback regarding our products, please don't hesitate to contact us! You can also contact / talk to us using chat widget at the bottom right corner of the page or give us a shout @Sematext.