Log Management

The power of the ELK stack while relieving you of Elasticsearch management hassle, infrastructure, and high expert staff costs.

Get Started
Log Management

ELK as a Service, Fully Managed

Fully managed Elasticsearch in the Cloud. Elasticsearch API and fully integrated Kibana give you the power of the ELK stack while relieving you of Elasticsearch management hassle, infrastructure, and high expert staff costs.

  • Ship data with your favorite data shipper – Logstash, Filebeat, rsyslog, Logagent, and many others
  • Correlate logs with infrastructure and application metrics
  • Extract business KPIs from logs to build rich reports and dashboards
  • Automatic field and type detection with smart mappings and templates
ELK as a Service

Powerful Searching and Filtering

Powerful Searching and Filtering

If you know how to search with Google, you’ll know how to search your logs in Sematext Cloud.

  • Use AND, OR, NOT operators – e.g. (error OR warn) NOT exception
  • Group your AND, OR, NOT clauses – e.g. message:(exception OR error OR timeout) AND severity:(error OR warn)
  • Don’t like Booleans? Use + and – to include and exclude – e.g. +message:error -message:timeout -host:db1.example.com)
  • Use explicitly field references – e.g. message:timeout
  • Need a phrase search? Use quotation marks – e.g. message:”fatal error”

Syslog Support

Syslog Support

Syslog comes in many flavors of message formats, protocols and daemons.

  • There are copy-pastable configurations for all major syslog daemons: traditional syslogd, rsyslog, syslog-ng and nxlog
  • Send logs in traditional RFC-3164 message format or the newer RFC-5424
  • Send syslog events as JSON over socket
  • Traditional UDP syslog will work, of course, but you can also send data over TCP for more reliability. Even more reliability is provided by RELP. If you need encryption, you can use TLS syslog.

Alerting on Logs

You can alert on metrics, as well as logs.

  • It’s simple: run a query, save it as alert query, optionally select additional notification hooks like Slack, PagerDuty, etc.
  • Use query filters to narrow down on logs you really want to alert on – e.g. severity:ERROR
  • Use threshold-based alerts if you have specific thresholds and know what is alarming. Get notified when the number of logs hits the threshold.
  • Use anomaly detection to be alerted on sudden abnormalities in your logs and let statistical algorithms find abnormal log counts.
Alerting on Logs

Live Tail

Live Tail provides a real-time view of your logs as they stream into Sematext Cloud. Say you deployed new code. With Live Tail you will immediately see new errors as they are logged in real-time.

  • It’s like “tail -f” on all your logs in a single place. No, not your terminal!
  • Combine Live Tail with queries and filters to narrow the live log stream to only logs of interest. Yes, like “tail -f | grep”
  • Automatically tags logs that match any of your Saved Queries or Alert Queries
  • Really handy when deploying – everyone on the team sees new errors right away and can quickly go in and fix them
Live Tail

Stay up to date

Get tips, how-tos, and news about Elastic / ELK Stack, Observability, Solr, and Sematext Cloud news and updates.

Stay up to date