Fully managed Elasticsearch in the Cloud. Elasticsearch API and fully integrated Kibana give you the power of
the ELK stack while relieving you of Elasticsearch management hassle, infrastructure, and high expert staff costs.
Ship data with your favorite data shipper – Logstash, Filebeat, rsyslog, Logagent, and many others
Correlate logs with infrastructure and application metrics
Extract business KPIs from logs to build rich reports and dashboards
Automatic field and type detection with smart mappings and templates
Powerful Searching and Filtering
If you know how to search with Google, you’ll know how to search your logs in Sematext Cloud.
Use AND, OR, NOT operators – e.g. (error OR warn) NOT exception
Group your AND, OR, NOT clauses – e.g. message:(exception OR error OR timeout) AND severity:(error OR warn)
Don’t like Booleans? Use + and – to include and exclude – e.g. +message:error -message:timeout -host:db1.example.com)
Use explicitly field references – e.g. message:timeout
Need a phrase search? Use quotation marks – e.g. message:”fatal error”
Syslog comes in many flavors of message formats, protocols and daemons.
There are copy-pastable configurations for all major syslog daemons: traditional syslogd, rsyslog, syslog-ng and nxlog
Send logs in traditional RFC-3164 message format or the newer RFC-5424
Send syslog events as JSON over socket
Traditional UDP syslog will work, of course, but you can also send data over TCP for more reliability. Even more reliability is provided by RELP. If you need encryption, you can use TLS syslog.
Alerting on Logs
You can alert on metrics, as well as logs.
It’s simple: run a query, save it as alert query, optionally select additional notification hooks like Slack, PagerDuty, etc.
Use query filters to narrow down on logs you really want to alert on – e.g. severity:ERROR
Use threshold-based alerts if you have specific thresholds and know what is alarming. Get notified when the number of logs hits the threshold.
Use anomaly detection to be alerted on sudden abnormalities in your logs and let statistical algorithms find abnormal log counts.
Live Tail provides a real-time view of your logs as they stream into Sematext Cloud. Say you deployed new code. With Live Tail you will immediately see new errors as they are logged in real-time.
It’s like “tail -f” on all your logs in a single place. No, not your terminal!
Combine Live Tail with queries and filters to narrow the live log stream to only logs of interest. Yes, like “tail -f | grep”
Automatically tags logs that match any of your Saved Queries or Alert Queries
Really handy when deploying – everyone on the team sees new errors right away and can quickly go in and fix them