Lightweight open source log shipper

Logagent is a modern, open-source, light-weight log shipper with out of the box and extensible log parsing, on-disk buffering, secure transport and bulk indexing to Elasticsearch and Logsene. Its low memory footprint and low CPU overhead makes it suitable for deploying on edge nodes and devices, while its ability to parse and structure logs makes it a great Logstash alternative.

Setting up log shipping was so hard with any other tool … but with Sematext Logagent it worked like magic! And your support is like mind blowing!
Sachin Shenoy, Head of Engineering – HealthifyMe

Key Features

Easy setup

Installs within seconds and parses a number of popular log formats out of the box.

Low Overhead

Low memory footprint, async I/O, and tiny CPU overhead makes it suitable for edge servers, IoT devices, sensors, etc.

Works with Elasticsearch

Built-in Elasticsearch output lets you ship logs to Elasticsearch or Logsene.

Log Routing

Route logs from different sets of log files to the right Elasticsearch index or Logsene app based on regular expressions matching log file names.

Log Structure Parsing

Auto-detect and parse log formats for a number of applications out of the box; extensible with your own log parsing rules.

Log Enrichment

Auto-tag logs with source file name, IP address and hostname; GeoIP enrichment.

Log Rotation Handling

Properly handles log file rotation; keeps track of log files being tailed and its position within them, even across restarts.

Secure & Reliable Data Transfer

All data is shipped via HTTPS; in event of network failure data is persisted and re-transmitted to avoid data loss.

Sensitive Data Masking

Hide sensitive data from the prying eyes by masking it before it is shipped, while still being able to look it up.

Heroku Support

Built-in Heroku Log drain support makes shipping logs from Heroku a breeze.

Cloud Foundry Support

Built-in Cloud Foundry Log drain support allows easy integration with Pivotal, IBM Bluemix, GE Predix, CenturyLink Cloud, etc.

Built-in Syslog Listener

Built-in syslog listener can receive logs via UDP, parse them and forward them via HTTP(S) to Elasticsearch and Logsene.


Also runs as command-line tool, reads standard input and writes to standard output or to Elasticsearch – great for piping and building ad-hoc data pipelines with Unix tools.

Open source, Apache Licensed

Completely open sourced on Github and released under a liberal Apache Software License v2.

Cloud & On Premises

Can’t ship your metrics or logs to the Cloud? No problem – On Premises solution is available, too.

Two-way SSL Authentication

Also known as Mutual Authentication as part of PKI, secure client authentication with SSL client certificates for Elasticsearch.

SQL Filter and Aggregation

Apply SQL on parsed logs to aggregate and transform the results in output filters.

Expert Support

Need help with monitoring or logging? Contact us! Our team of logging and monitoring experts can help.
logsene-screenshot Logsene is a Hosted ELK SaaS – an alternative to running in-house ELK Stack (i.e. has all log management bells and whistles that you won’t have to build, maintain, and manage yourself) and a more affordable Splunk alternative. Logsene is also available for deployment On Premises or on your own cloud instances.

Email sales@sematext.com to get a free eval.


Free Sign Up