Hassle-Free Log Management & Analytics
Managed ELK Stack: in the Cloud or On-Premise
Trusted by the world’s best companies
ELK as a Service
Fully managed Elasticsearch in the Cloud. Elasticsearch API and fully integrated Kibana give you the power of the ELK stack while relieving you of Elasticsearch management hassle, infrastructure, and high expert staff costs.
- Ship data with your favorite data shipper – Logstash, Filebeat, rsyslog, Logagent, and many others
- Correlate logs with infrastructure and application metrics
- Extract business KPIs from logs to build rich reports and dashboards
- Automatic field and type detection with smart mappings and templates
Alerting on Logs
You can alert on metrics, as well as logs.
- It’s simple: run a query, save it as alert query, optionally select additional notification hooks like Slack, PagerDuty, etc.
- Use query filters to narrow down on logs you really want to alert on – e.g. severity:ERROR
- Use threshold-based alerts if you have specific thresholds and know what is alarming. Get notified when the number of logs hits the threshold.
- Built-in integrations for email, PagerDuty, Slack, HipChat, BigPanda, OpsGenie, VictorOps, WebHooks, Nagios, Zapier, etc.
Sematext Logs runs on Amazon AWS, whose infrastructure follows IT security best practices and adheres to a number of compliance standards such as SOC 1/SSAE, SOC 2, SOC 3,16/ISAE 3402 (formerly SAS 70 Type II), FISMA, DIACAP, FedRAMP, and HIPAA.
- Ship your logs via encrypted channels: TLS/SSL, or HTTPS
- Control who can access your logs via an app token and API key
- Restrict access to select members of your team
- Revoke and change user privileges on demand
Multi-user RBAC (Role Based Access Control)
Sematext Logs lets you control who can access which log.
- All your logs accessible in one place. Team support.
- Unlimited number of users with Owner, Admin, and User roles
- Invite teammates to individual Sematext Logs apps or whole account
- Revoke privileges and change roles at any time
Powerful Searching and Filtering
If you know how to search with Google, you’ll know how to search your logs in Sematext Cloud.
- Use AND, OR, NOT operators – e.g. (error OR warn) NOT exception
- Group your AND, OR, NOT clauses – e.g. message:(exception OR error OR timeout) AND severity:(error OR warn)
- Don’t like Booleans? Use + and – to include and exclude – e.g. +message:error -message:timeout -host:db1.example.com)
- Use explicitly field references – e.g. message:timeout
- Need a phrase search? Use quotation marks – e.g. message:”fatal error”
Syslog comes in many flavors of message formats, protocols and daemons.
- There are copy-pastable configurations for all major syslog daemons: traditional syslogd, rsyslog, syslog-ng and nxlog
- Send logs in traditional RFC-3164 message format or the newer RFC-5424
- Send syslog events as JSON over socket
- Traditional UDP syslog will work, of course, but you can also send data over TCP for more reliability. Even more reliability is provided by RELP. If you need encryption, you can use TLS syslog.
- Use anomaly detection to be alerted on sudden abnormalities in your logs and let statistical algorithms find abnormal log counts.
Log Shipping / Integrations
Use any of the number of compatible log shippers, logging libraries, platforms, and frameworks.
- Works with all standard logging facilities and agents (syslog, Logstash, Fluentd, Flume, nxlog, Filebeat...)
- Ship logs via syslog (rsyslog, syslog-ng, syslogd...)
- Ship logs from apps via Log4j, Logback, Log4j 2, Log4net, Winston - Sematext Logs, Python SyslogHandler...
- Ship with anything that can talk to Elasticsearch or syslog
Live Tail provides a real-time view of your logs as they stream into Sematext Cloud. Say you deployed new code. With Live Tail you will immediately see new errors as they are logged in real-time.
- It’s like “tail -f” on all your logs in a single place. No, not your terminal!
- Combine Live Tail with queries and filters to narrow the live log stream to only logs of interest. Yes, like “tail -f | grep”
- Automatically tags logs that match any of your Saved Queries or Alert Queries
- Really handy when deploying – everyone on the team sees new errors right away and can quickly go in and fix them
Saved Searches & Log Taggings
Save any query and save yourself some (re)typing. Re-run Recent and Saved Searches without re-typing.
- Store any query as Saved Search or Alert Query
- See log charts for Saved Searches at a glance, without running them
- Run Live Tail for any Saved Searches
- Auto-complete Recent and Saved Searches
- Tag Saved Searches with custom labels and colors
Frequently Asked Questions
New users get a 30-days free trial for each new Logsene App (existing customers get 2 days free trial for each additional App). At the end of the trial the App is automatically switched to the Basic (free) plan, unless you picked a paid plan. If you pick a paid plan before the trial period ends we will honour the full trial period.
Of course. You can simply stop sending us your logs or switch to the Basic plan.
There are no contracts and no commitments. You can cancel any time. Price is metered and based on 3 factors: plan, daily volume, and data retention. You pick a plan based on which features you want. You pick volume based on the volume of logs you produce daily. The higher volume you pick the lower the cost per GB. You pick data retention depending on how long you need to keep your data. We charge at the end of the month. For longer term and large contracts please get in touch.
Yes. Each Logsene App is independent and each Logsene can have a different plan. Each user account can have any number of Logsene Apps. Moreover, each Logsene App can use a different payment method (e.g. a different credit card).
Yes. Everything you see in the Cloud version of Logsene is available in an on Premises version, packaged as an RPM, DEB package, or a VM. Please get in touch for more information.
Logsene displays your daily log volume. You can use that information to determine which plan best fits your needs.
We keep accepting your logs. We keep track of the daily volume and charge based on the actual volume of data sent to us beyond the volume specified. Note that the bigger volume you specify in your plan the lower the price per GB. Thus, if you find that you often go over the volume you’ve specified you may pay less if you select a higher volume.
It can take as little as a few minutes, but it depends on how fast you are at configuring log shipping. When you create a Logsene App we provide all needed configs for an array of log shipping tools.
Logsene is much more feature rich than ELK Stack. ELK doesn’t have alerting. It doesn’t have security. It doesn’t have multi-user support. It doesn’t have Log Tagging. It doesn’t have Live Tail. It doesn’t integrate with a performance monitoring system like Logsene integrates with SPM. ELK requires infrastructure. It requires maintenance and tuning. It requires time. Running ELK requires one to become at least somewhat knowledgeable with scaling Elasticsearch and to become an expert in it when the data volume grows. All of this adds up and ends up costing more time, money, and resources than using Logsene.