We work with your existing logs and metrics - no software changes or additional instrumentation is needed. Integration with your application to collect logs is as simple as two kubectl commands for Kubernetes or an agent for other environments.
Our unassisted machine learning parses and categorizes each log line by event type and captures its parameters into their own typed columns.
This results in a foundational dictionary of unique event types which is used to learn normal patterns and reliably detect log anomalies when events "break pattern". Everything is self-managed across software versions.
We automatically detect critical software incidents. We avoid alarm fatigue by only alerting on issues that involve correlated sets of anomalous events.
Example auto-detected incidents
Only by having a structured representation of events and a dictionary of unique events types can we use ML to learn normal patterns and uncover log anomalies. Examples of factors that contribute to anomaly scoring include: new or rare event, event severity, change in frequency, change in periodicity, correlation between anomalies across one or more files or streams, etc.
In order to achieve very high signal-to-noise, incidents are only created when the ML detects sets of tightly correlated anomalies.
We make it dead simple to build accurate and durable signatures to auto-detect known issues (even for issues that exhibit themselves as a very complex series of events). The process takes just a few clicks and starts by selecting the relevant events. You can then set: the event order, the time period for the events to occur, the specific event types that must occur, and variable values and constraints within the events. Now if the problem happens again, you'll be automatically notified and taken straight there.
We've achieved the impossible - a familiar and intuitive event viewer, with super-powers that let you easily interact with your data (all made possible because we've perfectly structured the underlying data sets). Here are just some of the things you can easily do:
- Select any metric or string and instantly see it charted (and of course no human had to build a parsing expression to do this)
- Get rid of spammy events with just a click
- Filter so you see only specific event types
- See data from multiple sources interleaved in time series order (and then click back to just one source)
- Navigate directly to any known issue, anomaly or exception (or any user defined "track")
- Create navigable visualizations from event types, strings, metrics (with or without constraints)
- And a whole lot more...
We make it simple to share your current view and the steps you’ve taken to get there. This lets you easily collaborate with other developers and testers.
For the power user we offer a CLI that gives you fine-grained access to the underlying structured log, metric and anomaly data. This includes the ability to perform SQL queries of arbitrary complexity and query our dictionary of events.
We adhere to industry best practices for security including: encryption of data in flight, AES-256 encryption of data at rest, granular removal of sensitive records or fields, secure isolation of customer data and option for a dedicated instance and VPC. All customer data will be deleted upon termination of service or by request.