• When a production incident hits, the first question is almost always: what do the logs say? • Too often, however, you can’t query those logs because they are in remote, local storage. • Sure, teams can create custom schemas or do manual re-ingestion but the clock is ticking. • What about data that cannot be moved to meet strict sovereignty mandates? • Maybe you can access the logs, but they are in raw form. • How do you make sense of the data without wasting hours writing and testing manual regex.

Article Summaries:

  • When a production incident hits, the first question is almost always: what do the logs say? Too often, however, you can’t query those logs because they are in remote, local storage. Sure, teams can create custom schemas or do manual re-ingestion but the clock is ticking. What about data that cannot be moved to meet strict sovereignty mandates? Maybe you can access the logs, but they are in raw form. How do you make sense of the data without wasting hours writing and testing manual regex. You shouldn’t have to choose between compliance and visibility, or having to spend countless hours just to

Sources: