Logentries - A different kind of Logging service

NOTE: I originally reviewed Logentries in a post I did for TheServerSide.com. In it I had confused this with another logging service I had checked out which was an Application-level logger only. Logentries does accept logs from Syslog.

Logentries was actually a recommendation to me after I wrote a blog post about our search for log services. After checking it out for a little while, I realized pretty quickly that the service was not for us. Log entries has a very unique approach to logging, both for Applications and Systems. Instead of deciding what to SEND to Logentries, you have to decide what to keep Searchable in Logentries.

That makes for a very unique approach to logs. With their new Unlimited logging service, you can send as much data as you can produce, from as many servers as you have, and still only pay for what you actually process and index. That means if you want to send all your debug logs, but you don’t need to make them searchable except for that one period of time where you had an issue, you can do that.

Pros:
  • Lots of features (live-tail, alerting, etc)
  • Send everything, index what you need
  • “Unlimited Logging”
  • Parse your logs how you want them
Cons:
  • Longer initial setup to parser your logs
  • Need to tell it what you want to index
  • Expensive depending on how much you want to index
0