Skip to content
Try for free
Try for free
Solutions

Log Database

CrateDB is an open source, multi-model and distributed database that offers high performance, scalability and flexibility. Insert all your logs into a single database that you can query and search instantaneously with native SQL, even for the most write/read intensive use cases.

Log data queries with SQL

Hyper-fast. Results in milliseconds.

        

/*
 * Based on system event logs, this query calculates:
 * - a filter for specific messages using a full-text index
 * - the number of entries per minute
 * - the average scoring ratio for each matched row
 */
SELECT DATE_TRUNC('minute', receivedat) AS event_time,
       COUNT(*) AS entries,
       AVG(_score) AS avg_score
FROM "syslog"."systemevents"
WHERE MATCH(message, 'authentication failure') 
USING most_fields WITH (analyzer = 'whitespace')
   AND MATCH(syslogtag, 'sshd')
GROUP BY 1
ORDER BY 1 DESC
LIMIT 10;







        
        
        

+---------------+---------+--------------------+
|    event_time | entries |          avg_score |
+---------------+---------+--------------------+
| 1620220260000 |       4 | 1.5798743814229965 |
| 1620220200000 |       8 | 1.7750384211540222 |
| 1620220140000 |      10 | 1.6113891124725341 |
| 1620220080000 |       9 | 1.676726798216502  |
| 1620220020000 |       8 | 1.6908064410090446 |
| 1620219960000 |       8 | 1.690401442348957  |
| 1620219900000 |       7 | 1.7646006005150932 |
| 1620219840000 |       7 | 1.7795820917401994 |
| 1620219780000 |      10 | 1.5844267368316651 |
| 1620219720000 |      13 | 1.5637413492569556 |
+---------------+---------+--------------------+

Millions of data points per second

CrateDB allows to ingest huge volumes of log daa at very high speed on clusters of inexpensive servers.

cr-quote-image

Intuitive data modeling

CrateDB can collect any type of data (structured, unstructured, semi-structured, time-series, geospatial, BLOB) and can accept any type of log without any specific development needed.

cr-quote-image

Data indexing on the fly

CrateDB indexes all data on the fly right upon ingestion, which enables immediate analysis. It also indexes all fields by default, with no impact on performance, thanks to columnar indexing. This is very useful to perform multiple types of ad-hoc queries.

cr-quote-image

Native SQL

CrateDB implements SQL natively, making it easy for any developer to use and integrate. No additional knowledge is required.

cr-quote-image

Real-time query performance

CrateDB enables in-memory SQL query performance thanks to parallel query processing and distributed columnar field caches.
cr-quote-image

Always on

Built-in data replication and high availability allow to run 24x7 analysis with no single point of failure.

cr-quote-image
Know more about the product

Interested?

Get started for free
Schedule a meeting

Log analysis consists in reviewing computer-generated event logs to proactively identify bugs, security threats or other risks. Log analysis can also be used to review user behavior or ensure compliance with regulations.

CrateDB is a database perfectly suited to log analysis thanks to the combination of a real-time SQL engine, a NoSQL foundation, and a full-text search engine. It offers the scalability, performance, and flexibility to process any type of logs and massive volumes of logs in real-time, supporting a wide variety of log analytics use cases, such as cybersecurity, network performance monitoring, video analytics.

Successful companies using CrateDB as a log database

"It is through the use of CrateDB that we are able to offer our large-scale video analytics component in the first place. Comparable products are either not capable of handling the large flood of data or they are simply too expensive."
Daniel Hölbling-Inzko Senior Director of Engineering Bitmovin Learn more
cr-quote-img-white
"CrateDB is ideal because it's capable of writing data at a high rate, and delivering fast queries to our business team at the same time. We couldn't have done that using a traditional SQL database without a lot of difficulty."
DriveNow Learn more
cr-quote-img-white

Other resources on log databases

Tutorial

Storing server logs on CrateDB for fast search and aggregations

August 10, 2023
If you've used log aggregation tools or advanced SIEM systems, you've likely faced similar frustrations: timeouts, complex query syntax, and difficulty integrating logs into monitoring dashboards. CrateDB solves these issues. Learn how.

Tutorial

Using regex comparisons and other advanced database features for real-time inspection of web server logs

August 14, 2023

Would it not be great if we could have some rules inspecting log entries as they come in, extracting relevant information, and flagging anything potentially suspicious?

There are a lot of nice features in CrateDB to support this kind of setup. Learn how.

Want to know more?

Get started for free
Schedule a meeting