The Guide for Time Series Data Projects is out.

Download now
Skip to content
Get Started
Get Started
Solutions > Use cases

Log Database

CrateDB is an open source, multi-model and distributed database that offers high performance, scalability and flexibility. Insert all your logs into a single database that you can query and search instantaneously with native SQL, even for the most write/read intensive use cases.

Log data queries with SQL

Hyper-fast. Results in milliseconds.

        

/*
 * Based on system event logs, this query calculates:
 * - a filter for specific messages using a full-text index
 * - the number of entries per minute
 * - the average scoring ratio for each matched row
 */
SELECT DATE_TRUNC('minute', receivedat) AS event_time,
       COUNT(*) AS entries,
       AVG(_score) AS avg_score
FROM "syslog"."systemevents"
WHERE MATCH(message, 'authentication failure') 
USING most_fields WITH (analyzer = 'whitespace')
   AND MATCH(syslogtag, 'sshd')
GROUP BY 1
ORDER BY 1 DESC
LIMIT 10;







        
        
        

+---------------+---------+--------------------+
|    event_time | entries |          avg_score |
+---------------+---------+--------------------+
| 1620220260000 |       4 | 1.5798743814229965 |
| 1620220200000 |       8 | 1.7750384211540222 |
| 1620220140000 |      10 | 1.6113891124725341 |
| 1620220080000 |       9 | 1.676726798216502  |
| 1620220020000 |       8 | 1.6908064410090446 |
| 1620219960000 |       8 | 1.690401442348957  |
| 1620219900000 |       7 | 1.7646006005150932 |
| 1620219840000 |       7 | 1.7795820917401994 |
| 1620219780000 |      10 | 1.5844267368316651 |
| 1620219720000 |      13 | 1.5637413492569556 |
+---------------+---------+--------------------+

Millions of data points per second

CrateDB allows to ingest huge volumes of log data at very high speed on clusters of inexpensive servers.

cr-quote-image

Intuitive data modeling

CrateDB can collect any type of data (structured, unstructured, semi-structured, time-series, geospatial, BLOB) and can accept any type of log without any specific development needed.

cr-quote-image

Data indexing on the fly

CrateDB indexes all data on the fly right upon ingestion, which enables immediate analysis. It also indexes all fields by default, with no impact on performance, thanks to columnar indexing. This is very useful to perform multiple types of ad-hoc queries.

cr-quote-image

Native SQL

CrateDB implements SQL natively, making it easy for any developer to use and integrate. No additional knowledge is required.

cr-quote-image

Real-time query performance

CrateDB enables in-memory SQL query performance thanks to parallel query processing and distributed columnar field caches.
cr-quote-image

Always on

Built-in data replication and high availability allow to run 24x7 analysis with no single point of failure.

cr-quote-image
Know more about the product

Interested?

Get Started
Schedule a meeting

Log analysis consists in reviewing computer-generated event logs to proactively identify bugs, security threats or other risks. Log analysis can also be used to review user behavior or ensure compliance with regulations.

CrateDB is a database perfectly suited to log analysis thanks to the combination of a real-time SQL engine, a NoSQL foundation, and a full-text search engine. It offers the scalability, performance, and flexibility to process any type of logs and massive volumes of logs in real-time, supporting a wide variety of log analytics use cases, such as cybersecurity, network performance monitoring, video analytics.

Successful companies using CrateDB as a log database

"It is through the use of CrateDB that we are able to offer our large-scale video analytics component in the first place. Comparable products are either not capable of handling the large flood of data or they are simply too expensive."
Daniel Hölbling-Inzko Senior Director of Engineering Bitmovin Learn more
cr-quote-img-white
"CrateDB is ideal because it's capable of writing data at a high rate, and delivering fast queries to our business team at the same time. We couldn't have done that using a traditional SQL database without a lot of difficulty."
DriveNow Learn more
cr-quote-img-white

Real-time analytics for video streaming

Learn how Bitmovin improves the streaming experience with real-time analytics.

Other resources on log databases

Tutorial

Storing server logs on CrateDB for fast search and aggregations

If you've used log aggregation tools or advanced SIEM systems, you've likely faced similar frustrations: timeouts, complex query syntax, and difficulty integrating logs into monitoring dashboards. CrateDB solves these issues. Learn how.

Tutorial

Using regex comparisons and other advanced database features for real-time inspection of web server logs

Would it not be great if we could have some rules inspecting log entries as they come in, extracting relevant information, and flagging anything potentially suspicious?

There are a lot of nice features in CrateDB to support this kind of setup. Learn how.

FAQ

Log data analysis involves the examination of computer-generated event logs to identify bugs, security threats, or other risks. This process also provides insights into user behavior and helps ensure regulatory compliance. By searching, analyzing, and visualizing data from networks, operating systems, applications, servers, and other IT components, log analysis offers visibility into the performance and health of IT infrastructure and application stacks. CrateDB is a database suited for log analysis thanks to its integration of a real-time native SQL, a NoSQL foundation, and a full-text search engine.

Effectively analyzing logs involves using specialized tools, setting up alerts for unusual activities, and conducting regular monitoring. These tools help track performance, identify potential security threats, and troubleshoot issues. Establishing clear log management processes is crucial for swift anomaly detection, ensuring a robust and secure database system. CrateDB supports automatic indexing of all data on the fly upon ingestion, which enables immediate analysis. Additionally, built-in data replication and high availability features support continuous 24x7 analysis without failure.

The key to successful log data analysis is centralizing your logs for correlation. By storing logs in one location, you improve your ability to analyze and cross-reference different data sources effectively. Real-time analysis is crucial for detecting suspicious events, and taking immediate action through active monitoring and alerting can prevent incidents from occurring. CrateDB supports the ingestion of large volumes of log data at very high speed on clusters of inexpensive servers in real-time.

Log analytics data is typically stored in a centralized database that allows for instantaneous querying and searching using native SQL, even for high read/write workloads. CrateDB is designed to handle large volumes of log data in real-time, providing high scalability, performance, and flexibility needed for various log analytics use cases, including cybersecurity, network performance monitoring, and video analytics. Learn how Bitmovin, leading video streaming company, uses CrateDB for controlling their massive data flow while reducing costs >

Want to know more?

Get Started
Schedule a meeting