What Is It?
Logging Service is a centralized, scalable platform for collecting, storing, securing, and analyzing logs from applications and infrastructure across distributed environments. The service aggregates logs from Docker, Kubernetes, Systemd, and generic sources into pipelines with dedicated endpoints, supporting flexible retention policies (7 days, 14 days, 30 days, or unlimited) and TLS-protected transmission via Fluent Bit agents. Each pipeline provides an integrated Grafana instance for real-time dashboards, alerting, and compliance reporting, while maintaining end-to-end encryption with server-side and client-side protection.
Quick Facts
| Aspect | Details |
|---|---|
| Type | Centralized log aggregation platform (SaaS) |
| Log Agent | Fluent Bit (Linux, macOS, Windows) |
| Protocols | HTTP (JSON) or TCP (port 9000) |
| Pipeline Limits | 10 pipelines per contract, 5 log sources per pipeline |
| Retention Options | 7 days, 14 days, 30 days, Unlimited |
| Ingestion Rate | 50 HTTP requests/second per pipeline (default) |
| Security | TLS transport, Server-Side Encryption (SSE), Client-Side Encryption (CSE), per-pipeline SharedKey/APIKEY |
| Regions | Berlin, Frankfurt, London, Worcester, Paris, LogroƱo, Lenexa, Las Vegas, Newark |
| Visualization | Integrated Grafana instance per pipeline |
Log Source Types
| Source Type | Description | Use Case |
|---|---|---|
| Kubernetes | Auto-labels pod metadata | Container orchestration logs |
| Docker | Container-level logging | Standalone Docker hosts |
| Systemd | System service logs | Linux service monitoring |
| Generic | Custom application logs | Any HTTP/TCP log source |
What You Can Do
Centralized Log Collection
Deploy Fluent Bit agents across distributed environments to forward logs from any source to a single pipeline. Agents tag logs with unique identifiers and push them over TLS-protected HTTP or TCP connections to region-specific endpoints.
Configure Retention Policies
Set per-source retention policies with options of 7 days, 14 days, 30 days, or unlimited storage. Logs are automatically deleted according to policy, balancing compliance requirements with cost control.
Create Custom Dashboards
Build Grafana dashboards for real-time visualization of log patterns, error rates, and application performance. Each pipeline provides a unique Grafana endpoint with full query and charting capabilities.
Set Alerts
Define alert rules based on log events, thresholds, or patterns. Grafana-integrated alerting sends notifications when specific conditions are met, enabling proactive incident response.
Manage Sub-Users
Primary accounts can create sub-users with granular access control, assigning specific pipelines and Grafana roles (Viewer, Editor). Sub-users see only pipelines they are granted access to.
Secure Log Transmission
All log data travels over TLS-encrypted connections. Each pipeline uses a unique SharedKey or APIKEY for authentication, which can be regenerated or revoked as needed. Logs are encrypted at rest with both server-side and client-side encryption.
Filter by Tags
Organize logs using unique tags per source (e.g., myk8s, web-app-prod). Tags enable precise filtering in Grafana and help separate logs from different environments or services within the same pipeline.
Update Pipelines
Modify log sources, retention policies, protocols, or tags via the View & Edit interface. After changes, update Fluent Bit configurations and restart agents to apply new settings.
Best For
| Scenario | Why It Fits |
|---|---|
| Distributed microservices | Centralizes logs from many nodes and services into a single searchable repository with Grafana dashboards |
| Compliance workloads | Configurable retention policies (7 days, 14 days, 30 days, or unlimited) provide audit-ready storage with automatic deletion |
| Development & CI/CD pipelines | Near-real-time log streaming and alerting enable rapid feedback during deployments and testing |
| Cost-sensitive projects | Pay-as-you-go model avoids provisioning hardware or managing dedicated log infrastructure |
| Multi-environment management | Tag-based organization separates dev, staging, and production logs within the same contract |
| Security monitoring | TLS transport, dual-layer encryption, and per-pipeline keys protect sensitive log data |
Consider Alternatives If
| If You Need... | Consider | Why |
|---|---|---|
| Only bucket access audit logs | Object Storage Logging | Lightweight bucket-level access logging (who/when/what) stored as regular objects with lifecycle policies; no extra service cost |
| Existing on-premise SIEM | Self-managed Fluent Bit to external target | Forward logs to existing Splunk, Elasticsearch, or syslog infrastructure; avoids vendor lock-in but requires managing security, scaling, and retention yourself |
| Simple low-volume storage audit | Object Storage Logging | No need for real-time monitoring; logs written in batches to destination bucket |
| Full control over log storage | Self-managed external solution | Maintain existing logging ecosystem for hybrid-cloud scenarios where some logs stay on-premise |
Key Considerations
Billing & Costs
- Main billing: Per pipeline per hour (EUR 0.018) plus per GB of storage per 30 days (EUR 0.015)
- Retention impact: Unlimited retention increases storage costs significantly; use time-based policies (7-30 days) for cost control
- Ingestion rate: Default 50 HTTP requests/second per pipeline; higher rates may require contact with support
- Additional costs: Storage charges scale with retention period and log volume. Querying and dashboards in the managed Grafana are not billed
Limitations
- Maximum 10 pipelines per contract
- Maximum 5 log sources per pipeline
- Ingestion rate capped at 50 HTTP requests/second per pipeline (default)
- Date filtering supports either
startDateorendDate, not both simultaneously - Fluent Bit agent installation and configuration is user-managed (not automated)
- User responsible for data masking or sanitization before shipping logs
- Unlimited retention requires careful cost monitoring to avoid unexpected charges
- Region-specific IP whitelisting required for firewall restrictions (IP lists documented per region)
Management Options
- Data Center Designer (DCD) for pipeline creation and configuration
- REST API for programmatic pipeline management
- Fluent Bit configuration files for agent setup
- Grafana UI for dashboard creation, alerting, and log analysis
- Sub-user management for delegated access control