Announcements and Updates
LoongCollector is designed for the next generation of observable pipelines. LoongCollector has the log collection and processing capabilities of Logtail and also upgrades and expands the features of Logtail in a comprehensive manner. Logtail is used in log-related scenarios. LoongCollector is used in diversified scenarios such as observable data collection, local computing, and service discovery.
Learn More >Logtail supports the following processing modes: native plug-in mode, extended plug-in mode, and Simple Log Service Processing Language (SPL) mode. You can process data based on the specified SPL statements and the computing capabilities of Simple Log Service.
Learn More >Large language models and large models contribute to the widespread adoption of vector databases. Text, voices, images, and videos can be stored in vector databases in the vector form. This helps users search for query-related information in an efficient manner.
Learn More >Benefits
Simple Log Service is a storage and application service for observable data. Simple Log Service allows you to collect, transform, query, analyze, visualize, consume, and ship observable data such as logs, metrics, and traces from end to end. You can also configure alerts for observable data. Simple Log Service delivers intelligent application capabilities in various scenarios, such as R&D, O&M, operations, and security.
-
Unified Collection
You can use LoongCollector, APIs, and SDKs to collect data from multiple sources, such as applications, operating systems, databases, mobile devices, standard protocols, cloud services, imported data, and third-party data over the Internet, the classic network, and leased lines.
-
High Performance
Simple Log Service supports near-real-time log writing and streaming data storage and provides the high-performance query and analysis engine for logs and metrics. You can query complex data at an ultra large scale. For example, you can query hundreds of billions of logs and analyze billions of logs per second. You can also compute millions of time series within seconds.
-
Cost-effectiveness
You do not need to build complex open source frameworks, which eliminates manual O&M costs. Simple Log Service is entirely based on a serverless architecture. Therefore, you do not need to plan resource usage. Simple Log Service provides multiple billing methods that allow you to respond to business changes in a flexible manner.
-
High Security and Reliability
HTTPS security technology-based encryption ensures the security of data transmission. Simple Log Service provides multi-replica backup storage to ensure data integrity. High-performance and high-reliability architecture provides SLA-guaranteed service availability of 99.99%.
Overview
Features
Data Collection and Storage
Data Collection
You can use LogHub to collect large amounts of log data in real time at low costs. The log data can be metrics, events, binary logs, text logs, and clickstream data. Simple Log Service provides more than 50 data collection methods to help you build platforms. Simple Log Service delivers powerful configuration and management capabilities in scenarios that have different characteristics to reduce O&M workloads.
Data Storage
Simple Log Service provides the real-time log storage feature to meet your requirements for data retrieval latency, data processing capabilities, and statistical analysis. You can use the feature to retrieve logs within seconds, monitor, collect, and analyze logs in real time, and consume logs in streaming mode. Simple Log Service provides the Infrequent Access (IA) storage feature to meet your requirements for the backtracking retrieval and archived storage of historical logs. You can use the feature to store logs that are infrequently accessed and do not require statistical analysis. For example, you can use the feature to store archived audit logs. The overall cost of IA storage is 80% lower than that of real-time storage.
ETL and Stream Computing
Stream Processing
You can connect LogHub to multiple real-time computing engines and services. LogHub can also monitor the processing progress and generate alerts. You can also use SDKs or API operations to consume data based on your business requirements. Simple Log Service provides comprehensive SDKs and programming frameworks for seamless integration with multiple stream processing engines. Simple Log Service provides comprehensive metrics and an alerting mechanism upon latency.
Extract, Transform, and Load
Unstructured log data is processed into structured data by filtering, cleansing, masking, and structuring. The structured data is used for subsequent SQL analysis, dashboards, and alerting.
Data Warehouse
Data Shipping
You can use LogShipper to ship data to storage services. During shipping, you can compress the data, define custom partition formats, and specify row or column store. For example, you can ship data to Alibaba Cloud services, such as Object Storage Service (OSS) and MaxCompute in real time.
Scenarios
-
Alibaba Cloud SIEM Processes
-
Real-time Data Collection
-
Real-time Query and Analysis
-
Real-time Computing and ETL
-
Integration with Data Warehouses
SIEM Solution
Security information and event management (SIEM) delivers security information management and security event management capabilities. SIEM allows you to collect and analyze security events, other events, and associated data sources to facilitate threat detection, compliance detection, and security event management.
Out-of-the-box SIEM Capabilities
-
Comprehensive Data Collection
You can collect, transform, and store data across Alibaba Cloud accounts.
-
Unified Query and Analysis
You can use the interactive query and analysis syntax, machine learning algorithms, and result visualization.
-
Threat Detection and Response
You can use built-in or custom alert rules for threats, manage alert notifications, and respond to alert events.
-
Log Shipping to the SIEM system
Syslog is a widely used logging standard that is compatible with most SIEM systems, such as IBM QRadar and HP ArcSight. Simple Log Service allows you to send logs to SIEM systems by using Syslog. You can use Simple Log Service consumer groups to build programs for consumption.
Real-time Data Collection
Real-time Data Collection
You can use LogHub to collect large amounts of log data in real time at low costs. The log data can be metrics, events, binary logs, text logs, and clickstream data.
Benefits
-
Ease of Use
Simple Log Service provides more than 30 data collection methods to help you build platforms. Simple Log Service delivers powerful configuration and management capabilities to reduce your O&M workloads. Simple Log Service has nodes distributed nationwide and globally.
-
Auto Scaling
Simple Log Service can handle traffic spikes and business peaks.
Recommended Service Combinations
Real-time Query and Analysis
LogAnalytics allows you to index LogHub data in real time and query data by using keywords, fuzzy match, contextual query, or SQL aggregate functions. You can also query data within a specific range.
Real-time Computing and ETL
Stream Computing and ETL
LogHub can connect to multiple real-time computing engines and services. LogHub can also monitor the processing progress and generate alerts. You can also use SDKs or API operations to consume data based on your business requirements.
Benefits
-
Ease of Use
Simple Log Service provides comprehensive SDKs and programming frameworks for seamless integration with multiple stream processing engines.
-
Comprehensive Features
Simple Log Service provides comprehensive metrics and an alerting mechanism upon latency.
-
Auto Scaling
Simple Log Service supports auto scaling to process petabytes of data without latency.
Recommended Service Combinations
Integration with Data Warehouses
Data Warehouse
LogShipper can ship LogHub data to storage services. During shipping, you can compress the data, define custom partition formats, and specify row or column store.
Benefits
-
Large Data Capacity
An unlimited amount of data can be shipped to storage services.
-
Multiple Formats
Various storage formats such as row store, column store, and text files are supported.
-
Flexible Configuration
Different configurations are supported, which allows you to define custom partition formats.
Recommended Service Combinations
Capabilities
Security Compliance
Access Control
User-based policies: Resource Access Management (RAM) policies are user-based policies. You can configure policies to manage users, such as employees, systems, or applications. You can also configure policies to manage the permissions that are granted to users on specific resources.
STS-based temporary authorization: You can use Security Token Service (STS) to obtain temporary access credentials, including an AccessKey pair and a security token, and send the credentials to temporary users. This way, the temporary users can access Simple Log Service. You can use STS to authorize temporary access to Simple Log Service. You can use STS to grant temporary access credentials that have a custom validity period and custom permissions to a third-party application or RAM user that you manage.
Data Encryption
SSL or TLS-based encrypted transmission: Simple Log Service can be accessed over HTTP or HTTPS. SSL or TLS ensures the security and integrity of data transmitted between two applications. Simple Log Service supports Logtail-based encrypted transmission and SDK-based encrypted transmission.
Server-side encryption: Simple Log Service allows you to encrypt data by using the service key of Simple Log Service. An independent data encryption key is generated for each Logstore. Simple Log Service allows you to encrypt data by using the Bring Your Own Key (BYOK) feature. You must create a customer master key (CMK) in the Key Management Service (KMS) console and grant the required permissions to Simple Log Service.
Data Reliability
Three-replica mechanism: The storage system of Simple Log Service uses a three-replica mechanism to ensure that three replicas are distributed to different physical disks on different servers. This way, if a single hardware device fails, data is not lost. The storage system also ensures strong data consistency among the three replicas.
Upgraded Support For You
1 on 1 Presale Consultation, 24/7 Technical Support, Faster Response, and More Free Tickets.
1 on 1 Presale Consultation
24/7 Technical Support
6 Free Tickets per Quarter
