Features
No need to build another log ETL pipeline
Just give Scanner read permission to your S3 data lake, and we will index your data directly in its existing format. No schema transformations required. Handles common data lake formats: JSON, CSV, Parquet, Avro, and more.
Find the needle in a multi-terabyte haystack
Get search results in seconds, even if you're searching for a single IP address across a year of logs. By default, indexes are retained for one year.
Detection rules and alerting
Hundreds of out-of-the-box detection rules for common security logs, like AWS CloudTrail. Send alerts to Slack, PagerDuty, and custom webhooks. Coming soon!
Get started in minutes
Scanner simply needs read permissions to your S3 buckets and S3 object notifications in SQS. Launch our CloudFormation template to get started right away.
ABOUT US
At our prior company, our logging scaled rapidly.
We didn't want to spend an additional $1M per year on traditional logging tools. So we threw away logs more than a few hours old, which made debugging super painful.
That’s why we built Scanner. It should be possible to store logs at massive scale and low cost without sacrificing speed.