One agent · logs, metrics & traces

Stop building your telemetry pipeline.

One lightweight agent finds your sources. Logpacer reads each one, structures it, and names every field for you. No parsers, no grok, no pipeline YAML, nothing to babysit. Pick what to keep. Every field is indexed and searchable.

  1. 01 Configure Set retention & compliance
  2. 02 Install Edgepacer finds your sources
  3. 03 Collect Pick sources, already parsed
  4. 04 Search Query logs, metrics & traces

How it works

Set up in four steps. Then it runs itself.

No pipeline YAML, no query language to learn, no agent to babysit. You declare intent; Logpacer does the wiring. Here's the whole thing.

01 — Configure

Set your preferences once.

Choose how long to keep logs and which compliance frameworks you answer to. Pick a preset and the right log categories come along — retention and audit handled, no per-source config.

Read the docs →
preferences · retention & compliance

Retention

90 days

Compliance presets

GDPR ISO 27001 SOC 2 CFCS

45 categories · 8 families covered

audit ✓

02 — Install

One agent. It finds everything.

Drop Edgepacer onto a host or cluster — a single Rust binary, DaemonSet or sidecar. It discovers containers, log files and systemd units on its own. No manifests to edit, no source list to maintain. It runs at under 0.1% CPU and around 10 MB of memory, and buffers to local disk with delivery guarantees — so a network blip never costs you a line.

Read the docs →
install · edgepacer

$ curl -fsSL logpacer.sh/install | sh

discovering sources…

12 containers

9 journald units

4 log files

on host metrics

25 sources · metrics on · 0 config files

cpu <0.1%
memory ~10 MB
delivery guaranteed

03 — Collect

Choose what to collect. It's already parsed.

You decide what's collected — application and system logs, per source. Nothing is collected behind your back. And there's no parser to write: Logpacer has already sampled each source, typed every field, and given it a clear, descriptive name. Pick your sources, glance at the result, collect.

Read the docs →
collect · choose sourcesanalyzed
checkout application named
sshd system named
debug-sidecar application off

checkout · sample → parsed

2026-06-03T12:04:02.880Z ERROR payment.authorize denied order=8842 gateway=stripe ms=30021

timestamp 2026-06-03 12:04:02
severity error
service checkout
order 8842
gateway stripe
latency_ms 30021
fields named automatically

04 — Search

Then just search. It's all there.

One query language for application and system logs, host metrics and traces — learn it once. Nothing was sampled away or dropped, so the answer is in there.

Read the docs →
source:sshd severity:>=warn last:1h live
12:04:01 web-03 sshd Failed password for invalid user admin
12:04:02 api-01 sshd Failed password for root from 203.0.113.7
12:04:03 db-02 sshd Disconnecting invalid user test: too many failures
12:04:04 gw-01 sshd error: maximum authentication attempts exceeded

It's actually that easy.

Start your pilot

Storage & search

Keep everything. Pay for almost nothing.

On the public log-parsing benchmark corpora — a deliberately compression-hostile worst case — our engine shrinks your logs, metrics and traces about 15.8× (6.68 GB of those benchmarks down to 424 MB), measured the honest way: raw bytes in, fully structured and searchable bytes out. The industry counts it from already-structured data and calls it 31.4×; we lead with the raw number. Real production logs repeat more, and compress further.

Every field is indexed, so you never choose what to make queryable — all of it stays searchable. And because queries prune by time window, a scoped search only reads the slice it needs, so it stays fast as the data grows.

We built it this way on purpose: a featherweight agent and heavy compression so keeping everything never taxes your nodes or your storage. Your compute and your storage stay yours.

Every field indexed Immutable storage Time-window pruning Hosted in the EU
storage & searchimmutable

stored vs raw · the honest way

15.8×

raw in 1.0 TB
stored & searchable 63 GB
every field indexed · time-scoped searchable

Why it's different

You pick the sources. Logpacer does the rest.

It structures itself

No grok patterns, no regex, no parsing templates. Logpacer reads each source, structures the data, and names every field clearly.

Formats never break you

A frontier log analyzer structures formats it has never seen. When a source changes, it re-derives the structure automatically. No parser to write. None to fix at 2am.

Keep all of it

Once a source is on, nothing is sampled away or dropped. Every event is kept and searchable: application logs, system logs, audit trail included.

Logs, metrics & traces

Application and system logs, host metrics out of the box, traces shipped off-host. One agent collects all of it.

OTLP-compatible

Speaks OTLP. Your existing instrumentation just works. No rip-and-replace, no new SDKs to adopt.

Your compute stays yours

One light agent. It runs around 10 MB idle, not the hundreds of megabytes (or gigabytes) other collectors demand. In internal testing it sustained around 500,000 lines per second on a single core (a conservative floor, not production-at-scale). The compute you pay for stays with your applications.

Prepping for pilots · private beta

Bring one fleet. Watch it light up.

We're preparing our first pilots. Point Edgepacer at one cluster or a set of hosts and see your application and system logs flowing — collected, parsed and searchable — without a week of pipeline plumbing.

Questions

The honest answers.

How is this different from a legacy observability vendor? +

You don't build or tune the pipeline — no grok patterns or parsing rules to write, no per-source index or retention decisions, no query language to learn for setup. Logpacer reads your data, structures it, names every field, and keeps all of it. And here's the part the rest of the space doesn't do: it collects your application and system logs together, with a level of compliance and audit coverage no other observability tool offers. One agent for logs, metrics and traces; one place to search.

What happens when a log format changes? +

Nothing you have to act on. There's no parser to break — when a source's format drifts, Logpacer re-derives the structure automatically and your fields stay named. It structures formats it hasn't seen before, so a format you change tomorrow needs no work from you. Format changes stop being an incident.

Do I have to run storage, or decide what to keep? +

No. Logpacer stores your data for you — all of it. You don't size or operate storage, write per-source retention rules, or choose what to index. You set a retention window and the compliance frameworks you answer to; everything else is handled.

Where does my data live? +

In the EU. Logpacer runs on European infrastructure — Hetzner and Scaleway, across Germany, the Netherlands and France — and your telemetry stays in-region. You get data residency and sovereignty without operating storage yourself.

What is the agent written in, and how heavy is it? +

Edgepacer is written in Rust and ships as a single static binary you install as a DaemonSet or sidecar. It's genuinely light: in our own running fleet it sits at under 0.1% CPU and roughly 10 MB of memory. It discovers sources and ships raw logs, metrics and traces — parsing, structuring and storage all live downstream — and it buffers to local disk with delivery guarantees, so a network blip or backend hiccup replays instead of dropping a line.

Just logs, or metrics and traces too? +

All three. Application and system logs — containers, journald, systemd units and /var/log — plus host metrics out of the box and traces shipped off-host. One agent discovers and collects them.

Do the compliance presets do the work for me? +

They make coverage legible: choose a framework — GDPR, ISO 27001, SOC 2 or CFCS — and the relevant log categories are grouped, with tags carried through to retention. It organises and documents your coverage; it doesn't replace your own compliance judgement.

Can I point an AI agent at my logs? +

That's the end goal Logpacer is built toward. Because every field is classified as it's ingested, we know which ones carry personal data — so the intent is that an agent can query across everything while PII is held back and never leaves the EU. We're building that interface now. It isn't live yet, and we won't pretend it is.

Who is behind Logpacer, and can I use it now? +

It's built by a small, independent team. We're preparing our first pilots — lining up a limited set of private-beta design partners. If that's you, request early access and we'll be in touch.