Metoro provides comprehensive logging capabilities by capturing every log emitted from all containers in your infrastructure. It automatically collects both standard output (stdout) and standard error (stderr) from every container, aggregating them in a centralized platform for easy access and analysis.

The log view is accessible from the left sidebar or here.

Log Search and Performance

The log view allows you to filter logs using multiple methods:

  • Regex search using re2 format
  • Attribute-based filtering
  • Time range selection
  • Clauses are combined with AND, by default

Metoro’s logging system is highly performant, capable of searching through billions of logs in seconds. Search throughput is around 1 billion logs per second with a basic regex search.

Default Attributes

Each log entry is automatically tagged with several default attributes:

  • Container ID (the unique id of the container that emitted the log)
  • Environment
  • Host (source of the log)
  • Service name (the service the container belongs to)

Structured Logs

Metoro automatically parses structured JSON logs, making every field searchable. Key features include:

  • Automatic parsing of JSON log formats
  • Every key and value is indexed for searching
  • No limit to the number of fields that can be indexed
  • Similar search performance to regex searches when filtering by specific JSON fields
  • Filter capabilities on any JSON field (e.g., filtering by status codes)

Log Clustering and Hashing

Metoro implements an intelligent log clustering system that:

  • Assigns unique hashes to similar log lines
  • Groups logs that are similar but differ in dynamic elements (like timestamps)
  • Enables searching for similar types of errors using hash-based clustering
  • Helps identify patterns in your logs more effectively

You can see this as the pattern.hash attribute in each log entry.

Log Analytics and Alerting

Beyond basic log viewing and searching, Metoro provides advanced analytics capabilities:

  • Chart log volume over time - apply filters and group logs by any attribute
  • Create visualizations filtered by specific log patterns
  • Build alerts based on log patterns and frequencies

Bring your own Logs (OpenTelemetry Log Ingestion)

In addition to automatically collecting container logs, Metoro supports ingesting logs from any source that implements the OpenTelemetry protocol. This allows you to:

  • Send logs from applications running outside your Kubernetes cluster
  • Integrate existing logging pipelines with Metoro
  • Maintain a unified logging experience across all your infrastructure

To learn more about setting up OpenTelemetry log ingestion, see our OpenTelemetry Log Integration Guide.

Log Exclusions

Metoro allows you to prevent logs from being exported from your cluster. This is useful for:

  • Protecting sensitive data in specific log subsets
  • Managing verbose logging
  • Controlling log export costs

To exclude logs, navigate to the settings page and access the log settings tab. Here you can:

  • Add re2 regex patterns to exclude matching logs
  • Apply exclusions globally or to specific services, namespaces or clusters

Was this page helpful?

Common QuestionsOpenTelemetry Integration