Cloudflare generates numerous logs of different types, including HTTP request logs, firewall events, access logs, DNS query logs, etc. These logs contain plenty of helpful information that can provide insight into the health and performance of web applications. However, the profusion of data presents a challenge in extracting the useful signals from all the noise. The Grepr Intelligent Observability Data Engine can suppress the noise and provide a clear signal.

Kubernetes audit logs are extremely useful for tracking interactions with the API Server for debugging and providing insight into workloads. By default the audit logs are retained in etcd for only one hour. With the low cost storage of Grepr, much longer retention periods are possible for minimal cost and greater insight.

This blog post provides a comprehensive, step-by-step guide on how to seamlessly integrate the Grepr Intelligent Observability Data Engine with Splunk. It explains that with a few simple configuration changes, you can reroute your logs to Grepr, which uses machine learning to automatically detect and summarize frequent log patterns. This process can reduce your Splunk log volume and associated cloud costs by up to 90%, all without discarding any data. The post walks you through the entire setup, from configuring integrations for Splunk S2S or HEC to creating pipelines and datasets, ultimately demonstrating how to achieve significant cost savings while maintaining full diagnostic visibility.