Dynamic Backfill Is Log Time Travel at 90% Lower Cost

Steve Waterworth
May 2, 2025
A DeLorean accelerates across a wet parking lot at night, glowing blue light trailing behind it as it reaches time-travel speed in a scene from Back to the Future.

Application logs provide vital information to assist with finding the root cause of an issue when an incident occurs. Under these circumstances there is no such thing as too much logging; the more information the better. However, the greater the volume of log information the greater the cost to process and store it whether using your own servers or those from one of the many SaaS providers.

Some application frameworks support changing the log level without restarting, allowing for increased detail when an issue is detected. While this is better than nothing in most circumstances the vital piece of information was logged before the issue was detected and has already been lost.

Dynamic Detail When You Need It

Grepr slips in like a shim between the log shippers and the log processing and storage servers. All logs messages are retained in low cost storage then using machine learning and a rules engine only less frequent unique messages and summaries of the more frequent noisy messages are sent through. Using these advanced techniques results in a typical reduction of 90% to the volume of messages being processed and stored by the existing logging backend.

During normal operation, this level of information provides just the right level of detail for users: low-frequency messages that are usually important like errors or misbehaviors are passed straight through, so they’re searchable and easy to find while reading through a log stream. Noisy messages that repeat often are summarized so they don’t clog the log stream and make it harder to read.

Remember no log messages are dropped, all messages are retained in low cost storage. When an incident occurs any log messages pertinent to the incident can be selectively and quickly backfilled into the logging backend. Thus providing the engineers all the detailed information they need in the tools they are familiar with.

Grepr dynamic backfill is just like going back in time to increase log level detail before the issue happened, ensuring that all the information is captured for diagnosis.

Reduce Cost Without Reducing Logging

Utilising Grepr the majority of log messages are retained in low cost storage, significantly reducing the cost of processing and storing them. The compromise between the level of detail captured in log messages and the cost now swings firmly in favour of capturing more detailed information all the time. More detail available in log messages enables engineers to diagnose issues and resolve incidents quicker, freeing them to work on new features and fixes.

Give Time Travel A Try

Give Grepr a spin and see how easy it is to start saving 90% on your logging services cost with zero interruption to your existing workflows. Stop worrying about achieving that fine balance between logging visibility and cost. With Grepr dynamic backfill you can use detailed logging at low cost and debug with your current tools.

FAQ

1. What is dynamic backfill and how does it work?

Dynamic backfill is Grepr's ability to selectively restore logs from low-cost storage back into your existing logging backend on demand. When an incident occurs, Grepr pulls the exact logs relevant to that incident, for the specific service, host, and time window, and pushes them into the tools your engineers already use for investigation.

2. Does Grepr drop any log messages during normal operation?

No. Every log message is retained in low-cost storage regardless of whether it is forwarded to your logging backend. Grepr filters what reaches your backend to reduce cost, but nothing is ever permanently discarded.

3. How is this different from just changing the log level during an incident?

Changing log level only increases detail going forward from the moment you detect the problem. The logs that explain what caused the incident have already been lost. Grepr's dynamic backfill works retroactively, restoring detailed logs from before the incident was detected, which is where the diagnostic value actually lives.

4. Will dynamic backfill require engineers to learn new tools or change their workflows?

No. Backfilled logs are restored directly into the logging backend your team already uses. Engineers investigate incidents in the same interfaces they know, with no new dashboards, query languages, or context switching required.

5. How much can teams expect to save on logging costs with Grepr?

Grepr typically reduces the volume of logs processed and stored by your logging backend by 90% or more. The majority of log messages are retained in low-cost storage rather than passed through to higher-cost processing and indexing, while still ensuring full detail is available whenever an incident requires it.

Share this post

More blog posts

All blog posts
Kubernetes logo on a background of rippling blue pool water.
Engineering Guides

Grepr for Kubernetes Environments: Architecture and Implementation

Kubernetes environments drown observability platforms in redundant log data, and Grepr uses semantic machine learning to reduce that volume by up to 90 percent while preserving every raw event in low-cost S3 storage.
April 16, 2026
An animated digitally illustrated graphic of an iceberg in water
Engineering Guides

How to Store Logs in S3 Using Parquet and Apache Iceberg for Cost Savings

The ingestion bill is visible. The storage bill is the one that compounds.
April 14, 2026
Grepr team members John and Utkarsh at an outdoor café in Amsterdam during KubeCon EU 2026.
Events

KubeCon Amsterdam 2026: Hallway Conversations Said What Keynotes Didn't

KubeCon EU 2026 made one thing clear: AI infrastructure is generating telemetry volumes that most observability budgets were never built to handle.
April 8, 2026

Get started free and see Grepr in action in 20 minutes.

Sign up
HomeFeaturesDocsAboutContact
Privacy PolicyTerms of UseFAQ
© 
2026
 Grepr. All rights reserved.