Time Travel With Dynamic Backfill

Steve Waterworth
May 2, 2025

Application logs provide vital information to assist with finding the root cause of an issue when an incident occurs. Under these circumstances there is no such thing as too much logging; the more information the better. However, the greater the volume of log information the greater the cost to process and store it whether using your own servers or those from one of the many SaaS providers.

Some application frameworks support changing the log level without restarting, allowing for increased detail when an issue is detected. While this is better than nothing in most circumstances the vital piece of information was logged before the issue was detected and has already been lost.

Dynamic Detail When You Need It

Grepr slips in like a shim between the log shippers and the log processing and storage servers. All logs messages are retained in low cost storage then using machine learning and a rules engine only less frequent unique messages and summaries of the more frequent noisy messages are sent through. Using these advanced techniques results in a typical reduction of 90% to the volume of messages being processed and stored by the existing logging backend.

During normal operation, this level of information provides just the right level of detail for users: low-frequency messages that are usually important like errors or misbehaviors are passed straight through, so they’re searchable and easy to find while reading through a log stream. Noisy messages that repeat often are summarized so they don’t clog the log stream and make it harder to read.

Remember no log messages are dropped, all messages are retained in low cost storage. When an incident occurs any log messages pertinent to the incident can be selectively and quickly backfilled into the logging backend. Thus providing the engineers all the detailed information they need in the tools they are familiar with.

Grepr dynamic backfill is just like going back in time to increase log level detail before the issue happened, ensuring that all the information is captured for diagnosis.

Reduce Cost Without Reducing Logging

Utilising Grepr the majority of log messages are retained in low cost storage, significantly reducing the cost of processing and storing them. The compromise between the level of detail captured in log messages and the cost now swings firmly in favour of capturing more detailed information all the time. More detail available in log messages enables engineers to diagnose issues and resolve incidents quicker, freeing them to work on new features and fixes.

Give Time Travel A Try

Give Grepr a spin and see how easy it is to start saving 90% on your logging services cost with zero interruption to your existing workflows. Stop worrying about achieving that fine balance between logging visibility and cost. With Grepr dynamic backfill you can use detailed logging at low cost and debug with your current tools.

Share this post

More blog posts

All blog posts
Product

Why We Call Grepr A “Data Engine”

Grepr is an intelligent observability data engine that uses pipelines to process log data from sources like Splunk, Datadog, and New Relic. It stores data in low-cost S3 buckets, extracts key information into a standard format, and then uses a series of advanced processing steps like masking, tokenizing, and machine learning-based clustering to reduce the volume of logs by up to 90%. Users can tune the engine's performance with a variety of settings, including a configurable aggregation time window and a logarithmic sampling strategy, to ensure that important troubleshooting information is preserved while noisy, repetitive logs are filtered out.
August 7, 2025
Product

How FOSSA Reduced Their Logs by 94% Without Burdening Their Engineers

Is your observability bill growing faster than your engineering team can say "log volume"? You're not alone. FOSSA, a leader in software supply chain management, faced a similar challenge. Their reliance on Datadog, while providing essential visibility, was becoming a significant financial burden as their platform scaled. Instead of a painful, time-consuming overhaul of their entire logging strategy, FOSSA found a smarter way. They discovered a solution that allowed them to dramatically reduce their Datadog costs without sacrificing the crucial insights they needed to monitor and troubleshoot their systems. Want to know how FOSSA achieved a whopping 95% reduction in log volume and kept their observability costs in check? Click to read the full story and discover their secret!
July 30, 2025
Product

Stuck Between A Rock And A Hard Place

Observability tools are vital for troubleshooting, but their high operational cost, driven by data volume, creates a tension between DevOps teams needing more data and businesses seeking lower bills. This dilemma stems from platforms treating all data as equally important, leading to an "impossible situation." Grepr breaks this conundrum by acting as a shim between log shippers and backends, using semantic machine learning to summarize frequent, noisy messages while passing critical, unique ones straight through. This innovative approach reduces log volume by 90-98% for significant cost savings, yet all data remains accessible in low-cost storage via the Grepr dashboard, REST API, and familiar query syntaxes (Splunk, Datadog, New Relic). This ensures that while you pay only for the 2-10% of data actively used, the rest is available on demand for queries or backfilling during incident investigations, solving the operational versus cost challenge and allowing you to pay only for the data you truly need, when you need it.
July 28, 2025

Get started free and see Grepr in action in 20 minutes.

Sign up
HomeFeaturesDocsAboutContact
Privacy PolicyTerms of Use
© 
#
 Grepr. All rights reserved.