Modern Observability & SIEM. Open Source. Multi-Engine.

☁️ Try Cloud (Free Alpha) • Self-Host • SDKs • Docs

🚀 RELEASE 0.8.1: LogTide now supports Multi-Engine Storage (ClickHouse, MongoDB) and Advanced Browser Observability.

---

👋 What is LogTide?

LogTide is an open-source, high-performance observability platform and SIEM. It provides a unified view of Logs, Traces, and Metrics with built-in security detection. Designed for teams that need GDPR compliance, full data ownership, and sub-100ms query performance without the overhead of ElasticSearch.

Why LogTide?

• 🔌 Multi-Engine: Choose your storage — TimescaleDB (standard), ClickHouse (massive scale), or MongoDB (flexibility).
• 🌐 Full-Stack Observability: Monitor everything from backend services to browser Web Vitals and user sessions.
• 🛡️ Security-First: Native Sigma Rules engine for real-time threat detection and incident management.
• 🇪🇺 GDPR Ready: Keep data on your own infrastructure. Built-in PII Masking and Audit Logs.
• ⚡ Lightweight: Low RAM footprint. 5-minute setup with Docker.

---

📸 Screenshots

Logs Explorer

Performance & Metrics (New in 0.8.1)

Distributed Tracing

Error Groups

SIEM Dashboard

---

🚀 Quick Start

Option A: Self-Hosted (Docker) - Recommended

Total control over your data. Uses pre-built images from Docker Hub.

1. Download configuration

   mkdir logtide && cd logtide
   curl -O https://raw.githubusercontent.com/logtide-dev/logtide/main/docker/docker-compose.yml
   curl -O https://raw.githubusercontent.com/logtide-dev/logtide/main/docker/.env.example
   mv .env.example .env

2. Start the stack

   docker compose up -d

3. Access LogTide

   • Frontend: http://localhost:3000
   • API: http://localhost:8080

Option B: Cloud (Fastest & Free)

We host it for you. Perfect for testing. Sign up at logtide.dev.

---

✨ Core Features (v0.8.1)

• 🚀 Multi-Engine Reservoir: Pluggable storage layer supporting TimescaleDB, ClickHouse, and MongoDB.
• 🌐 Browser SDK Enhancements: Automatic collection of Web Vitals (LCP, INP, CLS), user session tracking, and click/network breadcrumbs.
• 📈 Golden Signals: Automated P50/P95/P99 latency, error rates, and throughput charts.
• 🔍 Smart Search: Combined Full-text and Substring search modes with sub-100ms response times.
• 🛡️ SIEM & Incident Management: Sigma rules engine, MITRE ATT&CK mapping, and collaborative incident workflows.
• 🕵️ PII Masking: Detect and redact sensitive data (emails, credit cards, IPs) at ingestion time.
• 📜 Audit Logs: Track all user and system actions for SOC2/GDPR compliance.
• 🔗 Event Correlation: Trace logs across services using trace_id, session_id, or custom correlation keys.

---

📦 SDKs & Integrations

Ready-to-use SDKs with auto-instrumentation and distributed tracing.

Language	Status	Package / Link
Browser (JS/TS)	✅ Ready	@logtide/browser
Node.js	✅ Ready	@logtide/sdk-node
Python	✅ Ready	logtide-sdk
Go	✅ Ready	logtide-sdk-go
PHP	✅ Ready	logtide/logtide
Kotlin	✅ Ready	logtide-sdk-kotlin
C# / .NET	✅ Ready	LogTide.SDK
Docker	✅ Ready	Fluent Bit / Syslog Guide
HTTP API	✅ Ready	API Reference
OpenTelemetry	✅ Ready	Native OTLP support (Logs, Traces, Metrics)

---

🏗️ Tech Stack

Layer	Technology
Frontend	SvelteKit 5 (Runes) + TailwindCSS + ECharts
Backend	Fastify (Node.js) + TypeScript
Storage	TimescaleDB / ClickHouse / MongoDB
Detection	Sigma YAML Engine

---

📄 License

Distributed under the GNU AGPLv3 License. See LICENSE for more information.

---

Built with ❤️ in Europe

Start for Free • Report a Bug