惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

Vercel News
Vercel News
Recorded Future
Recorded Future
CTFtime.org: upcoming CTF events
CTFtime.org: upcoming CTF events
The GitHub Blog
The GitHub Blog
Application and Cybersecurity Blog
Application and Cybersecurity Blog
Google DeepMind News
Google DeepMind News
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
Microsoft Azure Blog
Microsoft Azure Blog
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
M
MIT News - Artificial intelligence
云风的 BLOG
云风的 BLOG
Y
Y Combinator Blog
N
News | PayPal Newsroom
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
Help Net Security
Help Net Security
博客园 - Franky
SecWiki News
SecWiki News
Recent Announcements
Recent Announcements
T
Troy Hunt's Blog
The Register - Security
The Register - Security
The Last Watchdog
The Last Watchdog
Webroot Blog
Webroot Blog
S
Security Affairs
博客园 - 司徒正美
S
Schneier on Security
I
InfoQ
博客园_首页
www.infosecurity-magazine.com
www.infosecurity-magazine.com
T
Threat Research - Cisco Blogs
Forbes - Security
Forbes - Security
腾讯CDC
N
Netflix TechBlog - Medium
N
News and Events Feed by Topic
Cloudbric
Cloudbric
T
The Exploit Database - CXSecurity.com
P
Proofpoint News Feed
A
About on SuperTechFans
Engineering at Meta
Engineering at Meta
Recent Commits to openclaw:main
Recent Commits to openclaw:main
B
Blog
V
Vulnerabilities – Threatpost
C
Check Point Blog
Google DeepMind News
Google DeepMind News
Google Online Security Blog
Google Online Security Blog
C
Cyber Attacks, Cyber Crime and Cyber Security
Hacker News - Newest:
Hacker News - Newest: "LLM"
C
Cisco Blogs
Schneier on Security
Schneier on Security
O
OpenAI News
K
Kaspersky official blog

Datadog | The Monitor blog

Introducing our open source AI-native SAST Instrument and monitor Boomi integration flows with OpenTelemetry and Datadog Not all index scans are equal: How we cut query latency by over 99% Platform engineering metrics: What to measure and what to ignore Integrate Recorded Future threat intelligence with Datadog Cloud SIEM CI/CD security: threat modeling using a MITRE-style threat matrix CI/CD security: How to secure your GitHub ecosystem Ingress NGINX is EOL: A practical guide for migrating to Kubernetes Gateway API Operating agentic AI with Amazon Bedrock AgentCore and Datadog LLM Observability: Lessons from NTT DATA Introducing the Datadog Code Security MCP Capture and analyze custom heatmaps in Session Replay Understand session replays faster with AI summaries and smart chapters Monitor ClickHouse query performance with Datadog Database Monitoring How we designed empathetic alert sounds for on-call engineers Search and act across Datadog to resolve issues faster with Bits Assistant Measure the business impact of every product change with Datadog Experiments Analyzing round trip query latency Configuring JavaScript caches for better performance Introducing Bits AI Dev Agent for Code Security Datadog achieves ISO 42001 certification for responsible AI Monitor Nutanix clusters, hosts, and VMs with Datadog Monitor Juniper Mist in Datadog A new Host Map for modern infrastructure Annotate traces to improve LLM quality with Datadog LLM Observability What’s new in Cloud SIEM: AI-powered investigations, enhanced threat intelligence, and scalable security operations Explore Kubernetes with native OpenTelemetry data Monitor Oracle Fusion Cloud Applications with Datadog Announcing the Datadog Terraform provider v4.0.0 Scaling Kubernetes workloads on custom metrics How to design cloud environments for AI-powered threat analysis Monitor Aruba Central in Datadog How we centralize and remediate risks with Datadog Case Management Accelerate incident response with Datadog and ServiceNow Monitor your application and network load balancer logs Understanding Karpenter architecture for Kubernetes autoscaling Tools for collecting metrics and logs from Karpenter Monitor Karpenter with Datadog What your product data is actually saying Key metrics for monitoring Karpenter Securing Datadog’s platform in the AI age: The role of observability data Four ways engineering teams use the Datadog MCP Server to power AI agents Approaching your observability migration with the right mindset Meet the new Bits AI SRE: Deeper reasoning, twice as fast Key learnings from the 2026 State of DevSecOps study Use plain English to query your multi-cloud infrastructure in Resource Catalog Simplifying troubleshooting across the user journey with Datadog Synthetic Monitoring Protect your OCI resources with Datadog Cloud Security This Month in Datadog - February 2026 Amazon EC2 security: How misconfigured and public AMIs expand your cloud attack surface Enable end-to-end visibility into your Java apps with a single command Measure and improve mobile app startup performance with Datadog RUM Evaluating our AI Guard application to improve quality and control cost Identify untested code across every level of your codebase Make use of guardrail metrics and stop babysitting your releases Monitor Versa Networks SD-WAN performance in Datadog Improve performance and reliability with APM Recommendations Remediate transitive vulnerabilities faster with Datadog Software Composition Analysis Generate audit-ready vulnerability and compliance reports with Datadog Sheets Monitor Fortinet FortiManager performance in Datadog Improve test coverage across codebases with Datadog Code Coverage Move fast, don’t break things: Consistent testing standards at scale Enrich logs with ServiceNow CMDB context before routing to any SIEM or logging tool Monitor Lustre with Datadog Make faster, better product decisions with Datadog Product Analytics Surface and remediate runtime posture issues with Workload Protection Findings Protect agentic AI applications with Datadog AI Guard How to optimize JavaScript code with CSS Trace Google Pub/Sub workloads in Cloud Run with Datadog Detect human names in logs with ML in Sensitive Data Scanner How we cut our NLQ agent debugging time from hours to minutes with LLM Observability Debug PostgreSQL query latency faster with EXPLAIN ANALYZE in Datadog Database Monitoring Datadog acquires Propolis Unify and correlate frontend and backend data with retention filters Scale compliance across global frameworks with Datadog Cloud Security Monitor Arista VeloCloud SD-WAN performance with Datadog Building reliable dashboard agents with Datadog LLM Observability Simplify log collection and aggregation for MSSPs with Datadog Observability Pipelines Mitigation for Node.js denial-of-service vulnerability affecting Datadog APM Automate flaky test fixes with the Bits AI Dev Agent and Test Optimization How we built an AI SRE agent that investigates like a team of engineers Datadog integrations 2025 recap: Observability for AI, security, and hybrid cloud Design effective executive dashboards with Datadog Implement dbt data quality checks with dbt-expectations Bring faster visibility into AWS Lambda functions with remote instrumentation Troubleshoot faster with the GitLab Source Code integration in Datadog How Cambia Health Solutions saved $30,000 monthly with Cloud Cost Management and the Datadog Resource Catalog Normalize any logs for Cloud SIEM with Datadog's OCSF processor Optimizing Datadog at scale: Cost-efficient observability at Zendesk Detect, diagnose, and resolve network issues easily with CNM Network Health Connect engineering errors to user impact in early-stage products Cilium configuration for Kubernetes operations at scale Designing feedback loops for progressive delivery Ship features faster and safer with Datadog Feature Flags Choosing the right OpenTelemetry Collector distribution Route your monitor alerts with Datadog monitor notification rules Automate Cloud SIEM investigations with Bits AI Security Analyst Cloud threat detection: How to identify risky activity across control and data planes Collecting Kafka performance metrics Monitoring Kafka with Datadog Monitoring Kafka performance metrics
Search your historical logs more efficiently with Datadog Archive Search
2025-06-10 · via Datadog | The Monitor blog
Zara Boddula

Zara Boddula

Accessing years of archived logs shouldn’t slow down your audits or investigations. Speed is essential because these events are often unpredictable and urgent, coming at any time with tight deadlines and high stakes. But many organizations struggle with historical data stored in separate systems, making it difficult for them to respond quickly and cost-effectively. This data often requires costly rehydration or data movement before queries can begin.

Datadog Archive Search, now available in Preview, helps solve these challenges. With Archive Search, your teams can search in place across archived logs in Flex Frozen or customer-owned cloud storage (like Amazon S3)—no rehydration needed. This functionality reduces cost, operational overhead, and tool switching while accelerating audits and investigations.

In this post, we’ll explain how Archive Search helps you:

Preview and search archived logs without rehydration

Your financial services team might need to trace old transactions to meet regulatory requirements. Or perhaps your security team is investigating a suspected identity provider breach. Maybe your compliance team is auditing infrastructure changes that occurred over the course of multiple years.

Traditional access to these archived logs requires rehydration—restoring data from cold storage into hot storage—or exporting data to separate query platforms. This process can be time-consuming, expensive, and disruptive. It might also require approvals and budgetary planning, which can create additional delays. More importantly, it forces teams to switch contexts and learn different query languages, slowing down investigations and increasing the risk of errors.

With Archive Search, you can preview and search archived logs in Flex Frozen or customer-owned cloud storage without rehydrating or moving the data. Each log preview delivers full context—including log messages, timestamps, attributes, and tags—from the same Datadog query language and interface that you already know. This consistency lets you confidently investigate historical events, drill into anomalies, and filter results without switching tools or waiting for data to move.

As a result, you gain direct visibility into archived logs to help you answer critical questions such as the following:

  • Who initiated the transaction that is the focus of the compliance request?
  • Which API keys were rotated during the last compliance audit?
  • Who accessed sensitive systems, and what actions did they take?
  • When was a noncompliant infrastructure change made, and by whom?
  • How long did a malicious actor maintain access, and what did that user do?
Reviewing Okta logs within Archive Search.
Preview of an archived Okta log.
Reviewing Okta logs within Archive Search.

Speed up investigations with cross-telemetry and organizational visibility

When you’re investigating a performance issue, security signal, or compliance concern, having all your relevant telemetry data in one place helps you find answers faster. With Archive Search and Datadog Log Workspaces, you can visualize archived logs alongside key data sources—including RUM events, metrics, and Reference Tables—without switching tools or rehydrating data.

For example, let’s say that your security team just identified a security breach and needs to determine who introduced it. Using a log query in a Workspace, the team can pull up archived authentication logs and correlate them with RUM data to understand what actions the user took in the UI (for example, accessing sensitive pages or performing admin actions).

Investigating authentication logs within Log Workspaces.
Logs related to a suspicious login.
Investigating authentication logs within Log Workspaces.

As another example, let’s say that your trading compliance team is investigating suspicious transaction failures as part of a quarterly audit. Using Archive Search in Log Workspaces, the team can filter for failed transactions across specific countries.

Visualizing transaction failures within Log Workspaces.
Chart of failed transactions by country. The results are filtered by high value.
Visualizing transaction failures within Log Workspaces.

The team can then write SQL queries to identify unusual patterns, such as repeated failures linked to a single user or region, and perform joins with reference tables, like Salesforce known risk indicators.

Querying with SQL within Log Workspaces.
A SQL query as part of an analysis of failed transactions.
Querying with SQL within Log Workspaces.

After you have investigated the issue, you can use Datadog Sheets to organize and document your findings. You can reference archived log data directly in the spreadsheet, link the data to metrics, add context by using tags and metadata, and share a structured timeline of events across teams.

Documenting findings in Datadog Sheets.
Spreadsheet for a user activity audit. The sheet includes columns for status, date, country, user name, user team, event name, event outcome, and authentication type.
Documenting findings in Datadog Sheets.

From detection to report, this workflow helps reduce context switching, accelerate investigations, and support audit-ready reporting—all with the same query language and interface that you already use in Datadog.

Maintain end-to-end control and visibility of your log data

Long-term visibility into your logs isn’t just about storage. It’s about making sure that the right data is collected, transformed, routed, and made searchable, all while keeping costs and compliance needs in check.

With Datadog Observability Pipelines, you can transform and route your logs as they flow to different vendors, lowering your DevOps and SIEM storage costs. For example, you can send all security-related logs directly to Amazon S3, enriching them with metadata like team ownership or compliance tags before they land in storage. At the same time, you can route application debug logs to a different destination entirely, applying different retention policies based on business needs.

This functionality gives you flexibility and control. But until now, accessing those archived logs meant switching tools or rehydrating data back into hot storage. Archive Search builds on Observability Pipelines by letting you search your archived logs in place. By combining Observability Pipelines and Archive Search, you can build an end-to-end workflow that gives you full control over your log data—from collection to long-term storage to in-place search. You can:

  • Route and transform logs as they’re ingested
  • Store logs in cost-effective long-term destinations
  • Keep logs fully searchable and audit-ready

This approach helps you reduce unnecessary data ingestion into downstream platforms, like SIEMs. As a result, you can focus on the log data that truly matters for compliance, investigations, and performance monitoring—all within Datadog.

Using Observability Pipelines to route logs to Amazon S3 and Datadog.
A pipeline that sends logs to different destinations.
Using Observability Pipelines to route logs to Amazon S3 and Datadog.

Whether you’re focused on lowering storage costs, simplifying compliance efforts, accelerating incident response, or improving historical log visibility, Archive Search gives you fast, flexible access to archived data—without the expense and complexity of rehydration. Sign up for the Preview to get started.

If you don’t already have a Datadog account, you can sign up for a 14-day free trial.