Make your historical logs queryable in Datadog with Observability Pipelines, the Custom Processor, and Log Rehydration.

DataDog Blog offers insights, tutorials, and updates on monitoring, analytics, and observability solutions. Covering topics such as infrastructure monitoring, log management, and application performance monitoring, DataDog Blog provides resources for developers, DevOps engineers, and IT professionals. Developers can learn about best practices, troubleshooting techniques, and optimization strategies for managing complex systems through DataDog's blog posts and guides.

Datadog

Observability Pipelines enables migration of historical logs from Splunk and Elasticsearch to Datadog by routing archived logs through customizable pipelines. The process involves extracting logs from various sources (Elasticsearch snapshots, Splunk archives, S3, GCS, Azure), using the Custom Processor to fix timestamp issues, and storing logs in cloud storage for later rehydration. This approach bypasses real-time data limits in logging platforms and preserves years of historical data critical for security investigations and compliance.

Migrate historical logs from Splunk and Elasticsearch using Observability Pipelines

Extract historical logs from your archives

Fix log timestamps with the Custom Processor

Migrate historical logs with control and flexibility