BrontoBronto
For Humans

Intelligent Observability,
Without the Complexity

Search terabytes of logs, metrics, and traces in sub-seconds, with 12 months of retention out of the box.

Bronto Metrics interface
Bronto Monitors interfaceBronto My Data interface

Logs

Filter with smart SQL autocomplete and keyboard-driven shortcuts. Results return in seconds — even across terabytes. Drill into any attribute, view raw logs, or jump straight into traces from the log table.

Contentstack logo
Nasuni logo
Medihive logo
Nitro logo
Zyte logo
Manna logo
i3D.net logo
CreditLogic logo
GTS logo
Contentstack logo
Nasuni logo
Medihive logo
Nitro logo
Zyte logo
Manna logo
i3D.net logo
CreditLogic logo
GTS logo

Full fidelity, always hot, fully managed data

Always Hot Data

Every byte of telemetry is instantly queryable — no rehydration, no cold tiers, no waiting.

Long-Term Retention

12 months of retention included out of the box. Keep your data as long as you need it.

Full Fidelity, Full Coverage

No sampling, no aggregation, no data loss. Every log, trace, and metric stored exactly as received.

Transparent Usage & Controls

See exactly what you're ingesting and what it costs. Set quotas, alerts, and exclusion filters in seconds.

Fast at Large Scales

Sub-second queries across petabytes of data. Purpose-built indexing that scales with your growth.

Always Parsed & Searchable

At ingestion, Bronto parses your logs using known formats or AI — so every field is structured and instantly searchable.

Bronto simplicity mascot

Simple by design, faster to resolve

Smart SQL Autocomplete

Write queries faster with intelligent suggestions that know your schema.

Sub-Second Search

Filter terabytes of logs and get results in under a second.

Live Tail

Watch your logs stream in live as events happen, with instant filtering on the running feed.

Link Logs to Code

Jump from any log line straight to the exact source line that emitted it.

Log-to-Trace Correlation

Jump from any log line directly into its parent trace.

AI Investigation

Let AI investigate issues across your logs and surface root causes in seconds.

Trace-to-Log Linking

Jump from any span into its correlated log lines.

Full Span View

Drill into every span across services, spot errors instantly, and filter the waterfall to isolate slow paths.

Error Pinpointing

Errored spans are highlighted and surfaced in the waterfall so you can spot problems at a glance.

Filter Traces with SQL

Query and filter your traces with the same familiar SQL you use for logs in Bronto.

Sort & Filter by Errors or Latency

Rank every operation across services by error rate or p50/p95 latency to find the worst offenders instantly.

Every Span, Rich with Detail

Inspect span details, event attributes, and full span attributes for any request, then jump straight into the correlated logs.

High-Cardinality Support

Store millions of unique tag combinations without performance loss.

12-Month Retention

Every metric kept hot and queryable for a full year.

Infrastructure Metrics

CPU, memory, disk, network — collected and correlated automatically.

Filter Metrics with SQL

Across the entire platform — including metrics — use familiar SQL to slice and filter your data with autocomplete on every tag.

Save to Dashboard or Alert

Turn any metric into a dashboard widget or promote it straight into a monitor — one click, no rebuilding the query.

Dashboard Templates

Bronto recognises known formats — Kafka, OTel host metrics, and more — and builds a ready-to-use dashboard from your metrics in seconds.

Log-Based Metrics

Visualise petabytes of log data instantly — turn any query into a live chart with no pre-aggregation required.

SQL Filtering at Scale

Slice and filter every widget on a dashboard with blazing-fast SQL, even across massive datasets.

Build Widgets with Natural Language

Just describe what you want to see and Bronto figures out the rest — no query language required.

Petabyte-Scale Visuals

Charts render in seconds, even over massive data volumes.

Shared & Private Views

Collaborate with your team or keep personal dashboards private.

Get the Full Picture

One-year retention by default — query long time ranges at a fraction of the cost.

Metric & Log Alerts

Alert on any metric threshold or log pattern match.

AI Investigation Reports

When triggered, AI generates root cause analysis automatically.

Templates Based on Your Data

Bronto detects the data formats you're sending and recommends ready-to-add monitor templates tailored to what you actually have.

Multi-Channel Delivery

Route alerts to Slack, email, or webhooks.

Thresholds & Change Detection

Alert on fixed thresholds or let Bronto flag statistically significant deviations from the baseline using Z-score change detection.

Build Monitors with a Prompt

Describe the alert you want in plain English and Bronto builds the monitor for you — no query syntax required.

Universal Ingestion

OpenTelemetry native and more — all supported. Just paste your config in and Bronto will convert it. No vendor lock-in.

Usage Explorer

The Search & Ingestion Explorer lets you drill down into exactly how your platform is being used — by whom, on what data, and at what volume.

Usage Alerts

Set thresholds on ingestion and search volume — get notified the moment usage crosses your limits.

Auto-Parsing

Logs are parsed at ingestion using known formats or AI.

Manage Tags & Teams

Tag every dataset and assign owners so teams can organise, filter, and govern their telemetry at scale.

Value Attribution

See which datasets are pulling their weight — and which ones are sitting unused — so you can attribute value to every TB ingested.

Bronto AI does the hard work,
so you can keep building.

AI is embedded throughout the entire platform — removing toil, surfacing root causes, and helping your team find answers in seconds, not hours.

ERRORcdn_mock_data cdn_test_005/06/2026, 18:25:29.814
InvestigateAnalysis complete

Root Cause Analysis Report

Generated: May 06, 2026 17:26:00 Window: Apr 29 → May 06

1. Analysis

Primary Issue

Sustained, high-volume backend receive errors (BG-ERROR-RECV) returning HTTP 503 across the API fleet.

Scope Description
  • Total errors: ~7.1M across the 7-day window, 20 buckets
  • Volume is consistently massive — ~343K to ~371K per bucket, indicating a chronic, systemic failure
  • Signature (BG-ERROR-RECV, HTTP 503) points to Fastly edge failing to receive a valid response from origin (api.host78.us.example.com)
  • Protocol anomaly: request_protocol: "UDP" — invalid for HTTP API endpoint
  • Edge: fastly_is_edge: true — failure at edge tier before app layer
  • Response time: 3643ms — requests stalling at backend before drop
  • Trend: slight decline mid-window (Apr 30–May 02 ~360K) then rebounding sharply (May 05–06 ~371K) — worsening

2. Hypothesis & Next Steps

Probable Cause

Backend origin servers behind Fastly are failing to handle TCP connections reliably — likely origin pool exhaustion, a crashing upstream, or a network-level issue preventing edge nodes from completing the handshake. The UDP protocol field suggests either malformed requests forwarded to origin (misconfigured VCL) or a logging pipeline bug masking the true protocol.

Immediate Next Steps
  1. Investigate the UDP anomaly at Fastly. Review VCL config for api.host78.us.example.com; pull real-time logs filtered to cache-iad-kcgs_* to check if errors concentrate on specific PoPs (especially IAD).
  2. Assess origin server health. Check CPU, memory, file descriptors, and connection queue depth. Review app logs from May 05 17:00 → May 06 17:26 for crash loops, OOM events, or dependency failures.

Report confidence: High — volume consistency and error signature indicate a reproducible failure mode requiring parallel edge and origin investigation.

Related queries

  • service:api status:503 host:"api.host78.us.example.com"
  • fastly_is_edge:true error_code:BG-ERROR-RECV
  • pop:cache-iad-kcgs_* response_time:>3000
Errors / hour (7d)503 · BG-ERROR-RECV
Apr 29May 02May 06
Inbox · 1 of 248

[Bronto] Investigation Report · New org created in US

Bronto
Bronto<reports@bronto.io>9:57 AM
to me
Bronto
Investigation Report
Generated automatically by Bronto AI
Resolved

A new organization was created in the US which triggered the "New org created in US" monitor. Trial setup completed successfully and no anomalies or service issues were detected.

What happened

The monitoring workflow detected the creation of a new organization in the US region and automatically generated an investigation report. The system successfully created the organization, customer account, user account, and trial limits without interruption.

Why it happened

This investigation was triggered intentionally by the "New org created in US" monitor. The monitor notifies the team whenever a new trial organization is provisioned in production. The behavior matches expected onboarding activity.

Troubleshooting suggestions

No immediate action is required. Recommended follow-up: validate welcome email delivery, monitor early ingestion activity, and confirm billing and trial entitlements remain correctly applied over the next 24 hours.

09:57:25Organization createdSuccess
09:57:26Customer record createdSuccess
09:57:28User account createdSuccess
09:57:35Trial setup completedSuccess
Severity
Low
Region
US
Duration
10s
Impact
None
Investigation ID · inv_01HNK77
You're receiving this because you subscribed to the "New org created in US" monitor.
Raw Logs
20 lines
12026-05-06T15:50:29.023Z [INFO] payment-svc PUT /api/v1/orders 201 89ms tid=ae082847-7c3a-41 uid=usr_7cnszlRequest processed successfully
22026-05-06T15:50:32.023Z [INFO] api-gateway PUT /api/v1/payments 400 791ms tid=773c4702-1d37-48 uid=usr_6xjqtfAuthentication token validated
32026-05-06T15:50:35.023Z [ERROR] payment-svc GET /api/v1/orders 200 652ms tid=cb18b186-cc39-49 uid=usr_st05bjRequest processed successfully
42026-05-06T15:50:38.023Z [DEBUG] payment-svc POST /api/v1/auth/login 400 851ms tid=c51e1053-4d29-41 uid=usr_zeg1z5Rate limit threshold approaching
52026-05-06T15:50:41.023Z [WARN] auth-service DELETE /api/v1/health 500 851ms tid=6cbfce21-94aa-49 uid=usr_rix8ibRate limit threshold approaching
62026-05-06T15:50:44.023Z [DEBUG] order-service DELETE /api/v1/auth/login 500 329ms tid=991c6b2e-290e-4e uid=usr_tf7nqiRequest processed successfully
72026-05-06T15:50:47.023Z [ERROR] auth-service DELETE /api/v1/payments 400 207ms tid=21bc8db6-faca-4a uid=usr_4yhgbpRate limit threshold approaching
82026-05-06T15:50:50.023Z [INFO] api-gateway POST /api/v1/orders 201 142ms tid=f47ac10b-58cc-4a uid=usr_k3m9wpAuthentication token validated
92026-05-06T15:50:53.023Z [WARN] payment-svc GET /api/v1/payments 200 998ms tid=b7d2c891-3f12-49 uid=usr_8nv2qsRequest processed successfully
102026-05-06T15:50:56.023Z [ERROR] auth-service PUT /api/v1/health 500 412ms tid=a92e0c14-9b88-4d uid=usr_pl4xtbRate limit threshold approaching
112026-05-06T15:50:59.023Z [INFO] order-service POST /api/v1/orders 201 76ms tid=5e1f8a73-2c44-41 uid=usr_q9c1zrRequest processed successfully
122026-05-06T15:51:02.023Z [DEBUG] payment-svc GET /api/v1/payments 200 583ms tid=c2d9b6e0-7f33-48 uid=usr_h7d3yfAuthentication token validated
132026-05-06T15:51:05.023Z [INFO] api-gateway DELETE /api/v1/auth/login 400 921ms tid=e8b4f3a1-4d28-42 uid=usr_b2x8mnRate limit threshold approaching
142026-05-06T15:51:08.023Z [WARN] auth-service PUT /api/v1/health 500 305ms tid=3a7c9d2e-1b55-4f uid=usr_v4w6ksRequest processed successfully
152026-05-06T15:51:11.023Z [ERROR] payment-svc POST /api/v1/orders 201 188ms tid=8f2e1a6c-9c77-43 uid=usr_j1n5pqAuthentication token validated
162026-05-06T15:51:14.023Z [INFO] order-service GET /api/v1/payments 200 754ms tid=d4b8e7f0-3a99-45 uid=usr_t8r2lcRequest processed successfully
172026-05-06T15:51:17.023Z [DEBUG] api-gateway PUT /api/v1/auth/login 400 432ms tid=1c5b9e8d-6e22-4a uid=usr_g6f9hdRate limit threshold approaching
182026-05-06T15:51:20.023Z [INFO] payment-svc DELETE /api/v1/health 500 611ms tid=9b3d6f2a-8c11-49 uid=usr_m3e7vbRequest processed successfully
192026-05-06T15:51:23.023Z [WARN] auth-service POST /api/v1/orders 201 95ms tid=7e2a4b1c-5d66-48 uid=usr_y5u1xaAuthentication token validated
202026-05-06T15:51:26.023Z [ERROR] order-service GET /api/v1/payments 200 488ms tid=2f8c1d9e-4b33-47 uid=usr_o2k4wnRequest processed successfully
Parsed Logs
10 fields detected
#timestamplevelservicemethodpathstatusdurationtrace_iduser_idmessage
12026-05-06T15:50:29.023ZINFOpayment-svcPUT/api/v1/orders20189ae082847-7c3a-41usr_7cnszlRequest processed successfully
22026-05-06T15:50:32.023ZINFOapi-gatewayPUT/api/v1/payments400791773c4702-1d37-48usr_6xjqtfAuthentication token validated
32026-05-06T15:50:35.023ZERRORpayment-svcGET/api/v1/orders200652cb18b186-cc39-49usr_st05bjRequest processed successfully
42026-05-06T15:50:38.023ZDEBUGpayment-svcPOST/api/v1/auth/login400851c51e1053-4d29-41usr_zeg1z5Rate limit threshold approaching
52026-05-06T15:50:41.023ZWARNauth-serviceDELETE/api/v1/health5008516cbfce21-94aa-49usr_rix8ibRate limit threshold approaching
62026-05-06T15:50:44.023ZDEBUGorder-serviceDELETE/api/v1/auth/login500329991c6b2e-290e-4eusr_tf7nqiRequest processed successfully
72026-05-06T15:50:47.023ZERRORauth-serviceDELETE/api/v1/payments40020721bc8db6-faca-4ausr_4yhgbpRate limit threshold approaching
82026-05-06T15:50:50.023ZINFOapi-gatewayPOST/api/v1/orders201142f47ac10b-58cc-4ausr_k3m9wpAuthentication token validated
92026-05-06T15:50:53.023ZWARNpayment-svcGET/api/v1/payments200998b7d2c891-3f12-49usr_8nv2qsRequest processed successfully
102026-05-06T15:50:56.023ZERRORauth-servicePUT/api/v1/health500412a92e0c14-9b88-4dusr_pl4xtbRate limit threshold approaching
112026-05-06T15:50:59.023ZINFOorder-servicePOST/api/v1/orders201765e1f8a73-2c44-41usr_q9c1zrRequest processed successfully
122026-05-06T15:51:02.023ZDEBUGpayment-svcGET/api/v1/payments200583c2d9b6e0-7f33-48usr_h7d3yfAuthentication token validated
132026-05-06T15:51:05.023ZINFOapi-gatewayDELETE/api/v1/auth/login400921e8b4f3a1-4d28-42usr_b2x8mnRate limit threshold approaching
142026-05-06T15:51:08.023ZWARNauth-servicePUT/api/v1/health5003053a7c9d2e-1b55-4fusr_v4w6ksRequest processed successfully
152026-05-06T15:51:11.023ZERRORpayment-svcPOST/api/v1/orders2011888f2e1a6c-9c77-43usr_j1n5pqAuthentication token validated
162026-05-06T15:51:14.023ZINFOorder-serviceGET/api/v1/payments200754d4b8e7f0-3a99-45usr_t8r2lcRequest processed successfully
172026-05-06T15:51:17.023ZDEBUGapi-gatewayPUT/api/v1/auth/login4004321c5b9e8d-6e22-4ausr_g6f9hdRate limit threshold approaching
182026-05-06T15:51:20.023ZINFOpayment-svcDELETE/api/v1/health5006119b3d6f2a-8c11-49usr_m3e7vbRequest processed successfully
192026-05-06T15:51:23.023ZWARNauth-servicePOST/api/v1/orders201957e2a4b1c-5d66-48usr_y5u1xaAuthentication token validated
202026-05-06T15:51:26.023ZERRORorder-serviceGET/api/v1/payments2004882f8c1d9e-4b33-47usr_o2k4wnRequest processed successfully
Build with BrontoBeta
Preview
Preview
Describe your dashboard and click Generate to see a preview.

Loved by teams
around the world

Bronto fundamentally changed how we think about logging. We went from treating logs as a necessary evil — expensive, unreliable, and limited — to making them a key asset. The combination of unlimited retention, lightning-fast search, and AI-powered insights means we catch issues much earlier, often before customers notice them. But the real transformation is cultural: every team now has access to the data they need, when they need it.

Teamwork.com icon

Paul Griffin

Head of Platform Engineering

Case study

Bronto's long-term always-hot days mean we can access data with sub-second search, whether it's from last week or last year. This is huge for our security and AI strategy as we continue to revolutionize how we work at Nitro. For AI-powered analysis of our logs, data availability is key — it's just not possible with only a few days of retention. Bronto has become a key part of our toolkit when we think of log data and how it will play an important role for engineering, security and product teams going forward.

Nitro icon

John Fitzpatrick

CTO

Case study

Tasks that used to take 15 minutes are now almost instant. I find myself using Bronto much more than the previous tool simply because it's faster and more responsive. I can quickly ask questions and get immediate answers, which makes it easier to explore insights that were previously hard to uncover. With a year's worth of data retention instead of just 90 days, I can now identify annual trends and patterns I couldn't see before. This extended retention opens the door for much deeper analytics.

Nasuni icon

Brian Elliott

Senior Engineering Manager, SaaS Services

Case study

It's a night and day difference to our previous logging provider. Bronto typically returns results in seconds, while our old vendor took over 30 minutes and frequently failed to render visualizations. Bronto has come a long way with everything from usage to UI. Our users are getting what they're looking for.

Contentstack icon

Jaymin Patel

Team Lead

Case study

Bronto helped us cut costs and centralize our multi-cloud application logging, as well as providing cost-effective 12 month retention for billing-related events. Troubleshooting is now significantly faster, and having all our logs correlate properly in one place has been a game-changer for our team.

Zyte icon

Joaquín Sargiotto

DevOps Team Lead

Case study

The TCO reduction is significant — we're saving hundreds of thousands annually. But the real value is in new and significantly enhanced capabilities. A significant reduction in time to root cause, investigating issues from months ago, having logs actually available during incidents — these aren't just improvements, they're game-changers. Our SysOps team now get to work on platform innovation instead of keeping Graylog alive.

Teamwork.com icon

Aodh O'Mahony

Engineering Manager

Case study

Bronto fundamentally changed how we think about logging. We went from treating logs as a necessary evil — expensive, unreliable, and limited — to making them a key asset. The combination of unlimited retention, lightning-fast search, and AI-powered insights means we catch issues much earlier, often before customers notice them. But the real transformation is cultural: every team now has access to the data they need, when they need it.

Teamwork.com icon

Paul Griffin

Head of Platform Engineering

Case study

Bronto's long-term always-hot days mean we can access data with sub-second search, whether it's from last week or last year. This is huge for our security and AI strategy as we continue to revolutionize how we work at Nitro. For AI-powered analysis of our logs, data availability is key — it's just not possible with only a few days of retention. Bronto has become a key part of our toolkit when we think of log data and how it will play an important role for engineering, security and product teams going forward.

Nitro icon

John Fitzpatrick

CTO

Case study

Tasks that used to take 15 minutes are now almost instant. I find myself using Bronto much more than the previous tool simply because it's faster and more responsive. I can quickly ask questions and get immediate answers, which makes it easier to explore insights that were previously hard to uncover. With a year's worth of data retention instead of just 90 days, I can now identify annual trends and patterns I couldn't see before. This extended retention opens the door for much deeper analytics.

Nasuni icon

Brian Elliott

Senior Engineering Manager, SaaS Services

Case study

It's a night and day difference to our previous logging provider. Bronto typically returns results in seconds, while our old vendor took over 30 minutes and frequently failed to render visualizations. Bronto has come a long way with everything from usage to UI. Our users are getting what they're looking for.

Contentstack icon

Jaymin Patel

Team Lead

Case study

Bronto helped us cut costs and centralize our multi-cloud application logging, as well as providing cost-effective 12 month retention for billing-related events. Troubleshooting is now significantly faster, and having all our logs correlate properly in one place has been a game-changer for our team.

Zyte icon

Joaquín Sargiotto

DevOps Team Lead

Case study

The TCO reduction is significant — we're saving hundreds of thousands annually. But the real value is in new and significantly enhanced capabilities. A significant reduction in time to root cause, investigating issues from months ago, having logs actually available during incidents — these aren't just improvements, they're game-changers. Our SysOps team now get to work on platform innovation instead of keeping Graylog alive.

Teamwork.com icon

Aodh O'Mahony

Engineering Manager

Case study

Bronto fundamentally changed how we think about logging. We went from treating logs as a necessary evil — expensive, unreliable, and limited — to making them a key asset. The combination of unlimited retention, lightning-fast search, and AI-powered insights means we catch issues much earlier, often before customers notice them. But the real transformation is cultural: every team now has access to the data they need, when they need it.

Teamwork.com icon

Paul Griffin

Head of Platform Engineering

Case study

Bronto's long-term always-hot days mean we can access data with sub-second search, whether it's from last week or last year. This is huge for our security and AI strategy as we continue to revolutionize how we work at Nitro. For AI-powered analysis of our logs, data availability is key — it's just not possible with only a few days of retention. Bronto has become a key part of our toolkit when we think of log data and how it will play an important role for engineering, security and product teams going forward.

Nitro icon

John Fitzpatrick

CTO

Case study

Tasks that used to take 15 minutes are now almost instant. I find myself using Bronto much more than the previous tool simply because it's faster and more responsive. I can quickly ask questions and get immediate answers, which makes it easier to explore insights that were previously hard to uncover. With a year's worth of data retention instead of just 90 days, I can now identify annual trends and patterns I couldn't see before. This extended retention opens the door for much deeper analytics.

Nasuni icon

Brian Elliott

Senior Engineering Manager, SaaS Services

Case study

It's a night and day difference to our previous logging provider. Bronto typically returns results in seconds, while our old vendor took over 30 minutes and frequently failed to render visualizations. Bronto has come a long way with everything from usage to UI. Our users are getting what they're looking for.

Contentstack icon

Jaymin Patel

Team Lead

Case study

Bronto helped us cut costs and centralize our multi-cloud application logging, as well as providing cost-effective 12 month retention for billing-related events. Troubleshooting is now significantly faster, and having all our logs correlate properly in one place has been a game-changer for our team.

Zyte icon

Joaquín Sargiotto

DevOps Team Lead

Case study

The TCO reduction is significant — we're saving hundreds of thousands annually. But the real value is in new and significantly enhanced capabilities. A significant reduction in time to root cause, investigating issues from months ago, having logs actually available during incidents — these aren't just improvements, they're game-changers. Our SysOps team now get to work on platform innovation instead of keeping Graylog alive.

Teamwork.com icon

Aodh O'Mahony

Engineering Manager

Case study
Getting Started

From zero to insight in minutes

Bronto is designed so your team can start finding answers on day one — not day thirty.

Step 1

Connect your data

Send logs, metrics, and traces using OpenTelemetry, Fluentd, Datadog agents, or any standard format. No proprietary lock-in.

OpenTelemetry logo
Fluent Bit logo
Fluentd logo
Vector logo
Datadog logo
Fastly logo
AWS logo
Azure logo
OpenTelemetry logo
Fluent Bit logo
Fluentd logo
Vector logo
Datadog logo
Fastly logo
AWS logo
Azure logo
Step 2

Auto-parsed & structured

AI recognises known formats and structures every field automatically — no manual pipelines needed.

Step 3

Prebuilt Dashboards, monitors and search filters

Pre-built templates match your data shape so you can visualise immediately.

Step 4

Get answers instantly

Query terabytes of data in sub-seconds using SQL. Correlate logs-metrics-traces across anytime frame. Identify patterns and anomalies and let AI find the answers.

Want to see the full product in action?

Get a walkthrough from our team or jump straight in with a free trial.