Elastic, Loki and SigNoz – A Perf Benchmark of Open-Source Logging Platforms

This page summarizes the projects mentioned and recommended in the original post on news.ycombinator.com
search-engine Rust Observability Benchmark Search

InfluxDB
Our great sponsors
  • InfluxDB - Power Real-Time Data Analytics at Scale
  • WorkOS - The modern identity platform for B2B SaaS
  • SaaSHub - Software Alternatives and Reviews
Our great sponsors

  • logs-benchmark

    Logs performance benchmark repo: Comparing Elastic, Loki and SigNoz

    • Unfortunately it's misunderstood in the benchmark how Grafana Loki should be queried for high cardinality data. See also https://github.com/SigNoz/logs-benchmark/issues/1

  • vector

    A high-performance observability data pipeline.

    • Keeping Vector out of the benchmark game shows that Signoz couldn't beat it

    https://github.com/vectordotdev/vector

  • InfluxDB

    Power Real-Time Data Analytics at Scale. Get real-time insights from all types of time series data with InfluxDB. Ingest, query, and analyze billions of data points in real-time with unbounded cardinality.

    InfluxDB logo

  • Elasticsearch

    Free and Open, Distributed, RESTful Search Engine

    • Benchmarks are always "It depends".

    And what it depends on are your data volume, how you want to query, whether you value ingestion greater than query speed and timeliness and so forth.

    Elastic sweet spot is that it indexes everything, and you can query fast as a result. But it does this at the cost of ingest as it's doing the work to build indexes during ingestion and so ingest is more CPU intensive and can hit limits here.

    Loki sweet spot is that it has very few indexes, so ingestion is cheap and extremely capable for huge data volumes. It does this at the cost of query performance over very large data sets - without indexes it brute forces via mapreduce, which means you really want to specific where to look (which log streams) and when to look (a time window) and in that it excels.

    ClickHouse sweet spot is the indexes are very explicitly configured by engineers who know what the data looks like and how they want to query it. Now the ingest cost is balanced, and the query performance is great - but it did this at the cost of you knowing your data and how you're going to query it most of the time - it's not so good for esoteric questions that you'd never anticipated (though you can get very far through some of their column data types allowing you to be reasonably flexible on this).

    They all have sweet spots, and a benchmark is not going to answer the real questions - what data volume do you have, what do you value (ingest and preserve everything vs fastest query speed for ad-hoc queries vs a balanced approach), do you know how you want to query the data, etc?

    Other thoughts:

    Loki has recently moved to TSDB for the backend storage, these benchmarks don't go there.

    Elastic can use less disk if you configure for synthetic source (https://github.com/elastic/elasticsearch/issues/86603) which discards the raw byte copy of the ingested data and only retains knowledge in the indexes, and uses the indexes to reconstruct the source should you request it.

    Nothing to add about ClickHouse, I've used all three databases and worked against all three for huge volumes of data - if I want a more OLAP style querying than OLTP then ClickHouse absolutely shines here, Elastic and Loki shine far more for OLTP workloads (though Elastic does a good job at doing pretty well for more OLAP cases than Loki does today).

  • db-benchmarks

    Fair database benchmarks framework and datasets

  • flog

    :tophat: A fake log generator for common log formats (by SigNoz)

  • babble

    A small utility to generate random words in #golang (by tjarratt)

  • opentelemetry-collector-contrib

    Contrib repository for the OpenTelemetry Collector

    • What schema does SigNoz use with Clickhouse? The Open Telemetry Collector uses this schema https://github.com/open-telemetry/opentelemetry-collector-co... and I found out that accesing map attributes is much slower (10-50x) compared to regular columns. I expected some slow down but this is too much.

  • WorkOS

    The modern identity platform for B2B SaaS. The APIs are flexible and easy-to-use, supporting authentication, user identity, and complex enterprise features like SSO and SCIM provisioning.

    WorkOS logo

  • opentelemetry-collector-co

    • What schema does SigNoz use with Clickhouse? The Open Telemetry Collector uses this schema https://github.com/open-telemetry/opentelemetry-collector-co... and I found out that accesing map attributes is much slower (10-50x) compared to regular columns. I expected some slow down but this is too much.

  • lightrun

    Lightrun is a Developer-Native Observability Platform, for developers by developers

    • [1] https://github.com/lightrun-platform/lightrun/tree/main/exam...

  • quickwit

    Cloud-native search engine for observability. An open-source alternative to Datadog, Elasticsearch, Loki, and Tempo.

    • How is it compared to https://quickwit.io ?

  • serilog-sinks-seq

    A Serilog sink that writes events to the Seq structured log server

    • https://datalust.co/seq (my employer) uses a custom database built with Rust. We are about to remove the last C# database code because, as the previous commenter noted, garbage collection and databases don't mix.

    Over the next few years I expect we will see a lot of new databases written in Rust.

    https://blog.datalust.co/what-will-seq-vnext-look-like-on-th...

NOTE: The number of mentions on this list indicates mentions on common posts plus user suggested alternatives. Hence, a higher number means a more popular project.

Suggest a related project

Related posts