Scheduled - As part of the "Dataless data platform" vision Coralogix is after, allowing direct queries from any remote storage - Our teams will deprecate the old Coralogix archive format (V1-the legacy format, CSV) and move all our customers to a new format (V2- Introduced in March 2021, TSV) This new format solves a few compatibility issues and improves performance, but mainly enables 2 critical features:

1) Direct Archive queries with Lucene - directly query your S3 bucket using the Lucene syntax for data that was never indexed (Monitoring / Compliance use cases in Coralogix TCO optimizer)

2) SQL & Parsing on-the-fly - Query archived logs using SQL including multiple functions that can be applied on archived data.

Both features are available under the Coralogix dashboard > TCO > Archive query - If you have this tab - you are probably running on the Coralogix Archive V2 and can ignore this message. If you do not have archive queries enabled, this means the upcoming change will affect your archive format, if you have any other processes reading that format or running analysis on it, you may want to review them and adjust.

Soon - we will enable direct archive queries from the Coralogix standard Logs UI, opening a new way of analyzing data in real-time with our Streama service (Alerts, Anomalies, Live tail, Version Benchmarks, Logs2Metrics, Dashboards, Loggregation templates) then querying the data directly from your own archive, with no retention limitation and at 60% lower cost.


Here is a simple example for the new TSV format:
2021-08-15T03:32:01.483+00:00 Debug {"message":"flushing all buffer forcedly"} BitBucket bitbucket CORALOGIX

Timestamp{TAB}Severity{TAB}Log payload{TAB}Application{TAB} Subsystem{TAB}

Our support teams are here for any question 24/7.
Aug 15, 11:31 IDT