Sysdig gains Kubernetes observability and 80% faster log access

Sysdig’s DevOps team initially relied on a custom-built observability solution using Amazon Athena and open-source tools to manage and analyze logs stored in S3. While it checked the box for log collection, the system was cumbersome and hard to query. Engineers struggled to customize searches for different log types, and accessing data required complex tooling—making logs effectively unusable for most team members. This limited visibility created friction in troubleshooting, slowed mean time to detection (MTTD), and hindered full observability across Kubernetes environments.

Sysdig adopted Mezmo’s Active Telemetry Platform to centralize and simplify log management with native support for Kubernetes.
Key Mezmo capabilities included:

• Kubernetes Agent and Enrichment for seamless contextual insights across clusters
• Unified log aggregation and processing via a single platform
• Built-in alerting to trigger notifications based on real-world context
• Graphing and visualization tools for fast, intuitive analysis
• Automatic S3 archiving that keeps historical logs searchable and compliant

For the Sysdig DevOps team, Mezmo has greatly simplified log management and delivered critical observability into complex systems like Kubernetes, which few other log management solutions support natively. At the same time, Mezmo ensures that everyone on the Sysdig team can access visibility insights whenever they need to. This helps the Sysdig team achieve the same level of operational observability in its systems as Sysdig provides to its customers through its security observability solutions.