ShipSquad

How to Set Up Log Aggregation

intermediate12 minDevOps

Configure centralized log collection, storage, and analysis across all your services and infrastructure.

What You'll Learn

This intermediate-level guide walks you through how to set up log aggregation step by step. Estimated time: 12 min.

Step 1: Choose your log stack

Select the ELK stack for open source, Grafana Loki for lightweight aggregation, or Datadog Logs for managed simplicity.

Step 2: Configure log shipping

Install Fluentd, Filebeat, or Vector on your servers to collect and forward logs to your centralized platform.

Step 3: Standardize log format

Implement structured JSON logging across all services with consistent fields for timestamp, service, level, and correlation IDs.

Step 4: Build search and analysis

Create saved searches, log-based alerts, and analysis dashboards for common operational and debugging scenarios.

Step 5: Set up retention policies

Configure log retention tiers with hot storage for recent logs, warm for searchable archives, and cold for compliance retention.

Frequently Asked Questions

ELK, Loki, or Datadog for logs?

Datadog for simplest setup and best correlation with metrics. Loki for cost-effective Grafana-integrated logging. ELK for maximum flexibility and self-hosted control.

How long should I keep logs?

Hot storage for 7-14 days, warm for 30-90 days, cold archive for compliance requirements. Balance searchability needs with storage costs.

How do I correlate logs across services?

Use correlation IDs generated at the edge and passed through all service calls. Include trace IDs in every log entry for distributed tracing.

Further Reading

Complete Guide to AI Agents in 2026

Everything about AI agents and automation

Ready to assemble your AI squad?

10 specialized AI agents. One mission. $99/mo + your Claude subscription.

Start Your Mission