Introducing Detective

Find the needle in the log haystack

Detective uses ML to surface the anomalies that matter from millions of noisy telemetry events.

View DemoSign up
#alerts
RocketGraph
RocketGraph DetectiveAPPToday at 3:42 AM
Health: CRITICAL|Deploy #4821|542,847 logs analyzed|Wake on-call: YES

Summary

Critical issues detected: database deletion and DataNode exceptions. Immediate investigation required.

Anomaly insights

[amazon-store-local] cluster 7NEW

Critical data loss due to entire database deletion.

> 081109 203615 INFO deleted entire database

[amazon-store-local] cluster 8

Potential data transfer issues due to exceptions in DataNode.

> WARN DataNode$DataXceiver: Got exception while serving blk_168...

[amazon-store-local] cluster 13

Blocks marked as invalid could indicate data corruption.

> INFO FSNamesystem: BLOCK* NameSystem.delete: blk_197944... added to invalidSet

Recommended actions

  1. Investigate and restore the deleted database immediately.
  2. Check DataNode logs for root causes of exceptions.
  3. Review block invalidation logs to ensure data integrity.
👀3
🚨2

Detective compares log patterns before and after each deployment to surface unusual changes in real time.

Log Clustering

Terabytes of logs. Hundreds of patterns.

Detective clusters your logs into digestible pattern snapshots. Feed them to Claude Code, your custom agents, or any AI tool to debug faster. No more drowning in raw logs.

  • Clusters by semantic similarity, not keywords
  • Export snapshots for AI agents like Claude Code
  • Spot new patterns after each deployment
  • Find what broke without reading millions of lines

Ingest from

Datadog
New Relic
Sentry
Loki
OpenTelemetry

Cluster

DB
HTTP
Auth
Cache
PatternsAnomaly
Isolation Forest Analysis
Contamination Score0.023%
d=2SIGSEGV in worker thread 7-0.89
d=3Stack overflow in recursive call-0.82
d=2OOM killer invoked for process-0.78
d=8Connection established to db-primary0.12
d=9Request processed in 45ms0.23

Lower depth = easier to isolate = more anomalous

Isolation Forest

Detect contamination in your log data

Isolation Forest is an unsupervised ML algorithm that isolates anomalies by randomly partitioning data. Anomalies are easier to isolate, requiring fewer splits. Detective uses this to find contamination - logs that do not fit the normal patterns of your system.

  • No training data required - fully unsupervised
  • Isolates anomalies with fewer random splits
  • Scores each log by isolation depth
  • Works on high-dimensional log vectors

The Detective Pipeline

From ingestion to alerting - how your logs flow through Detective

Ingest
DatadogDatadog
New RelicNew Relic
SentrySentry
LokiLoki
K8s Deploys
Analyze
ML Engine
Log Clustering
Isolation Forest
Anomaly Scoring
Integrate
Webhooks

Claude agents

Custom bots

Slack/Discord

Alert
Alert Gate

LLM filter

Noise reduction

Smart routing

Pull logs from your existing observability stack and deployment events from Kubernetes

Vectorize, cluster, and score anomalies using log clustering and Isolation Forest

Send to your agents via webhooks - Claude, custom bots, or any integration

A lightweight LLM decides if an alert is worth sending to reduce noise

Simple, transparent pricing

Pay based on your log ingestion volume. Start free and scale as you grow.

Starter

For small projects and testing

$0/month
  • Up to 1M logs/month
  • 7-day retention
  • Community support
Get started free
Most Popular

Pro

For growing teams

$200/month
  • Up to 50M logs/month
  • Everything in Starter
  • Log clustering
  • Isolation Forest detection
  • Webhook integrations
  • LLM alert filtering
  • 30-day retention
  • Priority support
Start 14-day trial

Enterprise

For large-scale deployments

Custom
  • Unlimited logs/month
  • Everything in Pro
  • Custom retention
  • SSO & SAML
  • Dedicated support
  • SLA guarantee
Talk to sales

Stop searching. Start finding.

Let Detective surface the anomalies that matter. No more manual log trawling during incidents.

View DemoSign up