🌊 Logtide 0.5.0: Making Observability Simpler and More Powerful

Source: Dev.to

Overview

Logtide 0.5.0 ships with a suite of features that make log analysis more intuitive while keeping deployments dead simple. You can now choose between the full power of Redis or a minimal PostgreSQL‑only setup.

Views

Table ↔ Terminal toggle

From the search page you can switch between Table and Terminal views. Terminal mode shows logs in a classic monospace style with ANSI‑style colour coding by log level:

[2025-01-31T14:23:45.123Z] [ERROR] [api-gateway] Database connection timeout
[2025-01-31T14:23:46.456Z] [WARN]  [auth-service] Rate limit approaching threshold
[2025-01-31T14:23:47.789Z] [INFO]  [web-server]   Request completed in 45ms

The preference persists across sessions and works seamlessly with Live Tail.

Detection Packs

Security alerts no longer require deep knowledge of Sigma rules. Browse the gallery, pick a pack (e.g., web attacks, brute‑force attempts, suspicious behaviour patterns), and enable it with a single click. Each pack ships with battle‑tested Sigma rules using logsource.product: any for broad compatibility.

All rules are fully customizable, so you can fine‑tune them beyond the starter configuration.

Automatic Correlation

Logtide now extracts identifiers such as request_id, trace_id, user_id, or any custom correlation field from your log metadata. Clicking an identifier instantly displays every related event across all services—distributed tracing without the need for a dedicated tracing infrastructure.

Alert Preview

Before activating an alert rule, test its conditions against historical data. The preview shows exactly which logs would have triggered the alert, allowing you to validate thresholds and eliminate false positives.

Redis Optional

Redis is now completely optional. If REDIS_URL is not provided, Logtide falls back to PostgreSQL‑based alternatives:

A new docker-compose.simple.yml deploys only PostgreSQL and Logtide—ideal for development, testing, or smaller production workloads. Existing Redis‑based deployments remain unaffected.

Security Hardening & Bug Fixes

Security hardening

• Enhanced regex validation with injection prevention
• Expanded rate limiting to additional routes
• Fixed SQL‑injection vulnerability in notification publisher (now uses proper parameterized queries)

Bug fixes

• Log context modal no longer reopens after closing via URL params
• Fixed WebSocket memory leak in live‑tail handler
• Exception details now correctly extract error data from metadata fields

UX improvements

• Exception stack traces now include context fields (env, service, version, hostname)
• Copy button for stack traces
• Better formatting for error metadata

Upgrade Instructions

Standard upgrade (with Redis)

docker compose pull
docker compose up -d

Switch to Redis‑free deployment

docker compose -f docker-compose.simple.yml pull
docker compose -f docker-compose.simple.yml up -d

No database migrations or breaking changes are required.

Upcoming Features

• Rate‑of‑change alerts: Statistical baselines that trigger on anomalies rather than static thresholds
• Advanced correlation: Multi‑hop event graphs visualising request flows across the entire stack
• Enhanced PII masking: GDPR‑compliant automatic redaction of sensitive data

Try Logtide

• Cloud:
• Self‑hosted:
• Docs:

Full changelog: v0.4.2…v0.5.0