Schemaless Log Search Over Cheap Object Storage Without Per-GB Indexing Fees

dev tool venture scale •• multiple requests

Engineering teams keep fleeing Datadog and Splunk over per-GB ingest pricing that turns into six-figure monthly bills at scale. A new generation (Parseable, Quickwit, OpenObserve, Datadog's own CloudPrem) stores logs directly in S3/object storage and queries without a proprietary index layer. But gaps remain: Azure App Service / Functions / AKS log formats aren't first-class in any of these, cross-stream joins are still weak, and nobody has nailed 'Sumo-level ergonomics on Grafana-level price.' April 2026 Show HN 'Rover' is attacking the Azure side explicitly; the AWS equivalent is the bigger prize.

builder note

Pick one cloud vendor and own its quirky log formats end-to-end. The 'universal log search' category is crowded; 'I emit this Azure Container App log format and your thing just parses it' is an underserved wedge. Ship as Docker compose + Helm chart, charge per-TB-scanned, undercut Datadog's CloudPrem by 70% and still have margin.

landscape (6 existing solutions)

The decoupled 'cheap object storage + serverless query engine' architecture won. The remaining differentiation is (a) ingest-side parsers for messy vendor-specific formats (Azure, M365, CloudTrail JSON dialects), (b) query language ergonomics that don't feel like SQL-in-regex, and (c) alerting + saved-query UX that matches Sumo/Elastic. A focused player owning 'Azure-native log schemas, first-class' could take the Azure half before the AWS-biased incumbents notice.

Parseable S3-native, Rust. Strong for generic JSON logs. Azure-specific log schemas (App Service CDN, Functions invocation logs) aren't first-class; cross-stream joins are limited.

Quickwit Excellent search-over-S3 engine but now part of Datadog's acquisition. Roadmap under Datadog's control.

OpenObserve Full-stack observability with object-storage backend. Strong UI but not yet the muscle-memory default, and Azure coverage is thin.

Datadog CloudPrem Datadog's reaction to the flight. You get their UX but still inside their pricing model. Not an escape, just a discount path.

Grafana Loki 'Prometheus for logs,' label-based. Full-text over the message body is still slow/awkward at TB+ scale compared to purpose-built search engines.

AWS Athena / Azure Log Analytics Native-cloud query engines. Athena is powerful but per-query-byte-scanned pricing bites hard if you don't partition perfectly. Log Analytics has its own ingest tax.

sources (4)

other https://www.parseable.com/blog/datadog-log-management-cost "S3-native storage instead of proprietary indexing eliminates the per-GB fees that make Datadog expensive" 2026-03-12

hn https://news.ycombinator.com/item?id=47679021 "search engine for petabytes of raw logs in Azure... strip away the indexing tax" 2026-04-14

other https://www.datadoghq.com/blog/introducing-datadog-cloudprem... "Store and search logs at petabyte scale in your own infrastructure" 2026-02-25

other https://www.elastic.co/blog/querying-a-petabyte-of-cloud-sto... "Querying a petabyte of cloud storage in 10 minutes" 2026-01-20

observabilitylogsobject-storagedatadog-alternativeazure