← All modules
monitoring

Logs

Live

Log aggregation and analysis from multiple sources (SSH, Docker, Kubernetes, HTTP).

event.type === "log" modules/logs
Overview

What Logs does

Logs forwards structured log records from any source — a Pino logger, a console.* call, an SSH tail, a Docker stdout stream, a Kubernetes pod, an HTTP webhook. The plugin installs a secondary Pino destination that mirrors records into a `log` event without disturbing the primary stdout/pretty stream. Modules can be allowlisted or denylisted with `includeModules`/`excludeModules`.

On the storage side, log entries land in a libSQL FTS5-indexed table. Saved filters become first-class objects you can share by URL. The dashboard renders a tail-able view with level, service, message, and a metadata blob — all queryable with the same full-text grammar.

Wire payload

Same shape, three syntaxes

The wire protocol is plain HTTP, plain JSON, HMAC-SHA256. The TypeScript tab uses the SDK; the cURL tab is the raw HTTP equivalent; the Python tab shows the preview SDK shape. 

import { createCuittyClient } from "@cuitty/sdk";
import { logsPlugin } from "@cuitty/sdk/plugins/logs";

const cuitty = createCuittyClient({
  portalUrl: "https://app.cuitty.com",
  projectId: process.env.CUITTY_PROJECT_ID!,
  apiKey: process.env.CUITTY_API_KEY!,
});
cuitty.use(logsPlugin());
cuitty.start();

import { logger } from "./utils/logger.js";

cuitty.use(logsPlugin({
  logger,
  minLevel: "info",
  excludeModules: ["heartbeat", "metrics"],
}));
SDK plugin

Drop-in plugin

@cuitty/sdk/plugins/logs 
import { logsPlugin } from "@cuitty/sdk/plugins/logs";
import { logger } from "./utils/logger.js";

cuitty.use(logsPlugin({ logger, minLevel: "info" }));
Storage

Database schema

Excerpt from modules/logs/schema.sql. One libSQL file per module — back it up with cp. 

CREATE TABLE IF NOT EXISTS log_entries (
  id INTEGER PRIMARY KEY AUTOINCREMENT,
  source_id INTEGER NOT NULL REFERENCES log_sources(id) ON DELETE CASCADE,
  project_id TEXT,
  timestamp INTEGER NOT NULL,
  level TEXT NOT NULL,
  service TEXT,
  message TEXT NOT NULL,
  metadata TEXT,
  indexed_at INTEGER DEFAULT (unixepoch())
);

Related modules

AC
monitoring

Performance

Runtime process metrics — CPU, memory, event loop, and GC for instrumented services.

SH
security

Audit

Comprehensive audit logging for all admin actions with before/after diffs.

SE
management

Configs

Configuration management and synchronization with versioning and a diff viewer.