Curtis Collicutt
Outcome Oriented Technologist, Sales Engineer, and Cybersecurity Expert
NegaLog
Find the logs that should exist but don't
Monday morning. You walk in to find the payment processing job stopped running Friday at 6pm. No errors. No alerts. It just...stopped. Three days of orders sitting unprocessed. $47,000 in delayed revenue. Angry customers. A manager asking "how did no one notice?"
The job didn't fail - it silently disappeared. Your monitoring watched for errors, but there were none. The absence of expected logs went undetected.
This is why NegaLog exists. Instead of watching for what went wrong, it watches for what should have happened but didn't.
Traditional log analysis tools search for patterns that exist. NegaLog inverts the paradigm: define what logs should exist, and it reports what's missing. Detect incomplete transactions, monitor scheduled jobs, and verify error handling - all by identifying the absence of expected log entries. Open source CLI tool written in Go with support for sequence detection, periodic monitoring, and conditional absence detection across multiple log files.
NegaLog supports commercial plugins for production use. See NegaLog Watch below for continuous monitoring.
Features
- Auto-detect timestamp formats in any log file
- Sequence gap detection (start events without matching end events)
- Periodic absence detection (missing heartbeats, health checks)
- Conditional absence detection (triggers without expected consequences)
- Cross-service correlation via correlation IDs
- Webhook notifications (Slack, PagerDuty, custom endpoints)
- Plugin architecture for extensibility
Commercial Plugins
Production-ready extensions for NegaLog
NegaLog Watch
Real-Time Continuous Monitoring
Transform NegaLog from batch analysis into 24/7 production monitoring. NegaLog Watch continuously tails your log files and evaluates rules in real-time, providing immediate detection of missing logs with production-ready state persistence, alert deduplication, and performance-tested reliability.
While the open source NegaLog CLI is perfect for batch analysis and one-off investigations, NegaLog Watch transforms it into a production monitoring solution that runs continuously, maintains state across restarts, and integrates seamlessly with your alerting infrastructure.
Open Source vs Commercial
| Capability | NegaLog OSS | NegaLog Watch |
|---|---|---|
| Rule engine (sequence, periodic, conditional) | ||
| Batch analysis mode | ||
| Webhook notifications | ||
| Real-time continuous monitoring | ||
| State persistence (survives restarts) | ||
| Alert deduplication (prevent fatigue) | ||
| Automatic log rotation handling | ||
| Production stress tested (millions of logs) |
Use NegaLog OSS for investigations and one-time analysis. Use NegaLog Watch for 24/7 production monitoring.
NegaLog Watch Features
Purchase NegaLog Watch
Get production-ready continuous monitoring with state persistence, alert deduplication, and 24/7 reliability.
About Curtis
Curtis is a technologist who works to make systems safer and easier to use. He adopts a socio-technical approach to complex challenges via human-centred solutions. Throughout his career, which has spanned work with university libraries, start-ups and enterprises, he has been a trusted advisor to customers and stakeholders. He is constantly learning and growing, and through organisations like TAICO, he helps others do the same.