Why I built this: I got tired of the CloudWatch debugging loop - staring at raw log streams, writing ad hoc Insights queries, mentally correlating timestamps across invocations, and still not understanding why my Lambda was failing. I wanted something where I could drop a file and immediately see "94% of your failures occur within 200ms of a DynamoDB ProvisionedThroughputExceededException - switch the Payments table to on-demand capacity." Actual root causes, not just "error rate is high."
Technical approach: The core engine is a Go binary compiled to WASM (~analysis.wasm). At build time, Vite computes its SHA-256 hash and bakes it into the JS bundle. At runtime, the browser fetches the WASM, verifies the hash with crypto.subtle.digest before instantiation, and then all parsing and analysis happens in WebAssembly linear memory. The server only sees metadata (file size for rate limiting, a session key). No log content is ever transmitted.
Inside the WASM, there are four analysis modules: a SemanticLogClusterer (groups log lines by pattern, masks variables - so you see "ProvisionedThroughputExceededException: Rate exceeded for table *" appearing 48 times across 12 requests), a ResourceCorrelationEngine (links error spikes to upstream causes like throttling or cold starts), a ColdStartRegressionAnalyzer, and an AnomalyDetector (catches things like slowly increasing memory usage suggesting a leak).
The frontend is vanilla ES modules - no React, no framework. Vite bundles it. Tailwind for styling. The backend is just Vercel serverless functions handling auth, rate limiting, and encrypted storage for Pro users who want to save analyses.
There's also a browser extension (Chrome, Firefox, Edge) that injects an "Analyze" button directly into the CloudWatch console, so you can skip the export step entirely.
What's hard: Tuning the correlation engine thresholds. "94% of failures within 200ms of throttling" is a real finding from testing, but getting the confidence intervals right across wildly different log shapes(a 50-invocation Lambda vs. a 10,000-request API Gateway) is an ongoing challenge. I'm also debating whether to open-source the WASM engine.
What I'd love feedback on:
- Is the zero-knowledge / client-side-only angle compelling enough to overcome the "just another log tool" reaction?
- The free tier is 3 analyses/day. Too low? Too high?
- Would you want a CLI version that pipes CloudWatch logs directly?
You can try a no-signup demo on the landing page - just scroll a bit to see the analysis output on sample logs.
Free tier available, no credit card required.