logspectre — Cloud log storage waste auditor. Part of SpectreHub.
- Scans CloudWatch Logs, GCP Cloud Logging, and Azure Monitor for waste
- Detects stale log groups, missing retention policies, and unread logs
- Checks ingestion activity, consumer subscriptions, and storage metrics
- Estimates monthly cost per finding
- Outputs text, JSON, SARIF, and SpectreHub formats
- Not a log analysis tool — audits infrastructure, not content
- Not a monitoring tool — point-in-time scanner
- Not a remediation tool — reports only, never modifies log groups
- Not a log aggregator — does not read, ship, or process log data
brew tap ppiankov/tap
brew install logspectregit clone https://github.com/ppiankov/logspectre.git
cd logspectre
make buildlogspectre scan --provider aws --region us-east-1 --format json| Command | Description |
|---|---|
logspectre scan |
Scan cloud log storage for waste |
logspectre init |
Generate config file and permissions |
logspectre version |
Print version |
logspectre feeds log storage waste findings into SpectreHub for unified visibility across your infrastructure.
spectrehub collect --tool logspectrelogspectre operates in read-only mode. It inspects and reports — never modifies, deletes, or alters your log groups.
| Document | Contents |
|---|---|
| CLI Reference | Full command reference, flags, and configuration |
MIT — see LICENSE.
Built by Obsta Labs