Cost Optimization Guide

Drop noisy logs safely with explicit rules

Noise is any high-volume event with low diagnostic value. Removing it is the fastest path to cleaner dashboards.

Why this problem exists

Noisy categories differ by product, so teams need policy ownership instead of one-off filters.

Logs are frequently retained out of caution even when they are not used in alerts or triage.

Noisy streams can dominate ingestion and storage costs.

Operationally, noise dilutes alerts and slows incident detection.

Start with obvious noise classes: health checks, static asset requests, and repetitive success responses.
Pair every drop rule with an owner and a rollback plan.
Retain full raw logs in S3 to reduce risk while tuning drop policy.

LogTrim applies explicit rule packs before ingestion and keeps policy changes centralized.

Teams can reduce noise incrementally without losing control over retention.

An API team dropped repetitive cache-hit success logs and kept latency anomalies and all error paths.

Dashboards became easier to interpret during incidents.

Start with high-noise categories, keep high-signal logs in Datadog, and archive full retention in S3.