datasets are the new standard. Large tech and cybersecurity companies already need to manage petabytes of logs. Splunk, Elastic, and other solutions eventually hurt companies' innovation: retention is limited, query time is too long, high TCO. 3
be fast, scalable, and reliable at petabyte-scale for a fraction of the costs: Built in Rust, and powered by Tantivy, a leading search engine library maintained by Quickwit. With decoupled compute and storage (all data on object storage) Stateless Schemaless Quickwit is at least 10x more cost-efficient than existing solutions and you don't need a whole team to manage petabytes. 4
security teams managing more than 1TB of logs Cybersecurity companies: XDR/MSSP, Threat Intelligence Financial services companies: audit and transaction search 11
Inverted index Fast analytics Columnar storage Cost-efficient Object storage native Stateless architecture Elasticsearch/Splunk Grafana/Loki Quickwit Best of Both Worlds: Offers unparalleled fast search and analytics on object storage, setting a new standard in the industry. 12
standard for efficient data retrieval from object storage Stored directly on object storage. Composed of 3 datastructures: Row-oriented storage: Enables fast document access Inverted Index: Enables fast lookups Columnar Storage: Enables fast analytics. 14
Migration from OpenSearch to Quickwit divided CPU costs by 5, storage costs by 2 while increasing retention by 10. Cluster size: 40PB ingested, 5x10¹³ of log entries, 7.5 PB on S3, more than 500 instances. Quickwit sizing for ~1 PB/day: 200 pods with 6000 milliCPU, 8GB of RAM per pod. Exactly-once semantic thanks to Kafka native integration. 15
OpenSearch to Quickwit: From 40 instances to a couple of instances (not yet in production, sizing under evaluation) while increasing retention by 10. Cost-efficient multi-tenant setup thanks to Quickwit cooperative indexing and stateless search. Seamless integration in Grafana thanks to Quickwit plugin. 16
Privacy matters in log search. 2024: Double license AGPL / Commercial license to remove AGPL restrictions and provide enterprise support services. 2025: Open-Core with commercial license for enterprise features. Example: Encryption per tenant/bucket. 18
with large log datasets. Partnerships: With cloud providers, large tech companies and consulting companies who recommend Quickwit to their clients. Community: Open-source version to build a community around Quickwit. 19
Started 3 years ago; built on top of Tantivy library with over 6 years of development. Adoption: Used by > 200 companies (OSS version). Trusted by leading tech companies: Crypto company: Manages over 40 petabytes of logs across more than 500 instances. Fly.io: Supports over 100,000 tenants. YC Log SaaS Company: Manages over 1 petabyte. 20
Creator of Tantivy Pascal, Senior Search Engineer > 10 years of XP Adrien, Co-founder > 10 years in Distributed Systems Trinity, Senior Rust Software engineer > 5 years of XP François, Co-founder > 10 years of XP as SSWE Rémi, Cloud & Data Senior Engineer > 10 years of XP Damien, UX/Rust Senior Engineer > 10 years of XP 21
thousands of indexes. Q2 2024: OpenSearch Dashboard support Enable OpenSearch users to migrate seamlessly to Quickwit with their existing dashboards. Q3 2024: Pipe-based query language Introduction of a flexible and powerful query language similar to SPL (Splunk Query Language) Q4 2024 - 2025: Metrics support New storage engine optimized for time series data. 22
search. Drop-in for Elasticsearch, Splunk, Datadog (log), Google Chronicle and other solutions. Innovative companies with petabytes of logs will use Quickwit or will have to implement their own solution. 23
itpresstour
knih
sonic
line_developers_tw
sucitw
shoota
icck
wyamazak_devrel
jacopen
edeandrea
asei
ebiken
cryptopeg
soudai
bkeepers
seathinner
samanthasiow
samtorres
aleyda
reverentgeek
tmiket
rabernat
tamaranovitovic
eileencodes
![Thank you! Contact [email protected] 24](https://files.speakerdeck.com/presentations/46a86a024f2c46d282733d4e7ba1a028/slide_23.jpg){kind=link}