The Illusion of Thinking: Understanding the Limitations of Reasoning LLMs [pdf] (ml-site.cdn-apple.com)

Kubetail is a general-purpose logging dashboard for Kubernetes, optimized for tailing logs across multi-container workloads in real-time. With Kubetail, you can view logs from all the containers in a workload (e.g. Deployment or DaemonSet) merged into a single chronological timeline, delivered to your browser or terminal.

I launched Kubetail on HN last year and at that time the top request was to add search. Now I'm happy to say we finally have search available in our latest official release (cli/v0.4.3, helm/v0.10.1). You can check it out in action here:

https://www.kubetail.com/demo

Kubetail normally fetches logs using the Kubernetes API, which does not have search built-in. To enable search, click the “Install” button in the GUI or run `kubetail cluster install` in the CLI to deploy a DaemonSet that places a Kubetail agent on every node. Each agent runs a custom Rust binary powered by ripgrep; it scans the node’s log files and streams only matching lines to your browser or terminal. You can think of a Kubetail search as "remote grep" for your Kubernetes logs. Now you don’t need to download an entire log file just to grep it locally.

Since last year we've also added some other neat features that users find helpful. In particular, we built a simple CLI tool that starts the web dashboard on your desktop:

    # Install
    brew install kubetail

    # Run
    kubetail serve

We also added a powerful logs sub-command to the CLI that you can use to follow container logs or even fetch all the records in a given time window to analyze them in more detail locally (quick-start):

    # Follow example
    $ kubetail logs deployments/web \
        --with-ts \
        --with-pod \
        --follow

    # Fetch example
    $ kubetail logs deployments/web \
        --since 2025-04-20T00:00:00Z \
        --until 2025-04-21T00:00:00Z \
        --all > logs.txt

We’ve added a lot more features since last year but these are the ones I wanted to highlight.

I hope you like what we're doing with Kubetail! Your feedback is very valuable so please let us know what you think in the comments here or in our Discord chat.

Andres

Comments (35)

corytheboyd · 36d ago

Damn, if you took out the “Kubernetes” part, and made it generalized, it looks like you built something that I have wanted to see for a long time. I think log explorers work best as a GUI, and that they need deep integration with structured logs. Basically I just want the DataDog log explorer but locally, and able to simply intake from some files. Some have tried, but they are always too simple, not parsing out properties of structured logs and building good filtering on top of that. I think setting up Grafana/Loki/Whatever is way too heavy for such a simple ask.

Anyway all that is anecdotal, what you made here is really cool!

bbkane · 36d ago

Look into https://logdy.dev . I've played around with it a little bit, but really putting some work into learning it and integrating it with OTEL traces is my next side project.

Another alternative is https://openobserve.ai/ . It needs to run as a daemon to ingest logs (instead of opening a file), but it has a really nice UI.

piterrro · 36d ago

Logdy author here, thanks for calling out the project! Kubetail is probably best fit for k8s while Logdy is leveraging more unix-like philosophy of being a self contained tool you can tailor to your needs whether that's tailing files, pumping it through TCP socket or REST API. I have plans to include a sqlite storage so Logdy could be used in environments where permanent storage is needed

corytheboyd · 36d ago

I’ve tried it, but it didn’t seem to have enough structure log support, so I gave up. I just want a way to say “this is a jsonl stream” and have it do the right thing, which is parse out the json paths of each line, and let me filter by those, or add columns for those to the viewer table. It’s not trivial to do this, but that’s exactly why it needs to be done.

andres · 36d ago

Thanks! Part of what enables us to make a helpful lightweight solution is that we're leveraging the Kubernetes API to give logs context without requiring extra configuration. It'd be great to generalize Kubetail but a lot of that depends on how cloud platforms evolve over the next few years. Do you use Kubernetes?

AYBABTME · 36d ago

Sorry for bringing up my own side-project on a "Show HN", but I'm making humanlog.io which does exactly what you want. Local-first log query engine (and tracing too, soon). You feed it your logs and you can search them, aggregate them, and soon make some graphs and dashboards with them. It started as just a CLI tool to parse and make structured logs pretty, and now I'm turning it into a full observability tool on your machine.

It's very WIP but I would love to help you get started if you want to try it out.

glitchcrab · 36d ago

My personal preference for log tailing is Stern. It doesn't have a web UI but then I've never felt like I needed one.

https://github.com/stern/stern

akupila · 36d ago

Happy to see this mentioned and still being useful to people! I started this project 9 years ago at a startup but progress stopped when the startup got acquired. The community took over and has done a fantastic job keeping it alive

andres · 36d ago

If you get a chance to try out the Kubetail CLI, I'd love to hear your thoughts! There's a lot of overlap with stern at the moment but we're planning on adding new features soon that will be unique (e.g. remote grep, system logs).

alexellisuk · 36d ago

I was about to comment about Stern. It's an established well known OSS project - I wonder if the author knew about it, and if so.. what was his inspiration for creating an almost identical clone, albeit with a UI on top?

rc00 · 36d ago

+1 for Stern especially since it only has Go dependencies whereas Kubetail does not. Ease of integration with an existing stack is a bigger addition than the lack of a web UI is a subtraction.

LetMeLogin · 36d ago

Stern is the best!

carlgreene · 36d ago

Wow, this is exactly what I’ve been missing—juggling a dozen kubectl logs windows and still losing context. Seeing all container logs merged in real time is a game-changer for debugging multi-pod workloads. Love that it runs locally against the API—no more sending sensitive logs offsite. Big thanks to the author for saving my sanity here!

biot · 36d ago

While the search offered is handy, I watch logs on multi-pod workloads via:

    kubectl logs -f -l app=api --max-log-requests=50

This follows along all pods with the given label (app: api) for up to 50 pods or however many you want. Quite useful when I'm looking for specific output such as ERROR logs to just pipe it to grep like this:

    kubectl logs -f -l app=api --max-log-requests=50 | grep ERROR

and get realtime filtering of all log output without having to tail individual pods by name.

andres · 36d ago

Thanks! Your comment made my day! It sounds like your use-case is similar to mine when I started working on the project. Now we have a community of contributors working on Kubetail so if you have time, stop by our Discord and let us know what else we can do to help (https://discord.gg/CmsmWAVkvX).

nomilk · 36d ago

I don't use kubernetes but the GUI looks great, I'm looking for something sililar for heroku (currently storing logs in papertrail but haven't found a great way to search through achieved logs, especially locally).

Great demo video btw. Would you mind detailing which software you used to make it? I'd like to do similarly for some of my projects.

andres · 36d ago

Thanks! I used Screen Studio for the demos (https://screen.studio). I had to pay for it but I couldn't find the zoom+highlight feature anywhere else.

Regarding Heroku - I loved Heroku the first time I used it so I set up my Kubernetes cluster to work in a similar way (`git push` to deploy to production). I know K8s has a reputation for being useful only for large deployments/large teams but in my experience this isn't true. You can run a single node cluster and use it to host multiple projects all sharing the same load balancer, or you can scale up to thousands of machines with many microservices working together internally. Would it be helpful for you to see a HOWTO for setting up a Heroku-like K8s cluster?

nomilk · 36d ago

> I used Screen Studio for the demos (https://screen.studio)

Thanks for sharing! The zoom and highlight are so simple but really make your demo pop.

> Would it be helpful for you to see a HOWTO for setting up a Heroku-like K8s cluster?

Sure, I think a lot of people would appreciate that!

nodesocket · 36d ago

I’ve been using Kubetail since the early days it was released in my homelab Kubernetes cluster. It’s fantastic and incredibly easy to setup and configure (unlike Loki + Grapha or ELk). Very polished.

andres · 36d ago

Hi @nodesocket! Thanks for your support! Your help ironing out the bugs after launch was incredibly helpful.

otterley · 36d ago

"Search" feels like a bit of a stretch to me--that suggests that it plays in the same space as OpenSearch or Splunk. There's no index here that I can tell.

"Filter" sounds more accurate.

andres · 36d ago

Yes, there's no index. It uses grep (powered by ripgrep) under the hood.

ai-christianson · 36d ago

This looks awesome --do you cache or store the logs, or is that left up to k8s?

andres · 36d ago

Thanks! Kubetail doesn't cache or store logs itself. By default, it uses the Kubernetes API to fetch logs from your cluster and send them directly to your client (browser or terminal). If the "Kubetail Cluster API" is installed then it uses Kubetail's custom agent to do the same.

ai-christianson · 36d ago

Presumably I can install this (the web frontend) into k8s itself. Is there a helm chart or kustomize?

Would be really cool to install it into k8s and just hit a hosted web endpoint with all the logs and grep/exploration capabilities kubetail has.

andres · 36d ago

Yep! You can use Kubetail on your desktop (using the CLI tool) or you can install it directly in your cluster using helm:

    helm repo add kubetail https://kubetail-org.github.io/helm-charts/
    helm install kubetail kubetail/kubetail --namespace kubetail-system --create-namespace

Then you can access it using `kubectl proxy` or `kubectl port-forward`:

    kubectl port-forward -n kubetail-system svc/kubetail-dashboard 8080:8080

You can also configure an ingress using the values.yaml file (https://github.com/kubetail-org/helm-charts/blob/main/charts...)

badmonster · 36d ago

How does it compare to tools like Loki/Grafana or Stern?

andres · 36d ago

Kubetail is more lightweight than Loki/Grafana. It fetches logs using the Kubernetes API which means you can only see the current state of the cluster but you can use it without installing any additional software or provisioning storage. Our new search feature greps container log files on the nodes themselves as compared to Loki/Grafana that builds a full-text index in the background and queries that at search time (I think).

Stern is a CLI tool which more closely compares to the Kubetail CLI tool (as opposed to the Kubetail web interface). Currently, there's a lot of overlap between the two tools but Kubetail gives you more control over source filters and time. For example with the Kubetail CLI tool you can do queries like this:

    kubetail logs deployments/web \
      --since 2025-05-01T00:00:00Z \
      --until 2025-05-02T00:00:00Z \
      --zone us-east-1a \
      --with-ts \
      --with-node \
      --with-pod \
      --tail=100

I'm not too familiar with stern though so please correct me if I'm wrong. In any case, soon we're going to add more features to the Kubetail CLI tool that will be unique (e.g. remote grep, system logs).

Dlemo · 36d ago

If you don't know about argocd, try it out! It also shows you the logs of containers.

Otherwise check out grafana with Loki (kube-stack)

hnlub · 36d ago

Not to be confused with the other kubetail that also does kube log things.

https://github.com/johanhaleby/kubetail

andres · 36d ago

Thanks for posting a link to Johan's project. I'm in touch with him to figure out the best way to avoid confusing users.

cassianoleal · 36d ago

A good starting point would be to not take over the name of an existing product.

gitroom · 36d ago

bruh merging logs from all pods at once is something i always wanted, props for finally making this sane

never_inline · 36d ago

I have hacked together a shell script using tail -f with multiple inputs (from kubectl log), and fzf (to select namespace/deployment if there are many).

fernandotakai · 36d ago

you can also use stern for that!

https://github.com/stern/stern

Convert Photos to Atkinson Dithering (gazs.github.io)

Bill Atkinson has died (daringfireball.net)

BorgBackup 2 has no server-side append-only anymore (github.com)

Updates to Advanced Voice Mode for paid users (help.openai.com)

Self-Host and Tech Independence: The Joy of Building Your Own (ssp.sh)

Discovering a JDK Race Condition, and Debugging It in 30 Minutes with Fray (aoli.al)

Washington Post's Privacy Tip: Stop Using Chrome, Delete Meta Apps (and Yandex) (tech.slashdot.org)

The time bomb in the tax code that's fueling mass tech layoffs (qz.com)

Low-Level Optimization with Zig (alloc.dev)

Why We're Moving on from Nix (blog.railway.com)

A tool for burning visible pictures on a compact disc surface (github.com)

Researchers develop ‘transparent paper’ as alternative to plastics (japannews.yomiuri.co.jp)

OneText (YC W23) Is Hiring a DevOps/DBA Lead Engineer (jobs.ashbyhq.com)

What was Radiant AI, anyway? (blog.paavo.me)

The FAIR Package Manager: Decentralized WordPress infrastructure (joost.blog)

Getting Past Procrastination (spectrum.ieee.org)

How we decreased GitLab repo backup times from 48 hours to 41 minutes (about.gitlab.com)

Musk-Trump dispute includes threats to SpaceX contracts (spacenews.com)

I read all of Cloudflare's Claude-generated commits (maxemitchell.com)

PyOpticL – Code-to-CAD optical system engineering (github.com)

A year of funded FreeBSD development (daemonology.net)

Why are smokestacks so tall? (practical.engineering)

EFF to the FTC: DMCA Section 1201 Creates Anti-Competitive Regulatory Barriers (eff.org)

If it works, it's not AI: a commercial look at AI startups (1999) (dspace.mit.edu)

Log-Linear Attention (arxiv.org)

The Illusion of Thinking: Understanding the Limitations of Reasoning LLMs [pdf] (ml-site.cdn-apple.com)

Reverse Engineering Cursor's LLM Client (tensorzero.com)

Hate Radio (2011) (rwandanstories.org)

My experiment living in a tent in Hong Kong's jungle (corentin.trebaol.com)

I'm Wirecutter's water-quality expert. I don't filter my water (nytimes.com)

Sharing everything I could understand about gradient noise (blog.pkh.me)

The startling rise of disability in America (2013) (apps.npr.org)

Medieval Africans had a unique process for purifying gold with glass (2019) (atlasobscura.com)

Highly efficient matrix transpose in Mojo (veitner.bearblog.dev)

Sandia turns on brain-like storage-free supercomputer (blocksandfiles.com)

Why Pandas feels clunky when coming from R (2024) (sumsar.net)

Falsehoods programmers believe about aviation (flightaware.engineering)

A masochist's guide to web development (sebastiano.tronto.net)

Show HN: AI game animation sprite generator (godmodeai.cloud)

Odyc.js – A tiny JavaScript library for narrative games (odyc.dev)

Wendelstein 7-X sets new fusion record (heise.de)

Who Needs a Belt 3D Printer When You Have a Treadmill? (hackster.io)

What “working” means in the era of AI apps (a16z.com)

Smalltalk, Haskell and Lisp (storytotell.org)

What you need to know about EMP weapons (aardvark.co.nz)

Too Many Open Files (mattrighetti.com)

Asimov and the Disease of Boredom (1964) (archive.nytimes.com)

Show HN: Air Lab – A portable and open air quality measuring device (networkedartifacts.com)

Workhorse LLMs: Why Open Source Models Dominate Closed Source for Batch Tasks (sutro.sh)

Meta: Shut down your invasive AI Discover feed (mozillafoundation.org)

Show HN: Kubetail – Real-time log search for Kubernetes

Comments (35)