From log noise to signal: Building a noise reduction sidecar for infrastructure observability

Every infrastructure team hits the same wall: millions of log events per day, 99% noise, and the options are enterprise SIEM at six figures or alert rules that generate their own fatigue. In this talk, Alex shares the architecture of a noise reduction sidecar built to sit between log sources and observability backends like Loki/Grafana. The approach uses the Drain3 log parsing algorithm for automatic template extraction, count-based deduplication, and time-window aggregation to compress raw log volumes by orders of magnitude. Alex covers practical decisions for small teams: why Drain3, why pluggable input and output adapters matter, and what tuning looks like against real production logs from OpenStack, Kubernetes, and SDN networking.