Enterprise

Built for the deployments that don't make the public roadmap.

Air-gapped clusters. BYO-cloud with your KMS keys. Signed package repos. Multi-region failover. A named SRE on call. Tell us what your environment looks like — we'll tell you what we already ship and what we'll build.

BYO cloud·air-gap·signed packages·24×7 SRE
Talk to salesArchitecture overview
Deployment capabilities
BYO cloud
AWS / GCP / Azure / OCI
Air-gapped
Zero outbound to control plane
Signed packages
apt + yum + GHCR · GPG-signed
Multi-region
Active-active · automatic failover
BYOK / SSE-KMS
Your KMS, your bucket
24×7 support
Named SRE · 1h response
SLAs negotiated per deployment99.95% target
Platform team checklist

Every question already has an answer.

The questions a senior platform engineer asks before a single pod ships. We answered them when we built the agent, not after a sales call.

Data flow
Q

Does our data touch your servers?

A

No. Compression happens on the agent inside your cluster; compressed chunks go directly from the agent to your bucket. We handle routing config and a training model — metadata only.

Secrets
Q

Who holds the keys?

A

You do. Your KMS keys, your bucket policy, your VPC endpoint. Our agent never gets long-lived credentials; it authenticates via your cloud’s native identity federation.

Revocation
Q

Can we revoke access instantly?

A

Yes. Named API keys per environment (prod, staging, CI). Revoking a key stops that deployment in under a second without touching the others. No approval workflow, no support ticket.

Scaling
Q

What happens when we double our cluster?

A

DaemonSet — one agent per node. Cluster grows, agents grow with it. No central broker, no bottleneck, no per-agent license.

Observability
Q

How do we monitor the agent itself?

A

/health endpoint per pod, Prometheus metrics, structured JSON logs. Integrates with whatever you already use to watch DaemonSets. The dashboard shows live ratio + upload lag per agent.

Cutover
Q

How do we roll back?

A

Delete the Helm release. Your log pipeline is exactly where it was — we deployed alongside, never in front. No data rewriting, no queue drain, no coordination meeting.

Coexistence
Featured question

The #1 unblocker for platform-team approval. Answered before they ask.

Q

Do we have to uninstall the Datadog / Splunk / New Relic / Dynatrace agent we already run?

A

No. That agent keeps running for APM, metrics, NPM, code-level tracing, security — everything it already does. You flip log collection off on that agent with a single config flag, then add Sasquatch as a separate DaemonSet that handles only logs. Two agents on the same node, no conflict, reversible in seconds. Nobody at your company has to approve ripping out your observability stack.

Turn off logs, keep everything else — one flag per vendor
Datadog Agentlogs_enabled: false
Splunk OTelremove filelog receiver
New Relic Infralogs: enabled: false
Dynatracedisable Log Monitoring per host group
Ops signature
Ships as Helm · deploys as DaemonSet · rolls back with helm uninstall.
1,500+ ev/s/agentCNCF-alignedZero-trust auth