🚨 Why CISOs Are Rethinking The Pipeline? We Asked 7 Of Them & Here Are The Results >>>
Learn how a leading U.S. healthcare company used Axoflow to gain log observability, improve syslog-ng monitoring, and cut data costs by 30% in days.
Péter Wilcsinszky - Axoflow
by 
Peter Wilcsinszky
October 21, 2025
and
No items found.
axoflow
syslog-ng

Cutting Storage Costs and Boosting Visibility: How a Leading Healthcare Company Reduced Log Storage Costs by 30% with Axoflow

Collecting security data and logs is critical - but for many enterprises, it comes with skyrocketing costs. One of the largest U.S. healthcare companies was processing over 10 TB of log data daily, with limited insight into where that data came from or how much value it delivered. Using Axoflow’s security data pipeline management platform, they achieved full data pipeline visibility, identified high-volume, low-value sources, and reduced log storage costs by 30% - all within days of deployment.

Challenge: Exploding Log Data and Rising Costs

One of the largest healthcare companies in the U.S. - with over 10 TB of log data per day—faced a growing problem: exploding storage costs and limited visibility into their log data flows.

Their syslog-ng–based logging pipeline spanned multiple data centers and thousands of log sources. Yet, identifying which sources and departments were contributing the most data was cumbersome. Tracking high-volume, low-value logs within Splunk and determining what to filter out required tedious, manual work.

To cut costs, we wanted something that shows us the log messages based on their total volume, so we could start filtering what’s not needed. With Axoflow, this literally took only minutes. Seeing for the first time what data sources contribute to the whole, and the characteristics of this data, was revelatory.

Goals: Data Pipeline Visibility and Control

The customer’s objectives were clear:

  • Gain end-to-end visibility into their data pipeline
  • Understand which routers and sources were sending how much data - and what that data consisted of
  • Identify and filter out high-volume, low-value log sources

Integrate seamlessly with their existing syslog-ng infrastructure - no extensive reconfiguration or replacement required.

The Axoflow Solution: Smart yet Simple Syslog-ng Monitoring

The customer deployed Axolet agents on their existing syslog-ng nodes. Without touching the data itself, Axolet collects real-time analytics and performance metrics, sending them to the Axoflow Console (SaaS) for visualization and analysis.

Within minutes, operators could see a complete picture of their data flow - from source to Splunk - using intuitive dashboards and customizable Sankey analytics. The pipeline topology view revealed health, bottlenecks, and trends across every node.

Key capabilities included:

  • Measuring SIEM data contributions by business unit or source
  • Visualizing and analyzing data volume per source and destination
  • Mapping which hosts sent logs to which Splunk index
  • Detecting fallback traffic and routing anomalies
  • Monitoring syslog-ng node performance to spot bottlenecks or drops

Rapid Deployment, Immediate Insights

Deploying Axolet on a syslog-ng instance and connecting it to Axoflow Console took less than a minute. The first metrics appeared instantly, giving teams the visibility they needed to act fast.

After initial testing, the full production rollout was completed within days - with no downtime and minimal instrumentation.

Results: 25% Less Data, 30% Lower Costs

With Axoflow in place, the company achieved measurable results:

  • 25% reduction in overall data volume
  • 30% decrease in operational costs
  • Immediate visibility into data flows and bottlenecks
  • Rapid identification of redundant or unnecessary logs
  • Future-ready foundation for advanced data optimization

Looking Ahead: Future-Proofing Log Observability

The customer’s success didn’t end there. Their next steps include upgrading to AxoRouter for centralized management, automatic classification, and data reduction.

Takeaway

With Axoflow, this major healthcare company turned a black-box log pipeline into a transparent, efficient, and cost-effective observability ecosystem. They gained the visibility to act strategically - reducing costs today while laying the groundwork for smarter data management tomorrow.

Follow Our Progress!

We are excited to be realizing our vision above with a full Axoflow product suite.

Sign Me Up
This button is added to each code block on the live site, then its parent is removed from here.
Request a demo

Fighting data Loss?

Balázs Scheidler

Book a free 30-min consultation with syslog-ng creator Balázs Scheidler

Book a Call

Recent Posts

Axoflow’s Storage Strategy: Building the Security Data Layer
Splunk .conf25 - The Role of the Pipeline
From API Calls to True Pipeline Integrations