🩺 Vitals
- 📦 Version: v0.121.1 (Released 2026-04-30)
- 🚀 Velocity: Active (Last commit 2026-05-05)
- 🌟 Community: 26.8k Stars · 2.1k Forks
- 🐞 Backlog: 1537 Open Issues
🏗️ Profile
- Official: signoz.io
- Source: github.com/SigNoz/signoz
- License: MIT (Core) | Custom (Enterprise Edition)
- Deployment: Docker | Kubernetes
- Data Model: ClickHouse (Columnar OLAP)
- Jurisdiction: USA 🇺🇸 (SigNoz Inc.)
- Compliance (SaaS): SOC 2 Type II | HIPAA
- Compliance (Self-Hosted): HIPAA Eligible
- Complexity: High (4/5) - Distributed ClickHouse cluster; requires dedicated DevOps bandwidth
- Maintenance: Medium (3/5) - ClickHouse storage tuning and OTel collector management required
- Enterprise Ready: Moderate (3/5) - Basic auth included; SAML SSO and fine-grained RBAC require paid Enterprise Edition
1. The Executive Summary
What is it? SigNoz is an open-core full-stack observability platform that unifies APM, logs, and distributed tracing into a single OpenTelemetry-native interface. Developed by SigNoz Inc. (USA) and VC-backed, it is purpose-built as a self-hostable alternative to DataDog, replacing per-host, per-GB, and per-custom-metric pricing with owned ClickHouse storage. The MIT-licensed community core is fully functional; SAML/OIDC SSO, fine-grained RBAC, and Ingest Guard are gated behind the proprietary Enterprise Edition.
The Strategic Verdict:
- 🔴 For Teams Needing Enterprise SSO or Strict RBAC from Day One: Caution. SAML 2.0 and OIDC SSO are paywalled in the Enterprise Edition — evaluate the commercial cost before assuming the community edition meets your access control baseline. Google Workspace OAuth2 was recently moved to the community tier, but SAML remains gated.
- 🟢 For Engineering Teams Escaping DataDog's Pricing Model: Strong Buy. ClickHouse storage eliminates per-host fees, log ingestion taxes, and custom metric charges in a single move. OpenTelemetry-native architecture means zero instrumentation lock-in — telemetry pipelines reroute to any backend with no application code changes.
2. The "Hidden" Costs (TCO Analysis)
| Cost Component | DataDog (SaaS) | SigNoz (Self-Hosted) |
|---|---|---|
| Host Fees | $15–$23/host/mo | Unlimited hosts |
| Log Ingestion | $0.10/GB tax | $0 (owned storage) |
| Custom Metrics | Per-metric surcharge | Unlimited metrics |
| Data Retention | Costly beyond 30 days | Cheap (disk / S3) |
3. The "Day 2" Reality Check
🚀 Deployment & Operations
- Installation: Deployed via Helm charts on Kubernetes. Spins up the Query Service, OpenTelemetry Collector, and ClickHouse cluster — the latter requiring careful storage and replication configuration for production workloads.
- Scalability: ClickHouse ingests millions of telemetry events per second on modest hardware. The OpenTelemetry-native architecture guarantees zero instrumentation lock-in — pipelines can be rerouted to any compliant backend with no application changes.
🛡️ Security & Governance (Risk Assessment)
- Jurisdiction & Geopolitics (USA 🇺🇸): SigNoz Inc. is a US corporation (Delaware C-Corp, San Francisco HQ) subject to the CLOUD Act. SaaS telemetry data can be compelled by US government without notifying the data subject. For EU operators under GDPR or NIS2 mandates — where telemetry may contain personal identifiers — self-hosting eliminates CLOUD Act exposure entirely.
- The Compliance Shift: The SigNoz Cloud SaaS tier holds SOC 2 Type II and HIPAA certifications (verified via Trust Center). Self-hosting transfers the full compliance posture to the operator — ClickHouse cluster security, network access policies, and PII scrubbing via OpenTelemetry processors are the operator's responsibility. HIPAA Eligible posture is achievable on self-hosted, but requires deliberate data scrubbing configuration to prevent PHI from entering trace and log storage.
- License Risk (MIT Core + Proprietary Enterprise Edition): The community core is MIT-licensed — permissive and forkable. The Enterprise Edition gates SAML 2.0/OIDC SSO, fine-grained RBAC, and Ingest Guard behind a proprietary commercial licence. The open-core boundary has shifted across releases — Google Workspace OAuth2 previously required Enterprise and was moved to community — demonstrating the vendor's ability to redefine this boundary unilaterally. Single-company contributor base and VC backing amplify the governance risk of future relicensing.
4. Market Landscape
🏢 Proprietary Incumbents
- DataDog: The dominant cloud observability SaaS. Per-host, per-log-GB, and per-custom-metric pricing compounds dramatically at scale; all telemetry transits DataDog's US-managed infrastructure with no self-hosting option.
- New Relic: Full-stack observability SaaS with consumption-based pricing. No self-hosting option; data residency options are limited compared to a fully sovereign self-hosted stack.
🤝 Open Source Ecosystem
- Grafana: The primary open-source observability alternative — more modular than SigNoz but operationally more complex, requiring independent configuration of metrics, logs, and traces pipelines.
- Uptime Kuma: A lightweight companion for external availability and uptime monitoring — covers the synthetic check layer that SigNoz does not natively address.