Instana’s Enterprise Observability — SURPRISE — has ALWAYS contained log data.
This post was originally published on the Instana blog.
When Instana introduced the world to “Enterprise Observability,” we talked about concepts that make application observability, monitoring and troubleshooting more useful for broad user types and companies of any size. Instead of parroting the rest of the “observability industry” talking about metrics/traces/logs, we focused on the value Instana brings to users and how they use that data.
We never talked about how Instana has metrics, traces and logs because that’s kind of a given. Some took (or mis-took) that to mean that Instana didn’t actually provide any log data, one of the three legs of the Observability stool. In reality, Instana has always captured, stored and analyzed application log data. Naturally, it’s done within the context of the monitored service, the underlying infrastructure, all service dependencies, overall performance, individual traces and the architecture and performance of the application, itself.
To actually see that data yourself, all you have to do is pop in a trace — and there it is, right on the screen — logs! We had our reasons for putting it here, mostly because the primary use case of examining log data for our users is troubleshooting which is usually done from within either a trace or from our Unbounded Analytics™ advanced analytics engine.
Enterprise Observability: Beyond “simple” observability
Enterprise Observability means moving beyond code — ingesting monitoring metrics, open-source data (if available), traces, log data and even profiles, with an understanding of how all these things work together to make better decisions about operating production applications:
- Full automation in the monitoring lifecycle
- Comprehensive context applied to the entire data set
- Intelligent actions — taken by both our solution and its users
While traditional APM solutions create visibility where there is none within the application code itself, Enterprise Observability creates visibility throughout distributed application services, whether or not they contain custom code — then correlating metrics, logs, traces and profiles (with an eye on dependencies) to get the context of performance in relation to other components. This helps both the platform and its users take more intelligent action to act proactively and solve problems before they occur.
Where does logging data come into Enterprise Observability?
The Instana Platform has been collecting logging data since its early releases. A quick look through our documentation, webinar schedule or partner site and you see a set of analysis partners including Humio, LogDNA and Coralogix. Most recently, Instana exposed logs as a part of the Unbounded Analytics section of the Instana Platform to give users data where they need it, along with the context to correlate logs to metrics and traces, in order to make them actionable faster and more efficiently.
As a bit of background, a log is a programmatically produced file that contains a record of events that happen within a system. The point of a log file is to allow a user to keep track of what an application or service is doing “inside the computer.” Because logs might contain deep data, they can be used to debug an application or service when something goes awry. In the most simplistic form, log messages are recorded into a single log file, thought they can also be recorded into any number of files.
In previous releases of the Instana Platform, contextual log data was available through the dashboard section of an application or service, which enabled users to quickly and efficiently debug and perform root-cause analysis without getting lost in endless screens of log data. Part of the promise of Enterprise Observability is context and the ability to connect data with other data. While interesting, one could argue that data without context is almost irrelevant. To that end, and in order to bring better context to our users, we decided to expose the same logging data we already collected on the Unbounded Analytics section in order to make log information easier to absorb and correlate with the other data Instana collects.
Adding application logs into Instana’s Unbounded Analytics
In addition to seeing the information when analyzing a trace, log information is available as a filtering parameter within Instana’s Unbounded Analytics deep analysis engine, which provides analysis of the log data through our structured query mechanism. Utilizing a structured query mechanism allows developers and users to analyze error and warning logs, making it easier, faster and more precise to troubleshoot application issues.
With this in mind, Instana still partners with popular log aggregation tools in order to both integrate with a user’s existing IT Operations ecosystem and to provide a more traditional System Information and Event Management experience if a user is looking for even more information. But exposing logging data within our Trace analysis and Unbounded Analytics leverages even richer context to enable more intelligent actions, while keeping our users from getting drowned in a sea of logging data and continuing our delivery of a fully automated Enterprise Observability solution.
See Instana in action by checking out this “play with” demo.