Instana’s Enterprise Observability – SURPRISE – has ALWAYS contained Log Data
When Instana introduced the world to “Enterprise Observability,” we talked about concepts that make application observability, monitoring and troubleshooting more useful for broad user types and companies of any size. Instead of parroting the rest of the ”observability industry” talking about Metrics / Traces / Logs, we focused on the value Instana brings to users when they use that data.
We never talked about how Instana has Metrics, Traces, and Logs because that’s kind of a given. Some took (or mis-took) that to mean that Instana didn’t actually provide any log data, one of the three legs of the Observability stool. In reality, Instana has always captured, stored and analyzed application log data. Naturally, it’s done within the context of the monitored service, the underlying infrastructure, all service dependencies, overall performance, individual traces and the architecture and performance of the application, itself.
To actually see that data yourself, all you have to do is pop in a trace — and there it is, right on the screen — Logs! We had our reasons for putting it here, mostly because the primary use case of examining log data for our users is troubleshooting which is usually done from within either a trace or from our Unbounded Analytics™ advanced analytics engine.
The value of Enterprise Observability
Enterprise Observability means moving beyond code: ingesting monitoring metrics, open source data (if available), traces, log data and even profiles, with an understanding of how all these things work together to make better decisions about operating production applications:
- Full Automation in the Monitoring Lifecycle
- Comprehensive Context applied to the entire data set
- Intelligent Actions — taken by both our solution and its users
While traditional APM solutions create visibility where there is none within the application code itself, Enterprise Observability creates visibility throughout distributed application services, whether or not they contain custom code — then correlating metrics, logs, traces and profiles (with an eye on dependencies) to get the context of performance in relation to other components. This helps both the platform and its users take more intelligent action to act proactively and solve problems before they occur.
Where does Log Data come into Enterprise Observability?
The Instana Platform has been collecting logging data since its early releases. A quick look through our documentation, webinar schedule or partner site and you see a set of analysis partners including Humio, LogDNA and Coralogix. Most recently, Instana exposed logs as a part of the Unbounded Analytics section of the Instana Platform to give users data where they need it, along with the context to correlate logs, to metrics and traces, together to make actionable insights faster and more efficiently.
As a bit of background, a log is a programmatically produced file that contains a record of events that happen within a system. The point of a log file is to allow a user to keep track of what an application or service is doing “inside the computer.” Because logs might contain deep data, they can be used to debug an application or service when something goes awry. In the most simplistic form, log messages are recorded into a single log file, though they can also be recorded into any number of files.
In previous releases of the Instana Platform, contextual log data was available in the context of a trace inside Unbounded Analytics, which enabled users to quickly and efficiently debug and perform root-cause analysis without getting lost in endless screens of log data. Part of the promise of Enterprise Observability is context and the ability to connect data with other data. While interesting, one could argue that data without context is almost irrelevant. To that end, and in order to bring better context to our users, we decided to expose the same logging data we already collected on a completely separate and more easily accessible section of Unbounded Analytics, in order to make log information easier to absorb and correlate with the other data Instana collects.
Making Application Logs a first-class citizen of Instana’s Unbounded Analytics
Today marks the availability of logging data through a completely separate section of Unbounded Analytics in the Instana Platform. This marks the first time Instana users will be able to analyze error and warning logs outside of a trace. Another benefit of being inside Unbounded Analytics is the analysis of the log data through our structured query mechanism. By utilizing a structured query mechanism that lets developers and users analyze error and warning logs, Instana makes user experience easier by allowing for faster and more precise troubleshooting. It will also bring a new perspective to troubleshooting, helping identify, solve and remove problems.
With this in mind, Instana still partners with popular log aggregation tools in order to both integrate with a user’s existing IT Operations ecosystem and to provide a more traditional System Information and Event Management experience if a user is looking for even more information. We believe that exposing logging data in the Unbounded Analytics section of the Platform continues our theme of context and intelligent action, keeping our users from getting drowned in a sea of logging data and continuing our promise of delivering a fully-automated Enterprise Observability solution.