blog に戻る

2023年07月24日 Melissa Sussmann

Leading on full-stack observability: once you have the logs, the rest is easy

Full-Stack Observability Header

Observability gets more challenging yearly in the rapidly evolving world of distributed computing and cloud-native applications. Organizations today are tasked with ensuring that their critical business applications, revenue-generating applications, and supporting infrastructure operate with reliability and security. The stakes are high; any lapse can lead to user churn, revenue loss, and decreased productivity.

Logs, as a part of a comprehensive observability solution, can play a pivotal role in addressing these challenges. While metrics can serve as a method of identifying numerical values for your system and traces can help you identify where events occur, logs are used to drill down into the root cause of an issue. They provide a wealth of information that can be used to monitor the health and performance of applications and infrastructure, identify and troubleshoot issues, and even gain insights into user behavior. By effectively leveraging logs, organizations can enhance the reliability and security of their applications, thereby mitigating potential negative outcomes.

Tracking shadow IT changes

In the ever-evolving and complex landscape of application performance management (APM) and DevOps, modifications that bypass formal change management processes (also known as shadow change) pose significant challenges for many organizations. These shadow changes can lead to unexpected behavior, performance issues, and operational disruptions. Shadow IT changes can become convoluted when factoring in ephemeral instances from Kubernetes clusters and serverless workloads.

Cloud observability platforms must collect and transform data from various sources for organizations to achieve better release cycles. The objective is to not only reveal unknown changes and anomalous behavior but mitigate security and compliance risks associated with these shadow changes. Some ways observability products can help include:

  1. Schema-on-demand: Not necessitating pre-defined log definitions, allowing it to adapt to changes in log signatures while still extracting maximum value from each message.

  2. Release baseline: It should be able to identify performance or log definition anomalies introduced by new product releases. This can be achieved through advanced analytics techniques.

  3. Ephemeral instances management: It should be capable of automatically monitoring and managing ephemeral instances (cloud, K8s, serverless) and alerting operators as patterns change.

Open standards, integrations, and custom analytics

An effective observability platform should support open standards for data collection, such as Telegraf for metrics and OpenTelemetry for tracing, along with others like Prometheus, FluentD, and FluentBit for other types of telemetry. This commitment to open standards ensures that maximum value can be extracted from logs, metrics, and trace data, regardless of their source.

Moreover, a robust observability platform should offer an open analytics framework. This allows users to plug in their own analytics and machine learning models to enrich log search results and power monitors and dashboards. This level of customization should extend to span analytics, providing an easy-to-use, query-less experience of turning standard or custom raw APM distributed tracing data into human-readable KPIs via dashboards, panels, and alerts. This flexibility allows for a more tailored and efficient data analysis and visualization approach.

Comprehensive user interaction performance monitoring

When monitoring and improving digital customer experience, it is paramount to implement Real User Monitoring (RUM) capabilities. Leveraging JavaScript and supporting modern web frameworks allows for in-depth analysis and detection. This is especially true in the case of long-task delay detection, where customers experience extended browser freeze times.

A powerful cloud observability solution should be capable of collecting Core Web vitals KPIs and error logs from browsers. This provides valuable insights into the end-user experience. The power of logs extends beyond troubleshooting issues; they can also be used to understand how users interact with your application. When analyzed correctly, logs can be a rich source of information about user behavior and can significantly contribute to improving the overall user experience.

Leverage the power of artificial intelligence to reduce alert fatigue

Any robust cloud observability platform must support a huge influx of log data, which can leave practitioners with alert fatigue. This is where it becomes beneficial to incorporate machine learning capabilities that can intelligently filter and prioritize alerts, ensuring that teams are not too overwhelmed with notifications but instead receive timely alerts on the issues that truly matter. This approach enhances the efficiency of incident response and ultimately contributes to the best digital customer experience.

Use advanced analytics to gain visibility across multi-cloud and hybrid environments

Advanced analytics capabilities are table stakes for any cloud observability team. Ideally, organizations want to distill large volumes of data into manageable and meaningful insights. Teams want to identify common patterns, anomalies, and correlate information that might otherwise be missed in a flat raw data format.

Alert response mechanisms in application deployment architecture are instrumental to analytics. These systems can help manage and respond to critical events, addressing potential issues promptly and effectively. No one wants to deal with false positives either or experience alert fatigue. Ideally, SREs, ITOps, and DevSecOps teams are provided with real threat information or performance monitoring over non-priority issues.

When considering multi-cloud and hybrid cloud environments, analytics and alert response become even more important. Many organizations leverage a mix of on-premises, public cloud, and private cloud infrastructure. Ideally, the observability platform these teams should trust provides a unified view across all environments. This can help ensure consistent performance monitoring and issue detection, regardless of where allocations and services are hosted.

Operational awareness: turning data into actionable insights

During the infancy of Application Performance Management (APM), observability tools were utilized primarily as a management system. This empowered developers and operators to focus on continuous integration and delivery cycles. Looking ahead, the next generation of APM tools seek to achieve broader operational awareness within organizations, as cloud operations add highly federated systems and complexity.

Achieving detailed operational awareness across various organizational silos may seem daunting, but it's entirely feasible with the right strategy and tools having the essential capabilities. The ultimate goal is to predict and prevent incidents before they occur.

Ulta Beauty leverages Sumo Logic to gain operational awareness, significantly contributing to their digital revenue growth from $200MM to over $2B…all while transitioning to Google Cloud. They use the same data that monitors the health of their infrastructure, applications, and services for anomaly detection. By monitoring metrics like orders per minute and average order value, they can quickly identify and address potential issues, such as unexpected spikes in orders or a sudden drop in average order value that might indicate a problem with a promotion. This proactive approach to operational awareness is a testament to the power of comprehensive observability solutions.

In the complex landscape of distributed computing and cloud-native applications, organizations need to adopt reliable and secure operations for their critical business applications. A comprehensive cloud observability platform that leverages the power of logs can address these challenges by providing valuable insights into application performance, user behavior, and potential security threats.

Learn more about the top cloud observability vendors in the 2023 GigaOM Cloud Observability Radar Report.

Complete visibility for DevSecOps

Reduce downtime and move from reactive to proactive monitoring.

Sumo Logic cloud-native SaaS analytics

Build, run, and secure modern applications and cloud infrastructures.

Start free trial
Melissa Sussmann

Melissa Sussmann

Lead Technical Advocate

Melissa Sussmann is a technical evangelist with 11+ years of domain expertise and experience as an engineer, product manager, and product marketing manager for developer tools. She loves gardening, reading, playing with Mary Lou (Milou, the poodle), and working on side projects. She is a huge advocate for open source projects and developer experience. Some past projects include: running nodes on the lightning network, writing smart contracts, running game servers, building dev kits, sewing, and woodworking.

More posts by Melissa Sussmann.

これを読んだ人も楽しんでいます