Earlier this month I hosted the “Everything You’ve Heard About Observability is Wrong (Almost)” webinar– thanks to all of you who attended. I wanted to follow-up with the attendees as well as those who were not able to join. As promised, it wasn’t the same old Observability presentation that we have grown accustomed to you know, all marketing with little value.

Data enrichment is the process of adding additional context or attributes to telemetry data at the source that increases its value during analysis. OpenTelemetry, a collaborative open source telemetry project with the largest organizations in the observability space, can be configured to enrich logs and metrics from dozens of sources. This blog will show you the basics of how to use BindPlane OP to easily deploy and configure OpenTelemetry to enrich data from a source.

Logs are a critical aspect of any production workload, as they give you insight into what is happening in your system and tell you which components may be having issues. The traditional method of looking at logs involves basic Linux commands like tail, less, or sometimes cat.

So your team has access to a logging tool? Great! What’s the first thing you want to find? The latest config change gone wrong? Data from 30 days ago when a specific server was at high capacity? Or maybe you’d like to access logs for a certain IP on a certain day for specific HTTP and servers with counts and averages. Hopefully there was training to teach you the specific query languages and expert skills required to answer these questions.

Whether you’re rushing to troubleshoot an incident or proactively performing a security audit, the trial-and-error process of searching through millions of logs for key information can be time-consuming and cumbersome. To help you quickly surface important details from large swaths of log data, Datadog’s Log Explorer allows you to search and filter your logs, create visualizations, as well as group your logs by fields, patterns, or transactions.

Large organizations often rely on multiple monitoring tools, security platforms, and auditing systems to meet the diverse needs of their observability, security, engineering, and compliance teams. Because these teams may use the same logs for many different use cases—including detecting potential threats or breaches, troubleshooting errors, and gauging the effectiveness of new features—it can be difficult to effectively standardize and route data.

As businesses generate, capture, and seek to analyze more data than ever before, they often find themselves limited by high data storage costs, expensive data processing fees, and high management overhead. For organizations who wish to expand their log analytics programs and become more data-driven, maximizing cost efficiency has become a critical operational objective.

Today, Cribl is releasing The State of Security Data Management 2022 in collaboration with CITE Research. The report examines the challenges that enterprises are facing as they work to balance evolving business priorities with cyber threats. The report was conducted in September 2022 and surveyed 1,000 senior-level IT and security decision-makers. The survey found that, although most organizations are confident in their data management strategy, few believe it’s actually sustainable.

There’s always a thrill to see something that you’ve dreamed of coming to life. And for us, open source docs is the realization of that dream. In simple terms, open source docs mean that the documentation is freely available for anyone to modify. This is a part of the modern documentation movement, being able to make changes to keep pace with modern development cycles.

Arthur Conan Doyle's Sherlock Holmes famously said, "You see, but you do not observe." Collecting application logs exhaustively and interpreting them to support business objectives are two different things. Application logs, also called app logs, event logs, and audit trails, are automatically generated records of computational events in IT environments.