Frequently Asked Questions

What are you folks building?
We are building the easiest, most efficient and sophisticated observability tool to monitor all your applications and infrastructure. You get a unified view of logs, metrics and traces and ability to easily navigate and correlate them. We are building a tool that is easy to operate, has great UX, and that you can start with megabytes of data and scale to petabytes of data. You can run this tool using a single binary on your laptop with less than 100 MB RAM.
What is OpenObserve?
OpenObserve is an open-source observability platform that provides a unified view of logs, metrics and traces.
How do I send logs to OpenObserve?
You can send logs to OpenObserve using log forwarders like Fluentd, Fluentbit, Vector, Logstash, Filebeat, cloudwatch logs using Kinesis Firehose etc. or using the OpenObserve API.
How do I send metrics data to OpenObserve?
You can send metrics data to OpenObserve using prometheus remote-write API or using the OpenObserve API. Promethus, OTEL collector, telegraf and possibly more tools support the remote-write API.
How can I ingest Amazon cloudwatch logs into OpenObserve?
You can ingest amazon cloudwatch logs into OpenObserve by subscribing a cloudwatch log-group to a kinesis firehose stream. You can then use HTTP delivery of kinesis firehose to send any logs to OpenObserve.
How do I send traces to OpenObserve?
You can use opentelemetry libraries to instrument your application and send traces to OpenObserve. You can also use the OpenObserve API to send traces.
Do I need to install OpenObserve to use it?
You can choose to install OpenObserve in your laptop locally, in your own infrastructure (kubernetes, aws, gcp, azure, heroku, etc) or use OpenObserve cloud. With OpenObserve cloud you do not have to worry about installing, maintaining and keep up OpenObserve yourself. OpenObserve cloud provides generous free tier suitable for most individuals and startups.
Where does OpenObserve store data?
OpenObserve can store data on local disk or s3 when run in a single node mode. In HA mode OpenObserve requires an object store to store data. You could use s3, GCS, minio, Azure blob and any other s3 compatible object store. OpenObserve stores its metadata in sled for single node installation and in etcd for HA installation.
Can I build dashboards in OpenObserve?
Yes, You can build dashboards in OpenObserve. For Logs and traces data you can use SQL like queries to build dashboards. For metrics data you can use both PromQL and SQL to build dashboards. You can have data from logs, metrics and traces in the same dashboard giving you a unified view of all data.
Can OpenObserve send alerts?
Yes, you can send alerts to many sources like slack, teams, prometheus alertmanager and more... OpenObserve can send alerts to various destinations using its highly configurable destination builder. You can configure alerts using SQL like queries for logs and traces data and PromQL for metrics data.
Is OpenObserve multi-tenant?
Yes, You can use OpenObserve in a multi-tenant mode. You can create multiple organizations and each organization can have multiple users. Each organizations users and data are isolated for that organization.
Can I deploy OpenObserve on Kubernetes?
Yes, You can use the official helm chart to deploy OpenObserve on Kubernetes.
What are ingest functions?
Ingest functions in OpenObserve are created using VRL a javascript like language. Ingest functions can be used to parse, filter, transform and enrich data at the time of ingestion. You can use ingest functions to parse logs, extract metrics from logs, filter logs, transform logs and more. Ingest functions run on the incoming data before it is stored in OpenObserve
What are query functions?
Query functions in OpenObserve are created using VRL a javascript like language. Query functions can be used to parse, filter, transform and enrich data. You can use query functions to parse logs, extract metrics from logs, filter logs, transform logs and more. Query functions are used at the time of query when data has already been ingested into OpenObserve.
Does OpenObserve provide a GUI?
OpenObserve provide a very advanced WebUI. You can use the WebUI to build dashboards, alerts, ingest functions, query functions and more. You can also use the WebUI to view logs, metrics and traces data.
How does OpenObserve compare to Elasticsearch?
OpenObserve can have 140x lower storage cost than Elasticsearch and much lower operational burden to maintain. Due to stateless nodes, it can scale much faster than Elasticsearch. It has been written in rust and enjoys its high performance and low memory footprint. OpenObserve is also much easier to operate than Elasticsearch. It has been built specifically for observability use cases, while Elasticsearch was built as a text search engine being used for observability use cases.
Can I install OpenObserve on my laptop?
Yes, You can install OpenObserve on your laptop and get started in under 2 minutes. Follow the quickstart guide in documentation.
Why is OpenObserve cloud service so much lower in cost compared to others in the industry?
Our unique approach to log management reduces the storage cost by 140x compared to Elasticsearch/Splunk etc. We also use stateless nodes, which makes it much easier to scale and operate. We pass on the cost savings to our customers.
OpenObserve Inc. © 2024