News and blog
NXLog main page
  • Products
    NXLog Platform
    Log collection
    Log management and analytics
    Log storage
    NXLog Community Edition
    Integrations
    Professional Services
  • Solutions
    Use cases
    Specific OS support
    SCADA/ICS
    Windows event log
    DNS logging
    MacOS logging
    Solutions by industry
    Financial Services
    Government & Education
    Entertainment & Gambling
    Telecommunications
    Medical & Healthcare
    Military & Defense
    Law Firms & Legal Counsel
    Industrial & Manufacturing
  • Plans
  • Partners
    Find a Reseller
    Partner Program
  • Resources
    Documentation
    Blog
    White papers
    Videos
    Webinars
    Case Studies
    Community Program
    Community Forum
  • About
    Company
    Careers
  • Support
    Support portals
    Contact us

NXLog Platform
Log collection
Log management and analytics
Log storage
NXLog Community Edition
Integrations
Professional Services

Use Cases
Specific OS support
SCADA/ICS
Windows event log
DNS logging
MacOS logging
Solutions by industry
Financial Services
Government & Education
Entertainment & Gambling
Telecommunications
Medical & Healthcare
Military & Defense
Law Firms & Legal Counsel
Industrial & Manufacturing


Find a Reseller
Partner Program

Documentation
Blog
White papers
Videos
Webinars
Case Studies
Community Program
Community Forum

Company
Careers

Support portals
Contact us
Let's Talk Start free
NXLog search
  • Loading...
Let's Talk Start free
December 16, 2024 securitydeploymentannouncement

World of OpenTelemetry

By Roman Krasnov

Share
ALL SIEM STRATEGY SECURITY ANNOUNCEMENT DEPLOYMENT COMPLIANCE COMPARISON RSS

With an ever-expanding choice of technologies on the market, navigating the range of open-source observability tools can be a challenge. Which is why, when it comes to managing complex multicloud environments and their services, standardization is crucial. Here’s where OpenTelemetry (OTel) can play a key role. Developed through the merger of OpenCensus and OpenTracing, OpenTelemetry has become the new standard for open-source telemetry.

Discover what OTel is, the types of telemetry data it encompasses, its potential benefits, and how NXLog can support your OpenTelemetry ecosystem.

What is OpenTelemetry?

To understand the significance of OpenTelemetry, you first need to understand 'observability'. In simple terms, observability describes how organizations can gain insight into a system’s state by analyzing the data it generates – typically logs, metrics, and traces.

OpenTelemetry, also known as OTel, is an open-source observability framework composed of tools, APIs, and SDKs. It allows IT teams to instrument, generate, collect, and export telemetry data, enabling them to analyze and understand the performance and behavior of software. There are many options – both free and commercial – for enabling observability. OTel’s goal is to provide unified, vendor-agnostic libraries and APIs for streamlining data collection and transmission.

OTel was developed through the joining of OpenTracing and OpenCensus. OpenTracing became a CNCF project in 2016. Then, in 2018, Google open-sourced the OpenCensus project – originally based on its internal Census library, which was used for gathering traces and metrics from distributed systems. Both aimed to offer a vendor-neutral library for collecting tracing and metrics data. The original beta version of OpenTelemetry was released in March 2020 and has since become the second most active CNCF project, after Kubernetes.

What is Telemetry Data?

Telemetry data primarily refers to logs, metrics and traces, the capturing of which is essential for understanding and troubleshooting the performance of your applications and infrastructure. This data is collected from various remote and often hard-to-reach points within your ecosystem. And its sheer volume presents a challenge for long-term storage, which has capacity constraints. This makes cloud storage services – both private and public – invaluable for DevOps teams.

Examples of telemetry data include:

  • Logs – an event-based record of significant actions and anomalies within a system. These readable files – structured or unstructured – offer insights into the outcomes of transactions involving endpoints in your environment. However, these logs aren’t always easy to review, prompting the development of external log analysis tools.

  • Metrics – numerical data points representing counts or measures, which are often aggregated over time. These come from various sources, including infrastructure, hosts, and third-party services. Unlike logs, metrics are generally accessible via queries, and their timestamps, values, and event names can help detect potential issues that need attention.

  • Traces – these track a process from start to finish, such as an API request or other system activity, illustrating how services interact. Monitoring these pathways is crucial for understanding how an ecosystem operates, whether it’s functioning efficiently, and if troubleshooting is needed. Traces are characterized by span data, which includes unique identifiers, operation names, timestamps, logs, events, and indexes, providing detailed insights into system behavior.

How Does Telemetry Data Work?

OTel serves as a specialized protocol for collecting telemetry data and exporting it to a target system. As an open-source CNCF project, its goal is to make data collection more system-agnostic.

otel components
Figure 1. OpenTelemetry reference architecture. Source: OpenTelemetry documentation

The data lifecycle has several stages, each generating different types of data. These stages are:

  1. Instrumentation: The first step is to instrument the code with APIs, which specify what metrics to collect and how to gather them. OpenTelemetry supports zero-code instrumentation for popular programming languages.

  2. Collection: SDKs pool the data, preparing it for processing and export.

  3. Processing: The collected data is broken down, sampled, filtered to reduce noise or errors, and enriched by adding contextual information from multiple sources.

  4. Transformation: The data is then converted and exported in a usable format.

  5. Delivery: Sending the data to the desired destination/s (APM, SIEM, long-term storage, etc.)

OpenTelemetry components

OTel is made up of several key components:

APIs: These core components are language-specific (e.g., Java, Python, .NET) and enable the integration of your application with OTel.

SDKs: Also language-specific, an SDK acts as a bridge between the APIs and the exporter. It also allows for additional configurations, such as request filtering and transaction sampling.

Exporter: This component enables you to configure which backend(s) the telemetry data is sent to. It decouples the instrumentation from the backend configuration, making it easy to switch backends without having to re-instrument your code.

Collector: The collector is responsible for receiving, processing, and exporting telemetry data. While it’s not a mandatory component, it significantly enhances the OpenTelemetry architecture by offering more flexibility in terms of how telemetry data is received and routed to backends.

The collector can be deployed in two main ways:

  • Agent Mode: Runs on the same host as the application (e.g., as an executable, DaemonSet, or sidecar).

  • Standalone Mode: Runs as a separate process independent of the application.

Though the collector facilitates telemetry data collection and transmission, it still requires a third-party backend to receive, store, and analyze the data.

The benefits of OpenTelemetry

Collecting and analyzing application data isn’t new. But the methods and formats used can vary wildly between applications and backends. This inconsistency creates challenges for developers and SREs who need a clear view of an application’s health.

By standardizing how this data is generated and shared, OpenTelemetry offers several compelling benefits for developers, IT operations, and business stakeholders:

  1. Unified Observability. OpenTelemetry unifies the process of collecting telemetry data within a single framework. This eliminates the need for disparate tools and custom integrations, providing a cohesive observability strategy and simplifies debugging and performance monitoring.

  2. Vendor-Neutral Instrumentation. The framework is designed to be vendor-agnostic, allowing organizations to avoid vendor lock-in. OpenTelemetry supports integration with a wide variety of observability tools (e.g., Prometheus, Grafana, Jaeger, Elastic, Datadog), enabling businesses to choose or switch tools without re-instrumenting applications.

  3. Cost Efficiency. Standardized instrumentation means organizations spend less time building and maintaining custom telemetry solutions. By leveraging the open-source community and out-of-the-box libraries provided by OpenTelemetry, teams can save on development and operational costs while improving coverage and consistency.

  4. Improved Debugging and Monitoring. With unified traces, metrics, and logs collection it allows developers to gain deeper insights into application performance and behavior. Correlating these data types helps pinpoint bottlenecks, errors, or performance degradations more effectively, enabling faster root-cause analysis and resolution.

  5. Scalability. The framework is designed for modern systems such as based on microservices and cloud-native architectures, so it can handle high-throughput environments to provide insights across complex, distributed applications.

  6. Cross-Language Support. OpenTelemetry supports instrumentation for multiple programming languages, including Java, Python, JavaScript, C#, Go, and Ruby, among others. This broad compatibility allows teams to implement observability across their stack consistently.

  7. Future-Proof. Business requirements and applications evolve rapidly, making it essential to choose a durable technology for observability. OpenTelemetry, as an open-source, community-driven project, adapts to industry trends and needs. This adaptability ensures compatibility with new technologies and observability standards, positioning it as a future-proof solution for organizations embracing modern development practices.

  8. Simplified Adoption of Cloud-Native Standards. OpenTelemetry is part of the Cloud Native Computing Foundation (CNCF) ecosystem, aligning it with other popular tools like Kubernetes, Prometheus, and Fluentd. This ensures seamless integration and adherence to best practices for monitoring and observability in cloud-native environments.

  9. Enhanced Business Outcomes. By providing reliable and actionable insights into application performance, OpenTelemetry helps improve user experience and system reliability. It enables proactive identification of issues before they impact customers, boosting trust and satisfaction.

  10. Community and Ecosystem Support. OpenTelemetry is backed by a thriving community of contributors, major tech companies, and observability platforms. This robust ecosystem ensures continuous improvements, wide-ranging integrations, and access to community expertise for troubleshooting or scaling observability efforts.

While migrating to an OpenTelemetry-enabled technology stack presents challenges - such as the time required for transition and the need to manage systems and logs that lack native OpenTelemetry support, like those from security or network equipment - the benefits of migration far outweigh these drawbacks.

OpenTelemetry enhances observability, streamlines monitoring across diverse systems, and fosters greater operational efficiency, making it a valuable investment despite the need to accommodate some legacy and specialized systems. Its standardization, flexibility, and scalability make it a vital tool for achieving deeper insights into system behavior, ensuring performance optimization, and enabling seamless collaboration across teams and tools.

How NXLog maps onto the OpenTelemetry world

NXLog Platform is a professional, unified log management solution for end-to-end IT and security observability. NXLog Platform gives you the data storage and analysis data backend, while heavily extending native OpenTelemetry collector capabilities with its NXLog Agent features available with the OpenTelemetry Collector (im_otel) module.

nxp1
Figure 2. NXLog Platform

With NXLog Platform you can run a single agent to capture every piece of data across your infrastructure – via OpenTelemetry, plain text files, network sockets, databases, and anything else you can imagine.

nxp2
Figure 3. Routing log data with NXLog Platform

Tell our experts about your specific use case, and we’ll find the best-fit solution for you!

NXLog Platform is an on-premises solution for centralized log management with
versatile processing forming the backbone of security monitoring.

With our industry-leading expertise in log collection and agent management, we comprehensively
address your security log-related tasks, including collection, parsing, processing, enrichment, storage, management, and analytics.

Start free Contact us
  • deployment
  • telemetry data pipeline
Share

Facebook Twitter LinkedIn Reddit Mail
Related Posts

Understanding telemetry pipelines
6 minutes | September 26, 2024
The story of the $1,900,000 penalty for insufficient log management
4 minutes | January 11, 2024
How NXLog can help meet compliance mandates
4 minutes | June 1, 2022

Stay connected:

Sign up

Keep up to date with our monthly digest of articles.

By clicking singing up, I agree to the use of my personal data in accordance with NXLog Privacy Policy.

Featured posts

Announcing NXLog Platform 1.6
April 22, 2025
Announcing NXLog Platform 1.5
February 27, 2025
Announcing NXLog Platform 1.4
December 20, 2024
NXLog redefines log management for the digital age
December 19, 2024
2024 and NXLog - a review
December 19, 2024
Announcing NXLog Platform 1.3
October 25, 2024
NXLog redefines the market with the launch of NXLog Platform: a new centralized log management solution
September 24, 2024
Welcome to the future of log management with NXLog Platform
August 28, 2024
Announcing NXLog Enterprise Edition 5.11
June 20, 2024
Raijin announces release of version 2.1
May 31, 2024
Ingesting log data from Debian UFW to Loki and Grafana
May 21, 2024
Announcing NXLog Enterprise Edition 6.3
May 13, 2024
Raijin announces release of version 2.0
March 14, 2024
NXLog Enterprise Edition on Submarines
March 11, 2024
The evolution of event logging: from clay tablets to Taylor Swift
February 6, 2024
Migrate to NXLog Enterprise Edition 6 for our best ever log collection experience
February 2, 2024
Raijin announces release of version 1.5
January 26, 2024
2023 and NXLog - a review
December 22, 2023
Announcing NXLog Enterprise Edition 5.10
December 21, 2023
Raijin announces release of version 1.4
December 12, 2023
Announcing NXLog Enterprise Edition 6.2
December 4, 2023
Announcing NXLog Manager 5.7
November 3, 2023
Announcing NXLog Enterprise Edition 6.1
October 20, 2023
Raijin announces release of version 1.3
October 6, 2023
Upgrading from NXLog Enterprise Edition 5 to NXLog Enterprise Edition 6
September 11, 2023
Announcing NXLog Enterprise Edition 6.0
September 11, 2023
The cybersecurity challenges of modern aviation systems
September 8, 2023
Raijin announces release of version 1.2
August 11, 2023
The Sarbanes-Oxley (SOX) Act and security observability
August 9, 2023
Log Management and PCI DSS 4.0 compliance
August 2, 2023
Detect threats using NXLog and Sigma
July 27, 2023
HIPAA compliance logging requirements
July 19, 2023
Announcing NXLog Enterprise Edition 5.9
June 20, 2023
Industrial cybersecurity - The facts
June 8, 2023
Raijin announces release of version 1.1
May 30, 2023
CISO starter pack - Security Policy
May 2, 2023
Announcing NXLog Enterprise Edition 5.8
April 24, 2023
CISO starter pack - Log collection fundamentals
April 3, 2023
Raijin announces release of version 1.0
March 9, 2023
Avoid vendor lock-in and declare SIEM independence
February 13, 2023
Announcing NXLog Enterprise Edition 5.7
January 20, 2023
NXLog - 2022 in review
December 22, 2022
Need to replace syslog-ng? Changing to NXLog is easier than you think
November 23, 2022
The EU's response to cyberwarfare
November 22, 2022
Looking beyond Cybersecurity Awareness Month
November 8, 2022
GDPR compliance and log data
September 23, 2022
NXLog in an industrial control security context
August 10, 2022
Raijin vs Elasticsearch
August 9, 2022
NXLog provides native support for Google Chronicle
May 11, 2022
Aggregating macOS logs for SIEM systems
February 17, 2022
How a centralized log collection tool can help your SIEM solutions
April 1, 2020

Categories

  • SIEM
  • STRATEGY
  • SECURITY
  • ANNOUNCEMENT
  • DEPLOYMENT
  • COMPLIANCE
  • COMPARISON
logo

Subscribe to our newsletter to get the latest updates, news, and products releases. 

© Copyright 2024 NXLog FZE.

Privacy Policy. General Terms of Use

Follow us

  • Product
  • NXLog Platform 
  • Log collection
  • Log management and analysis
  • Log storage
  • Integration
  • Professional Services
  • Plans
  • Resources
  • Documentation
  • Blog
  • White papers
  • Videos
  • Webinars
  • Case studies
  • Community Program
  • Community forum
  • Support
  • Getting started guide
  • Support portals
  • About NXLog
  • About us
  • Careers
  • Find a reseller
  • Partner program
  • Contact us