Below is the list of blog posts with the “OpenTelemetry” tag.

Agentic AI is now embedded across the enterprise: summarizing customer records, pulling from data warehouses, drafting on top of internal documents, calling production APIs on behalf of staff. The pitch is compelling. The reality is that you have deployed a non-deterministic process with read access to PII, trade secrets, and the business intelligence your competitors would pay for. It is a black box that reasons differently on each run, and a single misrouted tool call can move sensitive data into a context where it does not belong.

Fluent Bit wins on footprint. Logstash wins on parsing depth. The choice isn’t which tool is "better" — it’s where in your pipeline each one earns its keep, and what your detection tier silently misses when you put one in the wrong tier. Pick wrong and the cost shows up in three places: detection latency when batches stall, audit evidence when collectors stop shipping, and MTTR when responders can’t tell whether a quiet endpoint is an attack indicator or a broken agent.

Most discussions about OpenTelemetry pipelines focus on getting data from point A to point B. Collect telemetry, maybe convert the format, forward it to a backend. That’s the minimum viable pipeline, and it’s where most tooling stops. But a pipeline that only moves data is a pipe, not a processing layer. The telemetry arriving at your observability platform or SIEM is only as useful as the context it carries. A raw log entry saying "connection from 198.

OpenTelemetry has become the de facto standard for telemetry data. Nearly 50% of surveyed cloud-native end-user companies have adopted it, and the project ranks as the second-highest-velocity initiative in the CNCF, behind only Kubernetes. The direction is clear: if your infrastructure doesn’t speak OpenTelemetry, it will increasingly be left out of the observability conversation. But adopting OpenTelemetry across an entire infrastructure is a different problem than adopting it in a greenfield application.

Why the federal agency breach shows that standardized telemetry formats aren’t optional anymore When CISA analyzed the federal agency breach that went undetected for three weeks, they identified a familiar pattern: EDR alerts existed but weren’t continuously reviewed. Security teams had visibility tools, but critical signals got lost in the noise. What the advisory doesn’t detail—​but every security practitioner knows—​is the infrastructure nightmare hiding behind that simple statement. Those unreviewed alerts likely came from dozens of sources, each speaking its own dialect of security telemetry.

The SentinelOne outage showed why visibility isn’t optional—​even when your defenses keep running. On May 29, 2025, organizations running SentinelOne experienced something unsettling: their security controls kept working, but they couldn’t see what was happening. A software flaw in SentinelOne’s infrastructure control system caused a global service disruption that lasted several hours. According to reports, the incident significantly impacted customers' ability to manage their security operations and access important data.