Link Search Menu Expand Document Documentation Menu
Documentation

Exploring observability data

Introduced 3.5

Learn how to explore your observability data using specialized interfaces for logs, metrics, and traces within observability workspaces. These enhanced data exploration capabilities provide purpose-built tools for querying, analyzing, and correlating different types of telemetry data.

OpenSearch provides specialized interfaces for exploring the three pillars of observability data:

  • Logs: Query and analyze log data using Piped Processing Language (PPL).
  • Metrics: Explore time-series metric data using PromQL queries.
  • Traces: Investigate distributed traces and span relationships.

These interfaces work together with datasets and correlations to provide a comprehensive observability experience, enabling you to quickly identify issues, understand system behavior, and troubleshoot problems across your distributed applications.

Prerequisites

To use these data exploration features, you need to:

  • Create an observability workspace: These features are only available within Observability workspaces. To learn how to enable and create workspaces, see Workspace for OpenSearch Dashboards.
  • Enable feature flags: Configure the required settings in your opensearch_dashboards.yml file. Each feature page provides the specific configuration needed.
  • Configure data sources: Set up appropriate data sources for your logs, metrics, and traces. For configuration guidance, see Data sources.

Creating an observability workspace

To create an observability workspace, follow these steps:

  1. Enable workspaces. For more information, see Enabling the Worskpace feature.
  2. On the OpenSearch Dashboards home page, select Create Workspace and choose Observability. Alternatively, select the plus sign on the Observability card to create a new observability workspace.
  3. In Workspace details, enter a Name and optional Description for your workspace.
  4. Select Observability as the use case and then select Create workspace.

For detailed instructions, see Create workspace.

Getting started

After creating an observability workspace, follow these steps to get started:

  1. Datasets – Learn how to organize your observability data into manageable datasets.
  2. Discover logs – Explore log data using PPL queries and visualizations.
  3. Discover traces – Analyze distributed traces and span relationships.
  4. Discover metrics – Query and visualize time-series metrics using PromQL.
  5. Correlations – Understand how to link trace and log datasets for unified analysis.
350 characters left

Have a question? .

Want to contribute? or .