Skip to content

Best Practices for Data Correlation

Preface

The OpenTelemetry protocol, defined by the CNCF (Cloud Native Computing Foundation), represents the latest generation of observability standards. This protocol defines the three pillars of observability: Metrics, Trace, and Log. The correlation analysis between these three has become a key focus for major vendors.

image.png

Guance, as a leading observability product in China, how does it break through technical barriers and overcome challenges?

Data Correlation

Metrics

Typically represented by a "value," which can be a number, string, float, boolean, etc.

Metric Correlation

Prerequisites

  • The view must include a by condition (click any view to see)

  • The correlation target must have this condition (tag)

M::`cpu`:(LAST(`usage_total`)) BY `host`

Logs

Click the view, View Related Logs, to jump to the log module.

image.png

Containers

View Related Containers to jump to the container module, quickly querying all containers on the host (Node).

image.png

Processes

View Related Processes to jump to the process module, quickly querying all processes on the host (requires enabling Processes Collection).

image.png

Traces

View Related Traces to jump to the trace module, quickly querying all traces on the host.

image.png

Logs

Records generated during system/application operation, used for troubleshooting and data analysis.

Log Correlation

Prerequisites

  • Typically uses the hostname as the correlation condition (can be customized)

  • The correlation target must have this condition (tag)

Metrics

Click any log entry, select Metric View, to view the system performance of the host where the log was recorded (dashed line represents the log timestamp).

image.png

Containers

Click any log entry, select the host, View Related Containers, to jump to the container module.

image.png

Processes

View Related Processes to jump to the process module, quickly querying all processes on the host (requires enabling Processes Collection).

image.png

Traces

(Host Correlation) View Related Traces to jump to the trace module, quickly querying all traces on the host.

image.png

Traces

With the expansion of internet architecture and the widespread use of distributed systems, inter-application calls have become extremely complex. Trace tracing can effectively and quickly locate issues.

Trace Correlation

Prerequisites

  • Typically uses the hostname/trace_id as the correlation condition (can be customized)

  • The correlation target must have this condition (tag)

Metrics

Click any trace entry, select Host - Metric View, to view the system performance of the host where the trace was recorded (dashed line represents the trace timestamp).

578DAA74-7521-499a-8630-88478B9FFD0A.png

Logs

Click any trace entry, select Log - traceid, to view the log records generated by the trace (requires configuring log output trace_id).

image.png

Customization

Guance product, in addition to the default data correlation functionality, also supports more flexible user-defined view correlations.

Custom Correlation

Management - Built-in Views - User Views - Create View, supports five fields, corresponding to different data:

  • service (trace service)

  • app_id (application)

  • source (log source)

  • project (project)

  • label (tag)

image.png

Feedback

Is this page helpful? ×