Enterprises today are increasingly collecting massive amounts of data to help make better-informed business decisions as fast as possible. Faced with this unprecedented volume of data, their interest in observability is soaring. In fact, Gartner declared that observability is at the "peak of inflated expectations." Enterprises are starting to shift their focus from monitoring systems to discover issues to observing systems to understand why issues occur.
Although observability has become essential for many organizations, 74% of enterprises struggle to achieve it, according to a LogDNA survey of engineering professionals. And lack of investment in observability tools is not the problem. Two-thirds of respondents spend $100,000 or more annually and 38% spend $300,000 or more annually, with many using more than four different tools.
Enterprises wrestle with true observability because most observability data remains dark or unexploited. The scale, complexity, variety of data consumers, and runaway costs make it difficult for enterprises to get value from their machine data. There are other technical and organizational challenges, such as data and department silos, the complexity of managing data in cloud-native and hybrid cloud environments, and the inefficiency of single-pane-of-glass approaches to route data to appropriate destinations.
Let's take a look at three of the most pervasive pain points, according to the survey, holding enterprises back from observability nirvana:
As enterprises strive to get more value from their observability data, particularly log data, which underpins all applications and systems, one of the biggest problems is that the tools are difficult to use. Many enterprises are dissatisfied, with more than half of respondents indicating that they would like to replace their tools. They cited issues with usability (66%) and challenges with routing security events (58%). Other problems include difficulty ingesting data into a standard format (32%) and routing it into multiple tools for different use cases (30%).
More than 80% of enterprises indicate that multiple stakeholders need access to the same log data. On average, more than three teams require access to this data, including development, IT operations, site reliability engineering (SRE), and security. But the tools make it hard for multiple stakeholders to extract actionable insights, with 67% of respondents saying the barriers to collaboration across teams are a problem. As a result, companies are spending more time trying to resolve issues.
Log data is critical to tracking application performance and capacity resources, advising product improvements, and discovering threats and anomalous activity. However, organizations struggle to control costs as machine data skyrockets. To reduce costs, 57% limit the amount of log data they ingest or store, which hinders troubleshooting and debugging systems and applications. And 55% limit the amount of log data they route to their SIEM, which impedes incident response efforts and increases security risk.
For too long, enterprises made tough choices about how to use all of their machine data while managing costs. Despite most observability data being kept in the dark, organizations understand the value of this data, and 85% believe true observability is possible as new technology emerges to improve ease of use and facilitate stronger cross-team collaboration within budget. One approach to this is using an observability data pipeline to centralize observability data from multiple sources, enrich it, and send it to a variety of destinations. This level of flexibility ensures that everyone can use their tools of choice and avoid costly vendor lock-in. The right tool can also put controls in place to manage spikes so that everyone in an organization has access to the data they need in real time, without impacting the budget.