Observability is a superset of tools and techniques to understand how a system works, exploring “knowns” and “unknowns” in the systems. Monitoring involves tracking and measuring structured data.

Log Aggregation

• log forwarder - software to collect logs from different data sources, transform logs if required and send those to a log aggregator

• log aggregator - software to aggregate, store and present logs

Process of log aggregation

• collect logs from multiple sources in different formats. Recommended to have a standardised log format.

• standardise - if logs have different formats, at this step you need to align logs to one format