7 observability best practices to improve visibility, performance

1. Know your platform

This goes against the idea that observability doesn't require granular knowledge of the physical platform, but without baseline knowledge, it's difficult to identify all possible data feed sources. As such, a discovery engine is required to carry out an audit of the platform. AI has made this far easier: Discovery engines can now find out what is out there in addition to maintaining records of dependencies in real time. This then creates the basis for a more automated AIOps environment.

Bear in mind that a modern IT platform is likely to be a mixed, physical and virtualized environment. Ensure the chosen observability tools can handle all environments they are likely to encounter. The goal is to create a baseline view of what is already there while ensuring it's always kept up to date.

2. Ensure applications are properly instrumented

Without data, observability will fail to deliver the benefits an organization seeks. Although most platforms are awash with data, operations teams must ensure developers code applications for observability, making traces, metrics and logs available. Similarly, operations staff must enable data tracing -- e.g., via Simple Network Management Protocol -- in off-the-shelf systems.

The aim here must be to ensure full collaboration between development and operations via a fully functioning DevOps team that ensures the required data is available to an observability capability based on AIOps.

3. Automate data collection and processing

Platforms generate a lot of data -- in most cases, far too much. In the past, this required the platform to filter data in the background, which often prevented it from performing other actions in real time. However, OpenTelemetry is now available, providing a standardized collector that's abstracted from the underlying environment, enabling changes without requiring changes to the collector itself.

The key is to maintain a fully standardized, transparent and effortless means of collecting data, helping staff to focus on what they should be doing: delivering business value.

4. Data analysis tools should fit the purpose

Analysis tools that don't identify key areas, such as early-stage problems or zero-day attacks on the platform, won't provide the peace of mind that an effective observability system offers. This is where AI can help, though false positives and potential negative effects must be monitored.

AI can ensure rapid responses to perceived problems, but it can also react against what it perceives as an unknown threat when the event isn't a real threat. Organizations might find that AI triggers need to be weighted, with low-confidence triggers passed to a human sys admin for verification before any remedial actions are enacted.

This might require an iteration in tooling and AI rules. If it becomes apparent that a tool is creating bottlenecks in the operations environment, swap it out. If an AI rule is causing problems, remove or replace it as quickly as possible to ensure the desired and correct outcomes.

5. Report in the right manner to the right people

Observability shouldn't be seen as a tool only for sys admins or DevOps practitioners but rather as a means of breaching the chasm between IT and the business by reporting what it sees and advising on what needs to be done.

Reporting should inform IT professionals in real time about the problems present and the automated remediation steps taken, while also providing trend analysis and business impact reporting that can be understood by line-of-business personnel.

Observability must provide value to both technical and business staff; the two environments are fundamentally intertwined and must work from the same data.

6. Use automated remediation systems wherever possible

An observability tool often will identify relatively low-level issues. AI, in conjunction with simple automation, can automatically fix certain issues, such as patching or updating systems or identifying workloads that require extra resources. Human intervention should be minimized wherever possible, focusing only on high-impact exceptions.

The key is to avoid human interactions wherever possible, as humans are a key source of errors. However, humans are still better than many AI systems at identifying one-off or highly complex issues; this is where their skills should be utilized.

7. Feedback loops should be present and effective

Repeated security issue identification or resource problems might be caused by coding issues or implementation that can't be fixed through automated means. Tying observability systems to help desk and trouble ticketing offerings ensures issues are identified and assigned to the right IT staff. Again, AI should be used to ensure the rapid, efficient and meaningful real-time movement of such information.

This is where humans remain of utmost importance. The feedback loop must be prioritized by business impact, not by technical interest. This requires some deep planning.

Observability should now be seen as a necessity by organizations looking to maximize the value of their platforms. Without the capability to aggregate and analyze data from all areas of an IT platform, organizations open themselves up to problems ranging from inadequate application and business performance to major security issues and impaired system availability.

An AI-driven observability capability enables a closer working relationship between business and technical teams and provides a more flexible, future-proof approach to managing an organization's technical and business capabilities.

Clive Longbottom is an independent commentator on the impact of technology on organizations. He was a co-founder and service director at Quocirca.