4b6817381b
CI (OpenClaw E2E) / openclaw test (push) Has been cancelled
CI / coverage-report (push) Has been cancelled
CI / test-kubernetes (push) Has been cancelled
CI / should-run-thorough (push) Has been cancelled
CI / test-thorough (cloudwatch-demo) (push) Has been cancelled
CI / test-thorough (flink-ecs) (push) Has been cancelled
CI / test-thorough (upstream-lambda) (push) Has been cancelled
CI / test-thorough (prefect-ecs-fargate) (push) Has been cancelled
Release / build-binaries (zip, opensre.exe, onefile, windows-latest, windows-x64) (push) Has been cancelled
Benchmark image — build + push to ECR (any adapter) / build + push (push) Has been cancelled
CI / quality (ubuntu-latest) (push) Has been cancelled
CI / test (tools-runtime) (push) Has been cancelled
CI / test (e2e-general) (push) Has been cancelled
CI / test (cli-runtime) (push) Has been cancelled
CI / test (e2e-provider-and-openclaw) (push) Has been cancelled
CI / test (integrations-and-misc) (push) Has been cancelled
Release / verify (push) Has been cancelled
Release / build-python-dist (push) Has been cancelled
Release / build-binaries (tar.gz, opensre, onedir, macos-15-intel, darwin-x64) (push) Has been cancelled
Release / build-binaries (tar.gz, opensre, onedir, macos-latest, darwin-arm64) (push) Has been cancelled
Release / build-binaries (tar.gz, opensre, onedir, ubuntu-22.04, linux-x64) (push) Has been cancelled
Release / publish-release (push) Has been cancelled
Release / publish-main-release (push) Has been cancelled
Interactive Shell Live (PR + post-merge) / turn-checks (no-LLM) (push) Has been cancelled
CodeQL / Analyze (python) (push) Has been cancelled
Interactive Shell Live (PR + post-merge) / turn-live shard ${{ matrix.shard_index }} (push) Has been cancelled
Release / prepare (push) Has been cancelled
Release / build-binaries (tar.gz, opensre, onedir, ubuntu-22.04-arm, linux-arm64) (push) Has been cancelled
Synthetic Deterministic Tests / Synthetic offline (deterministic) (push) Has been cancelled
124 lines
3.9 KiB
Plaintext
124 lines
3.9 KiB
Plaintext
---
|
|
title: "OpenObserve"
|
|
description: "Connect OpenObserve so OpenSRE can pull structured log and trace evidence during investigations"
|
|
---
|
|
|
|
When something breaks, you want to know *why* — and logs tell that story. OpenSRE connects to OpenObserve to retrieve log and trace data that helps explain what was happening when an alert fired, making it easier to correlate errors, anomalies, and service interactions during investigations.
|
|
|
|
## What you need
|
|
|
|
* An OpenObserve instance (self-hosted or cloud-hosted)
|
|
* An OpenObserve access token
|
|
* The URL of your OpenObserve deployment
|
|
* Access to the organization you want OpenSRE to query
|
|
|
|
## Getting set up
|
|
|
|
### Guided setup
|
|
|
|
Start here if you want step-by-step guidance:
|
|
|
|
```bash
|
|
opensre integrations setup
|
|
```
|
|
|
|
Select **OpenObserve** and enter your OpenObserve credentials when prompted.
|
|
|
|
### Manual setup with environment variables
|
|
|
|
Or add these to your `.env` file:
|
|
|
|
```bash
|
|
OPENOBSERVE_URL=https://openobserve.example.com
|
|
OPENOBSERVE_TOKEN=your_access_token
|
|
OPENOBSERVE_ORG=default
|
|
OPENOBSERVE_STREAM=logs
|
|
OPENOBSERVE_MAX_RESULTS=100
|
|
```
|
|
|
|
| Variable | Default | Description |
|
|
| ------------------------- | --------- | ---------------------------------------------- |
|
|
| `OPENOBSERVE_URL` | — | **Required.** URL of your OpenObserve instance |
|
|
| `OPENOBSERVE_TOKEN` | — | **Required.** Authentication token |
|
|
| `OPENOBSERVE_ORG` | `default` | Organization name |
|
|
| `OPENOBSERVE_STREAM` | *(empty)* | Optional stream to query |
|
|
| `OPENOBSERVE_MAX_RESULTS` | `100` | Maximum number of results returned |
|
|
|
|
### Alternative authentication
|
|
|
|
If your OpenObserve deployment uses username/password authentication instead of tokens, you can configure:
|
|
|
|
```bash
|
|
OPENOBSERVE_USERNAME=your_username
|
|
OPENOBSERVE_PASSWORD=your_password
|
|
OPENOBSERVE_ORG=default
|
|
```
|
|
|
|
Use either token-based authentication or username/password authentication depending on your OpenObserve deployment.
|
|
|
|
### Option 3: Persistent store
|
|
|
|
```json
|
|
{
|
|
"version": 1,
|
|
"integrations": [
|
|
{
|
|
"id": "openobserve-prod",
|
|
"service": "openobserve",
|
|
"status": "active",
|
|
"credentials": {
|
|
"url": "https://openobserve.example.com",
|
|
"token": "your_access_token",
|
|
"org": "default"
|
|
}
|
|
}
|
|
]
|
|
}
|
|
```
|
|
|
|
## Finding your OpenObserve credentials
|
|
|
|
1. Log in to your OpenObserve instance
|
|
2. Navigate to your user or organization settings
|
|
3. Create or retrieve an access token
|
|
4. Copy your OpenObserve URL
|
|
5. Note the organization name you want OpenSRE to query
|
|
6. Add these values to your OpenSRE configuration
|
|
|
|
## What OpenSRE can query
|
|
|
|
Once connected, OpenSRE can search across:
|
|
|
|
* **Logs** — Search by timestamp, service name, log level, and message content
|
|
* **Traces** — Investigate spans, follow distributed traces, and analyze latency
|
|
* **Metrics** — Query observability metrics stored in OpenObserve
|
|
|
|
<Info>
|
|
Use a token with the minimum permissions required for investigation workflows whenever possible.
|
|
</Info>
|
|
|
|
## Test your connection
|
|
|
|
Make sure everything is configured correctly:
|
|
|
|
```bash
|
|
opensre integrations verify openobserve
|
|
```
|
|
|
|
Expected output:
|
|
|
|
```
|
|
Service: openobserve
|
|
Status: passed
|
|
Detail: Configured for OpenObserve at https://openobserve.example.com
|
|
```
|
|
|
|
## Troubleshooting
|
|
|
|
| Symptom | Fix |
|
|
| --- | --- |
|
|
| **401 Unauthorized** | Regenerate the access token or confirm username/password credentials. |
|
|
| **404 on query** | Check `OPENOBSERVE_ORG` matches your organization slug. Verify the stream name if `OPENOBSERVE_STREAM` is set. |
|
|
| **Connection refused** | Confirm `OPENOBSERVE_URL` includes the correct protocol and port. Ensure network access from OpenSRE to the instance. |
|
|
| **Empty log results** | Widen the time range in the investigation query. Confirm logs are ingested into the target stream. |
|