Files
tracer-cloud--opensre/docs/openobserve.mdx
T
wehub-resource-sync 4b6817381b
CI (OpenClaw E2E) / openclaw test (push) Has been cancelled
CI / coverage-report (push) Has been cancelled
CI / test-kubernetes (push) Has been cancelled
CI / should-run-thorough (push) Has been cancelled
CI / test-thorough (cloudwatch-demo) (push) Has been cancelled
CI / test-thorough (flink-ecs) (push) Has been cancelled
CI / test-thorough (upstream-lambda) (push) Has been cancelled
CI / test-thorough (prefect-ecs-fargate) (push) Has been cancelled
Release / build-binaries (zip, opensre.exe, onefile, windows-latest, windows-x64) (push) Has been cancelled
Benchmark image — build + push to ECR (any adapter) / build + push (push) Has been cancelled
CI / quality (ubuntu-latest) (push) Has been cancelled
CI / test (tools-runtime) (push) Has been cancelled
CI / test (e2e-general) (push) Has been cancelled
CI / test (cli-runtime) (push) Has been cancelled
CI / test (e2e-provider-and-openclaw) (push) Has been cancelled
CI / test (integrations-and-misc) (push) Has been cancelled
Release / verify (push) Has been cancelled
Release / build-python-dist (push) Has been cancelled
Release / build-binaries (tar.gz, opensre, onedir, macos-15-intel, darwin-x64) (push) Has been cancelled
Release / build-binaries (tar.gz, opensre, onedir, macos-latest, darwin-arm64) (push) Has been cancelled
Release / build-binaries (tar.gz, opensre, onedir, ubuntu-22.04, linux-x64) (push) Has been cancelled
Release / publish-release (push) Has been cancelled
Release / publish-main-release (push) Has been cancelled
Interactive Shell Live (PR + post-merge) / turn-checks (no-LLM) (push) Has been cancelled
CodeQL / Analyze (python) (push) Has been cancelled
Interactive Shell Live (PR + post-merge) / turn-live shard ${{ matrix.shard_index }} (push) Has been cancelled
Release / prepare (push) Has been cancelled
Release / build-binaries (tar.gz, opensre, onedir, ubuntu-22.04-arm, linux-arm64) (push) Has been cancelled
Synthetic Deterministic Tests / Synthetic offline (deterministic) (push) Has been cancelled
chore: import upstream snapshot with attribution
2026-07-13 13:10:45 +08:00

124 lines
3.9 KiB
Plaintext

---
title: "OpenObserve"
description: "Connect OpenObserve so OpenSRE can pull structured log and trace evidence during investigations"
---
When something breaks, you want to know *why* — and logs tell that story. OpenSRE connects to OpenObserve to retrieve log and trace data that helps explain what was happening when an alert fired, making it easier to correlate errors, anomalies, and service interactions during investigations.
## What you need
* An OpenObserve instance (self-hosted or cloud-hosted)
* An OpenObserve access token
* The URL of your OpenObserve deployment
* Access to the organization you want OpenSRE to query
## Getting set up
### Guided setup
Start here if you want step-by-step guidance:
```bash
opensre integrations setup
```
Select **OpenObserve** and enter your OpenObserve credentials when prompted.
### Manual setup with environment variables
Or add these to your `.env` file:
```bash
OPENOBSERVE_URL=https://openobserve.example.com
OPENOBSERVE_TOKEN=your_access_token
OPENOBSERVE_ORG=default
OPENOBSERVE_STREAM=logs
OPENOBSERVE_MAX_RESULTS=100
```
| Variable | Default | Description |
| ------------------------- | --------- | ---------------------------------------------- |
| `OPENOBSERVE_URL` | — | **Required.** URL of your OpenObserve instance |
| `OPENOBSERVE_TOKEN` | — | **Required.** Authentication token |
| `OPENOBSERVE_ORG` | `default` | Organization name |
| `OPENOBSERVE_STREAM` | *(empty)* | Optional stream to query |
| `OPENOBSERVE_MAX_RESULTS` | `100` | Maximum number of results returned |
### Alternative authentication
If your OpenObserve deployment uses username/password authentication instead of tokens, you can configure:
```bash
OPENOBSERVE_USERNAME=your_username
OPENOBSERVE_PASSWORD=your_password
OPENOBSERVE_ORG=default
```
Use either token-based authentication or username/password authentication depending on your OpenObserve deployment.
### Option 3: Persistent store
```json
{
"version": 1,
"integrations": [
{
"id": "openobserve-prod",
"service": "openobserve",
"status": "active",
"credentials": {
"url": "https://openobserve.example.com",
"token": "your_access_token",
"org": "default"
}
}
]
}
```
## Finding your OpenObserve credentials
1. Log in to your OpenObserve instance
2. Navigate to your user or organization settings
3. Create or retrieve an access token
4. Copy your OpenObserve URL
5. Note the organization name you want OpenSRE to query
6. Add these values to your OpenSRE configuration
## What OpenSRE can query
Once connected, OpenSRE can search across:
* **Logs** — Search by timestamp, service name, log level, and message content
* **Traces** — Investigate spans, follow distributed traces, and analyze latency
* **Metrics** — Query observability metrics stored in OpenObserve
<Info>
Use a token with the minimum permissions required for investigation workflows whenever possible.
</Info>
## Test your connection
Make sure everything is configured correctly:
```bash
opensre integrations verify openobserve
```
Expected output:
```
Service: openobserve
Status: passed
Detail: Configured for OpenObserve at https://openobserve.example.com
```
## Troubleshooting
| Symptom | Fix |
| --- | --- |
| **401 Unauthorized** | Regenerate the access token or confirm username/password credentials. |
| **404 on query** | Check `OPENOBSERVE_ORG` matches your organization slug. Verify the stream name if `OPENOBSERVE_STREAM` is set. |
| **Connection refused** | Confirm `OPENOBSERVE_URL` includes the correct protocol and port. Ensure network access from OpenSRE to the instance. |
| **Empty log results** | Widen the time range in the investigation query. Confirm logs are ingested into the target stream. |