When setting up centralized logging in your organization, it's essential to keep in mind that it can dramatically improve collaboration across your engineering teams. For example, having logs that are easily shareable, can facilitate communication between teams by allowing engineers to investigate and analyze logs for your applications, which can aid in drawing conclusions based on the actual time-series application log data. As a result, engineers can easily trace the time-series logs back to a likely root cause when there is an issue. Observability and logging bring engineers together to remediate common problems and more significant issues as they occur across the environmental stack.

For example, logs can help you quickly identify problems with your database or high latency issues with your web application. They can also reveal potential issues reflected in your general Kubernetes health metrics, which can help you better understand the overall health landscape of your Kubernetes clusters.

Whatever the issue may be, logs can help you locate, analyze, and fix many of the problems you face with your tech stack, and they can bring engineers from different teams together to troubleshoot and resolve issues. 

Individuals Become “Teams” When They Work Together 

When an incident occurs, different teams put their heads together to remediate the issue in a group incident discussion often called a “war room.” In this situation, everyone stops whatever they’re doing to join a call so that they can achieve a common understanding of:

• What happened?
• Why did it happen?
• How do we resolve it?
• How can we ensure that it doesn't happen again?

Understanding the “What” and the “Why”

To fully understand an issue, you need to know why it occurred in the first place. You should ask yourself what happened and find out what led up to the event that caused your entire application to come crashing down. Analyzing your organization's logs can help you see when things were going well and identify what happened before things started to go south. Logs can help you determine the “what” and the “why” when you’re triaging an incident in your war room. 

Only by understanding the “what” and the “why” of an issue can you make an effective plan to remediate it thoroughly and ensure that it doesn’t happen again. That's why having complete, structured logging in place is crucial to your company's success. Without it, you'd be going in circles trying to figure out the “what” and the “why” for everyday problems, not to mention the much more significant issues that could cost you your business.

Easy Wins – Everyday Problems that Logging Can Resolve

Let’s say that you’re an engineer going about your typical work week. You’re working on some sprint tickets and going about your day. Then, you notice some anomalies in your application. You might ask yourself some questions, such as:

• Why is the application so slow today? Could it be running low on compute resources?
• I got a 500 HTTP status code error in the development environment today. I wonder what happened to trigger it?
• This database is not processing my query as fast as it usually does. I wonder if my query is slowing down because other users are running queries against the database?
  

Answering all of these questions can be done by simply setting up some basic logging using Mezmo, formerly LogDNA.With Centralized Logging,  you can easily share and diagnose application problems. You can share the log to ensure everyone has the same context when discussing solutions. With LogDNA, you won’t have to ask yourself why issues happen anymore, and you’ll be able to analyze and triage everyday problems as well as more significant incidents. A setup through Mezmo will ensure that your teams spend less time in the war room and enjoy more relaxed collaboration when remediating issues and building features for your application. As the cliche goes, “An ounce of prevention is better than a pound of a cure.”

Let the Logs Tell the Story

Setting up your logging in a way that is structured and easy to analyze is also critical. If your logs are hard to understand and difficult to query, no one will use them. Structured logs typically come in the JSON format, which is a standard across all operating systems. When your logs are in the JSON format, you can readily identify the following: 

• The time and date for the logged event
• The logging level triggered (debug, info, warning, error, critical, etc.)
• Information about what happened
• The Event ID (the unique identifier for the logged event)

Conclusion 

Logs can ensure better communication across all of your teams, whether they’re in the war room or trying to answer daily questions about observability. Using structured logging, you can ensure that everybody looking at your logs can analyze them quickly and gain a deeper understanding of your application.