Is Splunk better than DataDog? Is Honeycomb better than CloudWatch? Can we even compare these things 1-2-1?
Not really, and that’s the point. They all provide a platform for observability, but ultimately it’s going to be down to the implementation in your organisation to get the most out of them.
The problem these tools aim to solve is usually “how can we get greater insights and fix our production incidents more quickly?” I’ve seen plenty of cases where the implementation is hobbled through compliance or security processes. Or they work great in the simple case but for the true ‘value add’ of combining data sources and achieving more reach across the enterprise, they fail.
How does that make anyone feel? The vendor is annoyed because the client is not getting the true value. The developer is annoyed because they can’t use it properly when they need it. The security officer is annoyed because this new tool is causing him or her a compliance headache; it’s another possible vector for attack or a way that information can leak out of the company. The VP of Engineering is annoyed because they’re not getting measurable ROI from their investment.
Everything hinges on policy. And how many of those people are going to say to the CISO that they guarantee that this tool will provide real value while at the same time not causing a security headache?
What have your experiences been? Ever seen an observability tool implementation which has fulfilled or exceeded expectations and how was that achieved?