MCPcopy
hub / github.com/openobserve/openobserve

github.com/openobserve/openobserve @v0.91.1 sqlite

repository ↗ · DeepWiki ↗ · release v0.91.1 ↗
12,508 symbols 44,524 edges 2,121 files 3,287 documented · 26%
README

OpenObserve

<em>Open source Datadog alternative for logs, metrics, traces, and frontend monitoring. Modern observability platform: 10x easier, 140x lower storage cost, high performance, petabyte scale.</em>

Last Commit GitHub Stars GitHub Issues Contributors GitHub Release

OpenObserve (O2) is a cloud-native observability tool built for logs, metrics, traces, analytics, and Real User Monitoring (RUM). It's designed as a cost-effective alternative to Datadog, Splunk, and Elasticsearch for teams that need full observability without the complexity or cost.

Why OpenObserve?

OpenObserve is a single observability tool for all your monitoring needs. Here's why teams choose OpenObserve:

Benefit Description
140x Lower Storage Cost Parquet columnar storage + S3-native architecture dramatically reduces costs vs Elasticsearch
Single Binary Deployment Get running in under 2 minutes. No complex cluster setup required
OpenTelemetry Native Built on OpenTelemetry standard—no vendor lock-in
Unified Platform Logs, metrics, traces, RUM, dashboards, alerts in one tool
High Performance Better query performance than Elasticsearch on 1/4 the hardware
SQL + PromQL Query logs/traces with SQL, metrics with SQL or PromQL—no proprietary query language
Built in Rust Memory-safe, high-performance, single binary

Cost Comparison: OpenObserve Vs Elasticsearch OpenObserve Vs Elasticsearch

🎥 Introduction Video

OpenObserve Introduction

🏗️ Architecture

OpenObserve achieves 140x lower storage costs and high performance through its modern architecture:

  • Parquet columnar storage: Efficient compression and query performance
  • S3-native design: Leverages inexpensive object storage with intelligent caching
  • Built in Rust: Memory-safe, high-performance, single binary deployment
  • Partitioning, indexing and smart caching: Reduces search space by up to 99% for most queries
  • Native multi-tenancy: Organizations and streams as first-class concepts with complete data isolation
  • Stateless architecture: Enables rapid scaling and low RPO/RTO for disaster recovery

This architecture delivers 140x cost savings while providing better performance than Elasticsearch.

Scale & Deployment

  • Thousands of concurrent users can query a single cluster simultaneously
  • Single binary scales to terabytes - unique in the observability space
  • High Availability mode scales to petabytes for the most demanding workloads
  • Multi-region deployments with cluster federation via Super Cluster architecture (Enterprise feature)
  • Federated search across regions and clusters (Enterprise feature)
  • Capacity planning tools to size deployments for your workload

High Availability & Disaster Recovery

Deploy in High Availability mode with clustering for mission-critical workloads requiring maximum uptime and performance.

Low RPO/RTO: OpenObserve's stateless architecture with S3-backed storage enables very low Recovery Point Objective (RPO) and Recovery Time Objective (RTO). Stateless nodes can be rapidly restarted, and data durability is guaranteed by S3's 99.999999999% (11 nines) durability. That's a lot of nines.

Read detailed architecture documentation →

Read enterprise deployment guide →

Features

For a full list of features, check the documentation.

Logs Management

OpenObserve provides a centralized log management solution with full-text search, SQL queries, and powerful filtering. Built on Parquet columnar storage for 140x lower storage costs than Elasticsearch. Instantly search through all your logs using quick filters and a powerful query builder. Create dashboards from log data and set up alerts. Read more →

image

Distributed Tracing

Distributed tracing is essential to troubleshoot issues in microservices applications. Powered by OpenTelemetry, tracing in OpenObserve helps you track user requests across services to identify performance bottlenecks. See user requests in a detailed breakdown with Flamegraphs and Gantt Charts. Click on any span to see the entire trace and understand where issues occurred. Read more →

image

Metrics & Dashboards

Ingest metrics from your infrastructure or applications and create customized dashboards. 19+ built-in chart types plus custom charts for 200+ visualization variations. Query metrics with SQL or PromQL. Add multiple queries and combine them with formulae. Read more →

image

Frontend Monitoring (RUM)

Real User Monitoring with performance tracking, error logging, and session replay. Understand exactly what your users experience. Read more →

image

Alerts

Get notified when anything unusual happens in your application. Set alerts on any telemetry signal (logs, metrics, traces), create thresholds, and configure notification channels. Advanced features like alert history and anomaly detection help you identify issues before they reach your customers. Read more → image

Pipelines

Enrich, redact, reduce, or normalize data on ingest. Stream processing for logs-to-metrics conversion and more. No external tools required. Read more →

image

Getting Started

OpenObserve Cloud (Fastest Way)

Get started in minutes without managing infrastructure. Free tier includes up to 50 GB/day ingestion. Get Started Free →

🐳 Docker:

docker run -d \
      --name openobserve \
      -v $PWD/data:/data \
      -p 5080:5080 \
      -e ZO_ROOT_USER_EMAIL="root@example.com" \
      -e ZO_ROOT_USER_PASSWORD="Complexpass#123" \
      public.ecr.aws/zinclabs/openobserve:latest

For other ways to quickly install OpenObserve or use OpenObserve cloud, check quickstart documentation.

For installing OpenObserve in High Availability mode, check High Availability deployment documentation.

Production Ready

OpenObserve is battle-tested in production environments worldwide:

  • Thousands of active deployments across diverse industries
  • Largest deployment: 2+ PB/day ingestion
  • Single binary scales to terabytes—unique in the observability space

Customer Stories →

Comparisons to Familiar Tools

OpenObserve vs Datadog

Aspect OpenObserve Datadog
Deployment Self-hosted or Cloud SaaS only
Pricing model Per-GB (free up to 200GB/day) Per-host + per-GB
Open source Yes (AGPL-3.0) No
OpenTelemetry Native OTLP Supported
Query language SQL + PromQL Proprietary
Vendor lock-in None High

OpenObserve is a Datadog alternative that gives you full control over your data and costs.

OpenObserve vs Elasticsearch

Aspect OpenObserve Elasticsearch
Storage cost 140x lower High (hot/warm/cold tiers)
Setup complexity Single binary Complex cluster management
Query language SQL Lucene/KQL
Hardware requirements 1/4 the resources High memory/CPU

OpenObserve achieves 140x lower storage costs through Parquet columnar format and S3-native architecture.

OpenObserve vs Splunk

Aspect OpenObserve Splunk
Licensing Open source Expensive enterprise licensing
Deployment Single binary or HA cluster Complex
Query language SQL + PromQL SPL (proprietary)
Cost Predictable, low Unpredictable, high

OpenObserve is an open-source Splunk alternative without the licensing complexity.

OpenObserve vs Grafana/Loki/Prometheus Stack

Aspect OpenObserve Grafana Stack
Components Single platform Multiple tools (Grafana + Loki + Prometheus + Tempo)
Management One binary Multiple deployments
High cardinality Full support Loki struggles with high cardinality
Query performance Fast on large volumes Loki slow on large data

OpenObserve consolidates logs, metrics, and traces in one platform instead of stitching together multiple tools.

📷 Screenshots

OpenObserve includes a powerful web UI for logs, traces, dashboards, alerts, and more.

Logs Search

Logs

Distributed Tracing

Trace details page with full request flow visualization: Traces using OpenTelemetry

Dashboards

Dashboard

Frontend Monitoring

Real user monitoring with session replay: Session replay

See more screenshots

Home

Home

Golden Metrics from Traces

Traces golden metrics

More Dashboard Examples

Dashboard Create panel Map

Performance Analytics

Performance

Error Tracking

Error tracking

Alerts

Alerts

Streams

Streams

Ingestion

Ingestion

Pipeline

Pipeline

Functions

Function

🔐 Security & Compliance

Security Features

  • Highly secure architecture with secure container images
  • Sensitive Data Redaction (SDR): Automatically redact sensitive data during ingestion and query time (Enterprise feature)
  • Data encryption: At rest and in transit
  • Single Sign-On (SSO): OIDC, OAuth, SAML, LDAP/AD integration (Enterprise feature)
  • Role-Based Access Control (RBAC): Granular permissions management (Enterprise feature) - Learn more →

Compliance Certifications

  • SOC 2 Type II certified
  • ISO 27001 certified
  • GDPR compliant
  • HIPAA ready (BAA available with Enterprise contracts)

OpenObserve meets the stringent security and compliance requirements of regulated industries including finance, healthcare, and government.

⚖️ License

Open Source Edition: Licensed under AGPL-3.0. We chose AGPL to ensure that improvements to OpenObserve remain open source and benefit the entire community. This license protects the commons while still allowing free commercial use.

Enterprise Edition: Licensed under a commercial Enterprise License Agreement, not AGPL. This provides additional flexibility for enterprise deployments and eliminates any concerns about AGPL requirements.

For more details: - Open Source LICENSE - Why AGPL and why it's good for the community

💼 Enterprise Support

OpenObserve is built as a true open source project, and we're committed to the community. The open source version is feature-complete and production-ready - it includes logs, metrics, traces, dashboards, alerts, pipelines, and everything you need to run observability at scale. It will always remain actively maintained and free to use without restrictions.

Enterprise Edition

For organizations requiring enterprise-grade features and support, we offer an Enterpr

Extension points exported contracts — how you extend this code

PromQLChartConverter (Interface)
(no doc) [18 implementers]
web/src/utils/dashboard/promql/shared/types.ts
TocItem (Interface)
* TocItem interface for type safety
web/src/components/alerts/IncidentTableOfContents.spec.ts
PromQueryModeller (Interface)
(no doc) [2 implementers]
web/src/components/promql/types/index.ts
CachedData (Interface)
* Frontend cache for built-in LLM model pricing * Caches pricing data in sessionStorage with 24-hour TTL
web/src/utils/modelPricingCache.ts
CachedData (Interface)
* Frontend cache for built-in regex patterns * Caches patterns in sessionStorage with 1-hour TTL
web/src/utils/regexPatternCache.ts

Core symbols most depended-on inside this repo

info
called by 8059
tests/ui-testing/playwright-tests/utils/test-logger.js
exists
called by 6190
tests/api-testing/support/endpoints/streams.py
get
called by 2781
web/src/composables/useChatHistory.spec.ts
waitForTimeout
called by 2092
tests/ui-testing/pages/logsPages/logsPage.js
trigger
called by 1117
web/src/lib/core/Collapsible/OCollapsible.types.ts
now
called by 1089
tests/api-testing/helpers/workflow/pages/search_page.py
debug
called by 925
tests/ui-testing/playwright-tests/utils/test-logger.js
warn
called by 691
tests/ui-testing/playwright-tests/utils/test-logger.js

Shape

Function 6,004
Method 5,457
Interface 660
Class 375
Enum 9
Route 3

Languages

TypeScript92%
Python8%

Modules by API surface

web/src/assets/dashboard/echarts.min.js1,293 symbols
tests/ui-testing/pages/logsPages/logsPage.js745 symbols
tests/ui-testing/pages/pipelinesPages/pipelinesPage.js283 symbols
tests/ui-testing/pages/alertsPages/alertsPage.js282 symbols
tests/ui-testing/pages/metricsPages/metricsPage.js249 symbols
tests/ui-testing/pages/tracesPages/tracesPage.js185 symbols
tests/ui-testing/pages/generalPages/enrichmentPage.js130 symbols
tests/ui-testing/pages/streamsPages/streamsPage.js109 symbols
tests/ui-testing/pages/metricsPages/metricsBuilderPage.js101 symbols
tests/ui-testing/pages/generalPages/correlationSettingsPage.js100 symbols
tests/ui-testing/pages/dashboardPages/dashboardsFormValidationPage.js99 symbols
web/src/utils/zincutils.ts96 symbols

Dependencies from manifests, versioned

@cypress/vue6.0.2 · 1×
@esbuild-plugins/node-globals-polyfill0.2.3 · 1×
@google-cloud/local-auth2.1.0 · 1×
@iconify-json/majesticons1.2.4 · 1×
@iconify-json/material-symbols1.2.72 · 1×
@iconify-json/mdi1.2.3 · 1×
@iconify-json/octicon1.2.25 · 1×
@iconify-json/si1.2.17 · 1×
@joakimono/echarts-extension-leaflet1.0.3 · 1×
@openobserve/browser-logs0.3.2-beta.3 · 1×
@openobserve/browser-rum0.3.2-beta.3 · 1×

Datastores touched

postgresDatabase · 1 repos
dbDatabase · 1 repos
openobserveDatabase · 1 repos
openobserve_testDatabase · 1 repos

For agents

$ claude mcp add openobserve \
  -- python -m otcore.mcp_server <graph>

⬇ download graph artifact