Cisco and Splunk have introduced the Cisco Time Series Model, a univariate zero shot time series foundation model designed for observability and security metrics. It is released as an open weight checkpoint on Hugging Face.
* **Multiresolution data is common:** The model handles data where fine-grained (e.g., 1-minute) and coarse-grained (e.g., hourly) data coexist, a typical pattern in observability platforms where older data is often aggregated.
* **Long context windows are needed:** It's built to leverage longer historical data (up to 16384 points) than many existing time series models, improving forecasting accuracy.
* **Zero-shot forecasting is desired:** The model aims to provide accurate forecasts *without* requiring task-specific fine-tuning, making it readily applicable to a variety of time series datasets.
* **Quantile forecasting is important:** It predicts not just the mean forecast but also a range of quantiles (0.1 to 0.9), providing a measure of uncertainty.
* **Multiresolution data is common:** The model handles data where fine-grained (e.g., 1-minute) and coarse-grained (e.g., hourly) data coexist, a typical pattern in observability platforms where older data is often aggregated.
* **Long context windows are needed:** It's built to leverage longer historical data (up to 16384 points) than many existing time series models, improving forecasting accuracy.
* **Zero-shot forecasting is desired:** The model aims to provide accurate forecasts *without* requiring task-specific fine-tuning, making it readily applicable to a variety of time series datasets.
* **Quantile forecasting is important:** It predicts not just the mean forecast but also a range of quantiles (0.1 to 0.9), providing a measure of uncertainty.
hl is a fast, Rust-based JSON log viewer designed for efficient processing of structured logs. It offers fast indexing and parsing, enabling quick scanning of large log files.
This article details the steps to move a Large Language Model (LLM) from a prototype to a production-ready system, covering aspects like observability, evaluation, cost management, and scalability.
Ship measurable improvements in your GenAI systems with Opik, your open-source LLM observability and agent optimization platform. Trusted by over 150,000 developers and thousands of companies.
Grafana and GitLab have released a new open-source solution that links GitLab CI/CD events into Grafana's observability stack via a serverless architecture, enabling real-time visibility and correlation between deploy events and performance metrics.
Elastic's new Streams feature uses AI to transform noisy logs into actionable insights, helping SREs diagnose and resolve issues faster. The article discusses how AI is poised to become the primary tool for incident diagnosis and address skill shortages in IT infrastructure management.
Here's a breakdown of the technical details:
* **Problem:** Modern IT (especially Kubernetes) generates massive amounts of log data (30-50GB/day per cluster) making manual analysis for root cause identification slow, costly, and prone to errors. Existing observability tools often treat logs as a last resort.
* **Elastic's Solution (Streams):**
* **AI-powered Parsing & Partitioning:** Automatically extracts relevant fields from raw logs, reducing manual effort.
* **Anomaly Detection:** Surfaces critical errors and anomalies from logs, providing early warnings.
* **Automated Remediation:** Aims to not only identify issues but also suggest or automatically implement fixes.
* **Workflow Shift:** Streams aims to move away from the traditional observability workflow (metrics -> alerts -> dashboards -> traces -> logs) to a log-centric approach where AI proactively processes logs to create actionable insights.
* **Future Direction:** The article highlights the potential of **Large Language Models (LLMs)** to further automate observability, including generating automated runbooks and playbooks for remediation. LLMs could also help address the shortage of skilled SREs by augmenting their expertise.
* **Integration:** Streams is integrated into Elastic Observability.
Here's a breakdown of the technical details:
* **Problem:** Modern IT (especially Kubernetes) generates massive amounts of log data (30-50GB/day per cluster) making manual analysis for root cause identification slow, costly, and prone to errors. Existing observability tools often treat logs as a last resort.
* **Elastic's Solution (Streams):**
* **AI-powered Parsing & Partitioning:** Automatically extracts relevant fields from raw logs, reducing manual effort.
* **Anomaly Detection:** Surfaces critical errors and anomalies from logs, providing early warnings.
* **Automated Remediation:** Aims to not only identify issues but also suggest or automatically implement fixes.
* **Workflow Shift:** Streams aims to move away from the traditional observability workflow (metrics -> alerts -> dashboards -> traces -> logs) to a log-centric approach where AI proactively processes logs to create actionable insights.
* **Future Direction:** The article highlights the potential of **Large Language Models (LLMs)** to further automate observability, including generating automated runbooks and playbooks for remediation. LLMs could also help address the shortage of skilled SREs by augmenting their expertise.
* **Integration:** Streams is integrated into Elastic Observability.
This article details how Nubank built its own in-house logging platform to address issues of cost, scalability, and control over their logging infrastructure. Initially reliant on a vendor solution, they found costs rising unpredictably and experienced limitations in observability and data retention.
To solve this, Nubank divided the project into two major steps: **The Observability Stream** (ingestion and processing) and the **Query & Log Platform** (storage and querying).
* **Observability Stream:** Fluent Bit for data collection, a Data Buffer Service for micro-batching, and an in-house Filter & Process Service.
* **Query & Log Platform:** Trino as the query engine, AWS S3 for storage, and Parquet for data format.
The new platform currently ingests 1 trillion logs daily, stores 45 PB of searchable data with a 45-day retention, and handles almost 15,000 queries daily. Nubank reports the platform costs 50% less than comparable market solutions while providing them with greater control, scalability, and the ability to customize features. The project underscored Nubank's value of challenging the status quo and leveraging a combination of open-source and in-house development.
To solve this, Nubank divided the project into two major steps: **The Observability Stream** (ingestion and processing) and the **Query & Log Platform** (storage and querying).
* **Observability Stream:** Fluent Bit for data collection, a Data Buffer Service for micro-batching, and an in-house Filter & Process Service.
* **Query & Log Platform:** Trino as the query engine, AWS S3 for storage, and Parquet for data format.
The new platform currently ingests 1 trillion logs daily, stores 45 PB of searchable data with a 45-day retention, and handles almost 15,000 queries daily. Nubank reports the platform costs 50% less than comparable market solutions while providing them with greater control, scalability, and the ability to customize features. The project underscored Nubank's value of challenging the status quo and leveraging a combination of open-source and in-house development.
This article explores how prompt engineering can be used to improve time-series analysis with Large Language Models (LLMs), covering core strategies, preprocessing, anomaly detection, and feature engineering. It provides practical prompts and examples for various tasks.
A study by ClickHouse found that large language models (LLMs) aren't currently capable of replacing Site Reliability Engineers (SREs) for incident root cause analysis, despite advancements in AI. LLMs can be helpful tools, but require human oversight.
Google Cloud has announced native support for the OpenTelemetry Protocol (OTLP) in its Cloud Trace service, allowing developers to send trace data directly using OTLP and eliminating the need for vendor-specific exporters. This includes increased storage limits for attributes and spans.
