Centralized logging is a critical component of observability into modern infrastructure and applications. Without it, it can be difficult to diagnose problems and understand user journeys—leaving engineers blind to production incidents or interrupted customer experiences. Alternatively, when the right engineers can access the right log data at the right time, they can quickly gain a better understanding of how their services are performing and troubleshoot problems faster.
It may be counterintuitive to tackle a problem without knowing exactly what the problem is, but an incident commander often does just that. In fact Rob Schnepp—founding partner at Blackrock 3, an Alameda, California-based incident management consulting group—says identifying the root cause of an incident is typically secondary to addressing the symptoms.