When something breaks, you want to know why — and logs tell that story. OpenSRE connects to OpenObserve to retrieve log and trace data that helps explain what was happening when an alert fired, making it easier to correlate errors, anomalies, and service interactions during investigations.
What you need
- An OpenObserve instance (self-hosted or cloud-hosted)
- An OpenObserve access token
- The URL of your OpenObserve deployment
- Access to the organization you want OpenSRE to query
Getting set up
Guided setup
Start here if you want step-by-step guidance:
opensre integrations setup
Manual setup with environment variables
Or add these to your .env file:
OPENOBSERVE_URL=https://openobserve.example.com
OPENOBSERVE_TOKEN=your_access_token
OPENOBSERVE_ORG=default
OPENOBSERVE_STREAM=logs
OPENOBSERVE_MAX_RESULTS=100
| Variable | Default | Description |
|---|
OPENOBSERVE_URL | — | Required. URL of your OpenObserve instance |
OPENOBSERVE_TOKEN | — | Required. Authentication token |
OPENOBSERVE_ORG | default | Organization name |
OPENOBSERVE_STREAM | (empty) | Optional stream to query |
OPENOBSERVE_MAX_RESULTS | 100 | Maximum number of results returned |
Alternative authentication
If your OpenObserve deployment uses username/password authentication instead of tokens, you can configure:
OPENOBSERVE_USERNAME=your_username
OPENOBSERVE_PASSWORD=your_password
OPENOBSERVE_ORG=default
Option 3: Persistent store
{
"version": 1,
"integrations": [
{
"id": "openobserve-prod",
"service": "openobserve",
"status": "active",
"credentials": {
"url": "https://openobserve.example.com",
"token": "your_access_token",
"org": "default"
}
}
]
}
Finding your OpenObserve credentials
- Log in to your OpenObserve instance
- Navigate to your user or organization settings
- Create or retrieve an access token
- Copy your OpenObserve URL
- Note the organization name you want OpenSRE to query
- Add these values to your OpenSRE configuration
What OpenSRE can query
Once connected, OpenSRE can search across:
- Logs — Search by timestamp, service name, log level, and message content
- Traces — Investigate spans, follow distributed traces, and analyze latency
- Metrics — Query observability metrics stored in OpenObserve
Use a token with the minimum permissions required for investigation workflows whenever possible.
Test your connection
Make sure everything is configured correctly:
opensre integrations verify openobserve
Service: openobserve
Status: passed
Detail: Configured for OpenObserve at https://openobserve.example.com
Troubleshooting
| Symptom | Fix |
|---|
| 401 Unauthorized | Regenerate the access token or confirm username/password credentials. |
| 404 on query | Check OPENOBSERVE_ORG matches your organization slug. Verify the stream name if OPENOBSERVE_STREAM is set. |
| Connection refused | Confirm OPENOBSERVE_URL includes the correct protocol and port. Ensure network access from OpenSRE to the instance. |
| Empty log results | Widen the time range in the investigation query. Confirm logs are ingested into the target stream. |
Tracer