openskills.info

Application Performance Monitoring

itObservability and performance

Application Performance Monitoring

Application performance monitoring, or APM, tracks the speed, reliability, and availability of software in production. It helps you detect a poor user experience, locate the affected operation, and gather evidence about the cause.

The useful mental model is a feedback loop:

user-visible symptom
        ↓
service health signal
        ↓
affected transaction or endpoint
        ↓
slow span, failing dependency, or exhausted resource
        ↓
change, deploy, and measure again

APM narrows the distance between “checkout is slow” and “the payment database call dominates the slow traces after this deployment.” It does not prove causation by itself. It gives you correlated evidence for a disciplined investigation.

Why APM exists

A healthy host does not guarantee a healthy application. CPU and memory can look normal while one endpoint times out for a specific customer path. An application can also return errors quickly, making an average response-time chart appear healthy.

APM starts closer to the work users ask the application to perform. It treats requests, transactions, jobs, and dependencies as first-class units. You can then connect their behavior to runtime and infrastructure signals.

AWS defines APM as monitoring and managing the ongoing performance and availability of production systems. Its guidance pairs APM with real-user monitoring and synthetic monitoring for broader coverage. Real-user monitoring captures actual interactions. Synthetic monitoring runs scripted interactions, including when no real traffic exists.

The APM data path

An APM system has four logical stages:

  1. Instrumentation records telemetry inside or around the application.
  2. Context propagation carries request identity across process and service boundaries.
  3. A collection pipeline receives, processes, filters, samples, and exports telemetry.
  4. A backend stores and analyzes the data, then presents service maps, traces, dashboards, and alerts.

OpenTelemetry supports both zero-code and code-based instrumentation. Zero-code instrumentation can capture common frameworks and libraries without source changes. Code-based instrumentation adds business operations, domain attributes, and custom events that generic instrumentation cannot infer.

OpenTelemetry is not an APM backend. It is a vendor-agnostic framework for generating, collecting, and exporting telemetry. That separation lets you standardize instrumentation while retaining a choice of analysis backend.

Signals that answer different questions

APM correlates several telemetry signals. Each answers a different question:

  • Metrics show rates and distributions across many requests. Use them to detect rising error rates, falling throughput, or changing latency percentiles.
  • Traces reconstruct the path of individual operations. Use them to see which service or dependency consumed time and where an error appeared.
  • Logs preserve detailed events. Attach trace and span identifiers so you can move from a trace to the relevant records.
  • Profiles attribute CPU or memory activity to running code. Use them when a trace identifies the slow service but not the expensive code path.

A trace is built from spans. Each span represents one unit of work and records timing, attributes, events, status, and a parent relationship. Context propagation links spans created by different services into one trace.

The W3C Trace Context standard defines interoperable traceparent and tracestate headers. If propagation breaks at a proxy, queue, or client boundary, one user operation appears as disconnected traces. The application still ran; your causal map did not survive the boundary.

What to measure

Begin with behavior that users can feel. Google SRE’s four golden signals are a strong baseline:

  • Latency — time required to serve a request. Separate successful and failed requests.
  • Traffic — demand placed on the application, such as requests per second.
  • Errors — failed work, including incorrect or policy-invalid results where you can measure them.
  • Saturation — how close a constrained resource is to its limit.

Apply these signals at service and operation boundaries. Add dependency duration and errors for databases, remote calls, queues, and caches. Add runtime signals when they help explain application behavior.

Do not rely on average latency alone. Google’s SRE guidance shows that averages can hide a slow tail. Track a distribution and inspect percentiles such as the median and ninety-fifth or ninety-ninth percentile.

Choose service level indicators from the user’s perspective. Server-side telemetry can miss browser or client problems. Client-side collection is necessary when those problems affect users without appearing in server measurements.

A representative investigation

Suppose the ninety-fifth percentile latency for checkout rises after a release.

  1. Confirm the symptom by operation, status, region, and deployment version.
  2. Compare a slow trace with a normal trace from the same operation.
  3. Follow the critical path through child spans.
  4. Inspect correlated logs and runtime metrics for the slow service.
  5. Form a hypothesis, change one thing, and compare the same signals after deployment.

This sequence moves from aggregate evidence to individual evidence. It avoids starting with a favorite cause, such as CPU or the database, before the application data points there.

Sampling, cardinality, and cost

Recording every trace may be too expensive at high traffic volumes. Head sampling decides early, before the complete trace is known. It is efficient, but it cannot guarantee that traces containing later errors are retained.

Tail sampling decides after seeing most or all spans. It can retain traces based on error, latency, or attributes. The trade-off is a stateful, more demanding collection layer.

Attributes make telemetry useful for filtering and comparison. They also create cost and privacy risks. High-cardinality attributes have many distinct values. User identifiers are a typical example. They can increase backend storage and metric SDK memory.

Collect only attributes with an observability purpose. OpenTelemetry’s security guidance makes the implementer responsible for sensitive data. Review automatic instrumentation, remove unnecessary personal data, and filter or redact before export.

What APM can and cannot do

APM is useful when you need to:

  • detect production regressions by service or operation;
  • follow requests through distributed dependencies;
  • compare application versions, regions, or customer paths;
  • connect a user-facing symptom to code, runtime, or dependency evidence;
  • validate whether a remediation changed the intended outcome.

APM is not a replacement for load testing, real-user monitoring, synthetic monitoring, infrastructure monitoring, or profiling. It connects to each discipline but answers a narrower production question: how is application work behaving, and where should you investigate next?

APM also cannot compensate for missing instrumentation or broken context propagation. A polished service map built from incomplete telemetry remains incomplete. Sampling can hide rare behavior. Correlation can suggest a cause without proving it. Treat the platform as evidence, not an oracle.

A practical adoption path

Start with one user-critical service and a small set of operations. Define the latency and error behavior you care about. Add zero-code instrumentation for baseline coverage. Then add code-based spans and attributes where the baseline cannot express business work.

Standardize service names, operation names, deployment versions, and environment attributes. Verify context propagation across every synchronous and asynchronous boundary. Set a telemetry budget. Test dashboards and alerts against known failures. Finally, include APM checks in release and incident workflows.

The product is not the goal. The goal is a shorter, evidence-driven path from user impact to a verified improvement.