惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

The Hacker News
The Hacker News
Google Online Security Blog
Google Online Security Blog
K
Kaspersky official blog
D
Darknet – Hacking Tools, Hacker News & Cyber Security
S
Schneier on Security
C
Cybersecurity and Infrastructure Security Agency CISA
Security Archives - TechRepublic
Security Archives - TechRepublic
Hacker News - Newest:
Hacker News - Newest: "LLM"
Cisco Talos Blog
Cisco Talos Blog
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
Recent Commits to openclaw:main
Recent Commits to openclaw:main
Cyberwarzone
Cyberwarzone
L
LINUX DO - 最新话题
PCI Perspectives
PCI Perspectives
酷 壳 – CoolShell
酷 壳 – CoolShell
云风的 BLOG
云风的 BLOG
N
News and Events Feed by Topic
N
News and Events Feed by Topic
V
Vulnerabilities – Threatpost
T
Troy Hunt's Blog
GbyAI
GbyAI
C
CERT Recently Published Vulnerability Notes
G
Google Developers Blog
Microsoft Azure Blog
Microsoft Azure Blog
量子位
Scott Helme
Scott Helme
月光博客
月光博客
Attack and Defense Labs
Attack and Defense Labs
aimingoo的专栏
aimingoo的专栏
博客园 - 聂微东
Project Zero
Project Zero
G
GRAHAM CLULEY
博客园 - 【当耐特】
Recorded Future
Recorded Future
K
KPMG report finds enterprise disconnect between AI and its ROI | CIO
小众软件
小众软件
D
DataBreaches.Net
T
The Blog of Author Tim Ferriss
OSCHINA 社区最新新闻
OSCHINA 社区最新新闻
O
OpenAI News
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
V
V2EX
Stack Overflow Blog
Stack Overflow Blog
爱范儿
爱范儿
S
Security @ Cisco Blogs
The Last Watchdog
The Last Watchdog
MongoDB | Blog
MongoDB | Blog
H
Hacker News: Front Page
Latest news
Latest news
P
Proofpoint News Feed

Railway Blog

Where Railway is, and where it's going (Summer 2026) PaaS vs IaaS vs SaaS: What Each Means and Who Should Pick What in 2026 The Best Continuous Deployment Tools in 2026 The Best PaaS for Multi-Region Deployments in 2026 The Best Platforms for Monorepo Deployments in 2026 Compliance Isn't a Feature, It's a Posture What is BYOC (Bring Your Own Cloud)? A Developer's Guide for 2026 The Best Managed Kubernetes Hosting in 2026 The Best Container Registries in 2026 The Vanilla Cloud Tax: What Rolling Your Own on AWS Actually Costs What is a PaaS? A Developer's Guide for 2026 The Best Cloud Observability and Logging Tools in 2026 The Best PostgreSQL Hosting for Developers in 2026 The Best Multi-Region Hosting Platforms in 2026 The Best Platforms to Deploy AI Apps in 2026 (Not the Models, the Apps Around Them) The Agent-Native Cloud: What It Means and Why It Matters Incident Report: May 19, 2026- GCP Account Suspension Counting to 3 with a new builder processing 50M+ monthly builds Railway iOS preview now available via TestFlight Kill your onboarding: selling to 10,000+ new users a day Your AI wants to nuke your database. Guardrails fix that. Better Rails for Agents: A New Remote MCP and Railway Agent in the CLI Moving Railway's Frontend Off Next.js One command deploys, there's a Stripe APP for that From registrar to deployed: buying a domain inside Railway A letter to open source builders who deserve more Networking is a black box, we used eBPF to open it Heroku Walked So Railway Can Run Security Features Your Security Team Will Love Railway Runs Open Source, Now We're Funding It Railway raises $100M Series B to unburden the builders Deploy autoscaling services, AI Workflow automation, and LLM APIs Without Kubernetes Hosting Postgres with GeoLite2: a practical guide to IP geolocation, data loading, and updates Serverless functions vs containers: CI/CD, database connections, cron jobs, and long-running tasks Hosting Postgres with pgvector: provider tradeoffs, migrations, indexes, and tuning Introducing the Railway integration on Delve.co Secure Cloud Hosting for Compliance: A Practical Guide for Startups and Regulated Industries How G2X Unlocked Rapid Experimentation at Scale with Railway MindFort Runs 100+ AI Pen Testing Agents Without Their Previous $10k AWS Bill How Bilt's Marketing Engineering Team Delivers at Scale with Railway Railway Technology Partners: Earn Revenue on Templates You Didn't Build ~$1 Million Paid to Developers Who Built Railway Templates CI/CD for Modern Deployment: From Manual Deploys to PR Environments Kernel Powers 1,000+ AI Agents on $444/Month of Railway Infrastructure Deploy Full-Stack TypeScript Apps: Architectures, Execution Models, and Deployment Choices Railway vs Cloudflare: How Their Architectures Differ and When to Use Each Run Scheduled and Recurring Tasks with Cron Monitoring & Observability: Using Logs, Metrics, Traces, and Alerts to Understand System Failures Server rendering benchmarks: Railway vs Cloudflare vs Vercel Top five Heroku alternatives Comparing top PaaS and deployment providers Pricing to Encourage Use The F in SOC2 stands for functional Deploy Together, Earn Together: Introducing Railway Partnerships How We Oops-Proofed Infrastructure Deletion on Railway Bring Back the Free Plan Railway MCP - Stateful, Serverful, Pay-per-use Infrastructure Hackathon: Winners Announced! Mark Your Calendar: Railway User Hackathon with Prizes Launching Railway's Affiliate Program Zero-Touch Bare Metal at Scale Ssh, We’re Announcing One More Thing! $1M for Open Source Introducing Central Station Speed Isn’t Just About Code, It’s About Where That Code Runs One-Second Deploys? We Didn’t Believe It Either Why We’re Moving on From Nix Railway V3: Faster and Cheaper How to Migrate from Cloudflare Pages to Railway Supercharging Directus on Railway with a Static Frontend How to Migrate from AWS Lambda to Railway Deploy Triton Inference Server on Railway How to Handle Database Connection Pooling Building a NestJS App on Railway Manually Optimize Deployments on Railway Implement a GitHub Actions Testing Suite Scaling a SaaS application on Railway Building a SaaS application on Railway Deploy a Dart App on Railway, Part 2 Deploy a Dart App on Railway, Part 1 Implementing Feature Flags from Scratch Cron Jobs with Django and GitHub Actions Deploy Offen on Railway Queues on Railway Working with NX, Railway and CI/CD Automated PostgreSQL Backups Using GitLab CI/CD with Railway Migrating From Heroku To Railway Cron Jobs on Railway Deploy Beam on Railway Deploy Authorizer on Railway Deploying Monorepo Applications How to Backup and Restore Your Postgres Database How to Backup Your Redis Instance Deploy Cusdis on Railway Deploy Ghost on Railway Using Github Actions with Railway Deploy Calendso (cal.com) on Railway Self-hosted website analytics Use Notion as a CMS for your NextJS blog
Logs, Metrics, and Traces: What Does Each Signal Tell You?
Mahmoud Abdelwahab · 2025-11-07 · via Railway Blog

Avatar of Mahmoud Abdelwahab

Mahmoud Abdelwahab

Logs, Metrics, and Traces: What Does Each Signal Tell You?

Logs, metrics, and traces are the three core signals of observability. Each captures a different dimension of what's happening inside a running system, and together they give you the visibility you need to understand, debug, and maintain production applications.

A metric fires the alert but names no suspect, a trace narrows the suspect down to one service but can't explain what went wrong inside it, and the logs can't explain the service issue because they can't find the right ones fast enough. When the three signals can't point at the same event, a fix that takes 20 minutes can take 3 hours to investigate.

This guide explains what each signal captures, where each one falls short on its own, and how the three work together to cut incident response from hours to minutes.

What is observability?

Observability is how well you can diagnose what's going wrong inside your system from the signals (specifically logs, metrics, and traces) it produces.

It differs from traditional threshold-based monitoring, which catches failures you predicted in advance. Observability ties logs, metrics, and traces together so that when a failure falls outside every rule you wrote, you can detect the root cause.

Logs tell you what happened inside a system

Logs capture what happened inside your services by recording individual events with full context. They are timestamped records, written by an application as events occur, and each log entry retains the full event record.

Written as JSON with consistent field names, logs can be read by machines and searched by attribute. A stable schema makes structured logs easy to validate, parse, line up with traces and metrics, and analyze at scale. A structured log entry looks like the following:

{

	"timestamp": "2024-03-15T13:26:23.505892Z",
	
	"level": "ERROR",
	
	"message": "Payment processing failed: timeout after 5000ms",
	
	"service": "payment-service",
	
	"trace_id": "4bf92f3577b34da6a3ce929d0e0e4736",
	
	"span_id": "00f067aa0ba902b7",
	
	"order_id": "ord-8821",
	
	"http_status_code": 504

}

The trace_id and span_id fields link a log entry to the trace it came from, which matters when the three signals work together.

Use logs once you know which service is failing, as they show exactly what a specific request or session went through.

The limitation is volume. Without request IDs in log entries, searching logs across dozens of services is slow and manual. Logs from a crashed container also only live on the node for a short time and can be lost unless they're collected and sent to a central store.

Railway automatically captures all logs emitted to standard output or standard error from your applications, so logs from crashed containers aren't lost. Any console.log() statements, error messages, or application output are immediately available for viewing and searching without additional configuration.

You can access logs in four ways:

  • Service logs: drill into a single deployment's build, deployment, and runtime logs
  • Log Explorer: environment-wide search across all services, with filtering by service, level, trace ID, or custom attributes
  • CLI: railway logs streams the latest deployment in real time
  • Railway Remote MCP server: connect your AI coding agent (Claude, Cursor, Codex, GitHub Copilot, and others) to mcp.railway.com over OAuth and invoke the railway-agent tool to investigate logs in natural language.
railway logs -d      # deployment logs
railway logs -b      # build logs
railway logs --json  # JSON output

Structured logging is fully supported. You can filter by custom attributes using @attributeName:value, making it easy to find logs related to a specific user ID, transaction, or any metadata you include.

image.png

Metrics tell you when something changed

Metrics detect your system's behavior shifts by rolling many events into a single number you can query. They are numeric measurements of how your system behaves, aggregated over time.

Common examples include CPU, memory, disk, and network. Application-level metrics like request latency or error rates require a third-party tool connected via OpenTelemetry or a vendor SDK.

Metrics tell you when something changed, but not why it changed. Use them for alerting, capacity planning, and setting service-level objectives (SLOs) because they reduce many events to a few numeric series you can query and compare against thresholds. A CPU spike shows up as a rising line on a graph, but the number alone can't tell you which code path caused it. A metric alert is the start of an investigation.

Railway builds metrics in with per-service graphs for CPU, memory, disk, and network that include deploy markers, so you can see at a glance when a code push lines up with a resource spike. Metrics are available for up to 30 days. For services with multiple replicas, toggle between a combined sum or a per-replica view to isolate which instance is running hot.

image.png

Traces show you where the request broke down

Traces pinpoint where a request slowed down or failed across service boundaries. It is a record of a request's path through all the services in a system, captured as a timeline of operations.

Each operation along the path is a span, a named step with a start time, duration, and metadata. Spans form a tree through parent and child relationships, with the full tree making up the trace.

Here's a concrete example. A user submits a checkout request, and the trace shows every hop across the API gateway, order service, inventory service, and payment service, how long each took, and where the chain broke.

POST /checkout  (api-gateway)              880ms
├── PaymentService.Charge  (payment-svc)   500ms  ← bottleneck
│   └── db.query: INSERT payments          120ms
├── InventoryService.Reserve (inv-svc)     240ms
│   └── db.query: UPDATE inventory          80ms
└── NotificationService.Send (notif-svc)    40ms

PaymentService.Charge accounts for 500ms of the 880ms total, so the slow step is visible right from the trace, with no need to check dashboards for each downstream service one by one.

Traces answer the location question: which service in the chain is responsible, and how much of the total latency it owns.

However, traces require some setup work because services need to pass trace context using the W3C traceparent header, and if a service receives a traceparent header, it must pass it on outgoing requests unless it starts a new trace. End-to-end traces depend on each hop passing context along. The setup work is real, especially across systems written in multiple languages, where each language SDK has to be configured separately.

Railway doesn't collect traces natively. Implement your services with OpenTelemetry, point the exporter at your backend of choice (such as Honeycomb, Grafana Tempo, Jaeger, or Datadog), and carry trace_id in your structured logs. Railway's third-party observability guide covers the setup.

How logs, metrics, and traces differ

Logs, metrics, and traces each answer a different question across four dimensions (data structure, granularity, query method, and the question each best answers).

DimensionLogsMetricsTraces
Data structureTimestamped text events (ideally structured JSON)Numeric time-series with labelsTrees of spans, each with timestamps, duration, and metadata
GranularityIndividual eventsMany events rolled up into a single numberFull path of one specific request across services
Query methodSearch by attribute or full textRoll up over time windows, set thresholdsFollowed by trace_id across service boundaries
The question each best answerWhy did it happen?What happened, and at what rate?Where in the service graph did it happen?

No single signal gives a complete picture on its own. The three signals must work together to provide a complete picture of system health.

How logs, metrics, and traces work together

Your checkout endpoint runs on top of several services, and an outside fraud-check vendor starts timing out. Here's how the investigation unfolds:

Step 1: A metric catches the problem

Your alert fires when p99 checkout latency goes from 200ms to 4 seconds at 14:23 UTC, so you know when the spike started and which top-level endpoint is affected, but you can't tell which of six downstream services is responsible.

Step 2: A trace locates the problem

You filter traces for the checkout service in the 14:23 to 14:35 window, sort by duration, and in the waterfall view on a slow trace, the fraud-check span takes up 3.0 seconds of a 3.4-second request, narrowing the slow step to one service and one call. The trace gives you a trace_id: 123.

Step 3: Logs explain the problem

You query logs filtered by the trace_id and the fraud-check service, and instead of thousands of log lines from hundreds of requests running at the same time, you get exactly the lines from that one request.

14:23:47.232 DEBUG Calling external fraud API         trace_id=abc123...
14:23:50.187 WARN  External API timeout after 2955ms  trace_id=abc123...
14:23:50.188 ERROR Falling back to synchronous DB lookup trace_id=abc123...

The root cause is confirmed because the external fraud vendor API is timing out, and the fallback to a synchronous database lookup adds to the delay. 

Observability on Railway: keeping logs, metrics, and traces together

Across more than 15 million monthly deployments, Railway keeps logs and metrics on a single platform while supporting third-party connections for tracing via OpenTelemetry.

Two tools tie that together in practice: the Observability Dashboard for investigation, and Monitors and Webhooks for alerts and notifications.

The Observability Dashboard

The Observability Dashboard gives you a customizable per-environment view of logs, metrics, and project usage in one place. Create widgets for specific services, filter logs by attribute, or track spend across a billing period.

The dashboard is supported by the Railway Agent. It lets you query and interact with your Railway services and telemetry in natural language, and acts as a debugging companion when you're working through a problem. It can surface failed deployment issues on request, but it isn't a background monitor; it acts when you ask it to, not on its own..

Bilt, the nationwide loyalty program for renters, runs that workflow at scale, handling more than 1,500 requests per second under 50ms on the first of the month. At that volume, jumping from a metric spike to the matching logs without switching tools, and using Railway’s Observability Dashboard, is the difference between a 20-minute fix and a three-hour investigation.

Alerts and notifications

Railway provides two complementary approaches to alerting: monitors for metric-based alerts and webhooks for deployment notifications.

Monitors

Monitors proactively detect issues by notifying you when resource usage indicates potential problems before users report them. Configure threshold-based alerts directly on dashboard widgets for CPU, memory, disk, or network egress, and Railway notifies you via email, in-app notifications, or webhooks.

Webhooks

Webhooks cover deployment state changes and custom events. Railway automatically formats payloads for popular destinations like Discord and Slack, so you can integrate notifications into your existing team communication channels.

Get full observability from day one

Whether you're running a side project or a production SaaS, Railway gives you full visibility into your system from day one. Logs are automatically centralized, metrics are collected, and traces can be added via OpenTelemetry as your architecture grows and needs them. With the infrastructure handled, you can focus on the application production. Get started for free.