惯性聚合 高效追踪和阅读你感兴趣的博客、新闻、科技资讯
阅读原文 在惯性聚合中打开

推荐订阅源

F
Fortinet All Blogs
让小产品的独立变现更简单 - ezindie.com
让小产品的独立变现更简单 - ezindie.com
有赞技术团队
有赞技术团队
www.infosecurity-magazine.com
www.infosecurity-magazine.com
大猫的无限游戏
大猫的无限游戏
爱范儿
爱范儿
Threat Intelligence Blog | Flashpoint
Threat Intelligence Blog | Flashpoint
T
Threatpost
V
Visual Studio Blog
Apple Machine Learning Research
Apple Machine Learning Research
博客园 - Franky
人人都是产品经理
人人都是产品经理
cs.AI updates on arXiv.org
cs.AI updates on arXiv.org
The Cloudflare Blog
N
News and Events Feed by Topic
L
Lohrmann on Cybersecurity
cs.CL updates on arXiv.org
cs.CL updates on arXiv.org
酷 壳 – CoolShell
酷 壳 – CoolShell
V
V2EX
AWS News Blog
AWS News Blog
S
SegmentFault 最新的问题
T
Tailwind CSS Blog
Hugging Face - Blog
Hugging Face - Blog
钛媒体:引领未来商业与生活新知
钛媒体:引领未来商业与生活新知
Spread Privacy
Spread Privacy
J
Java Code Geeks
博客园 - 聂微东
T
Tor Project blog
宝玉的分享
宝玉的分享
博客园 - 叶小钗
Webroot Blog
Webroot Blog
博客园 - 【当耐特】
freeCodeCamp Programming Tutorials: Python, JavaScript, Git & More
H
Heimdal Security Blog
Y
Y Combinator Blog
T
The Blog of Author Tim Ferriss
MongoDB | Blog
MongoDB | Blog
I
InfoQ
Security Latest
Security Latest
Martin Fowler
Martin Fowler
Hacker News: Ask HN
Hacker News: Ask HN
P
Privacy International News Feed
C
CERT Recently Published Vulnerability Notes
Latest news
Latest news
雷峰网
雷峰网
D
Darknet – Hacking Tools, Hacker News & Cyber Security
C
Cisco Blogs
H
Help Net Security
L
LINUX DO - 最新话题
L
LINUX DO - 热门话题

Datadog | The Monitor blog

Introducing our open source AI-native SAST Instrument and monitor Boomi integration flows with OpenTelemetry and Datadog Not all index scans are equal: How we cut query latency by over 99% Platform engineering metrics: What to measure and what to ignore Integrate Recorded Future threat intelligence with Datadog Cloud SIEM CI/CD security: threat modeling using a MITRE-style threat matrix CI/CD security: How to secure your GitHub ecosystem Ingress NGINX is EOL: A practical guide for migrating to Kubernetes Gateway API Operating agentic AI with Amazon Bedrock AgentCore and Datadog LLM Observability: Lessons from NTT DATA Introducing the Datadog Code Security MCP Capture and analyze custom heatmaps in Session Replay Understand session replays faster with AI summaries and smart chapters Monitor ClickHouse query performance with Datadog Database Monitoring How we designed empathetic alert sounds for on-call engineers Search and act across Datadog to resolve issues faster with Bits Assistant Measure the business impact of every product change with Datadog Experiments Analyzing round trip query latency Configuring JavaScript caches for better performance Introducing Bits AI Dev Agent for Code Security Datadog achieves ISO 42001 certification for responsible AI Monitor Nutanix clusters, hosts, and VMs with Datadog Monitor Juniper Mist in Datadog A new Host Map for modern infrastructure Annotate traces to improve LLM quality with Datadog LLM Observability What’s new in Cloud SIEM: AI-powered investigations, enhanced threat intelligence, and scalable security operations Explore Kubernetes with native OpenTelemetry data Monitor Oracle Fusion Cloud Applications with Datadog Announcing the Datadog Terraform provider v4.0.0 Scaling Kubernetes workloads on custom metrics How to design cloud environments for AI-powered threat analysis Monitor Aruba Central in Datadog How we centralize and remediate risks with Datadog Case Management Accelerate incident response with Datadog and ServiceNow Monitor your application and network load balancer logs Understanding Karpenter architecture for Kubernetes autoscaling Tools for collecting metrics and logs from Karpenter Monitor Karpenter with Datadog What your product data is actually saying Key metrics for monitoring Karpenter Securing Datadog’s platform in the AI age: The role of observability data Four ways engineering teams use the Datadog MCP Server to power AI agents Approaching your observability migration with the right mindset Meet the new Bits AI SRE: Deeper reasoning, twice as fast Key learnings from the 2026 State of DevSecOps study Use plain English to query your multi-cloud infrastructure in Resource Catalog Simplifying troubleshooting across the user journey with Datadog Synthetic Monitoring Protect your OCI resources with Datadog Cloud Security This Month in Datadog - February 2026 Amazon EC2 security: How misconfigured and public AMIs expand your cloud attack surface Enable end-to-end visibility into your Java apps with a single command Measure and improve mobile app startup performance with Datadog RUM Evaluating our AI Guard application to improve quality and control cost Identify untested code across every level of your codebase Make use of guardrail metrics and stop babysitting your releases Monitor Versa Networks SD-WAN performance in Datadog Improve performance and reliability with APM Recommendations Remediate transitive vulnerabilities faster with Datadog Software Composition Analysis Generate audit-ready vulnerability and compliance reports with Datadog Sheets Monitor Fortinet FortiManager performance in Datadog Improve test coverage across codebases with Datadog Code Coverage Move fast, don’t break things: Consistent testing standards at scale Enrich logs with ServiceNow CMDB context before routing to any SIEM or logging tool Monitor Lustre with Datadog Make faster, better product decisions with Datadog Product Analytics Surface and remediate runtime posture issues with Workload Protection Findings Protect agentic AI applications with Datadog AI Guard How to optimize JavaScript code with CSS Trace Google Pub/Sub workloads in Cloud Run with Datadog Detect human names in logs with ML in Sensitive Data Scanner How we cut our NLQ agent debugging time from hours to minutes with LLM Observability Debug PostgreSQL query latency faster with EXPLAIN ANALYZE in Datadog Database Monitoring Datadog acquires Propolis Unify and correlate frontend and backend data with retention filters Scale compliance across global frameworks with Datadog Cloud Security Monitor Arista VeloCloud SD-WAN performance with Datadog Building reliable dashboard agents with Datadog LLM Observability Simplify log collection and aggregation for MSSPs with Datadog Observability Pipelines Mitigation for Node.js denial-of-service vulnerability affecting Datadog APM Automate flaky test fixes with the Bits AI Dev Agent and Test Optimization How we built an AI SRE agent that investigates like a team of engineers Datadog integrations 2025 recap: Observability for AI, security, and hybrid cloud Design effective executive dashboards with Datadog Implement dbt data quality checks with dbt-expectations Bring faster visibility into AWS Lambda functions with remote instrumentation Troubleshoot faster with the GitLab Source Code integration in Datadog How Cambia Health Solutions saved $30,000 monthly with Cloud Cost Management and the Datadog Resource Catalog Normalize any logs for Cloud SIEM with Datadog's OCSF processor Optimizing Datadog at scale: Cost-efficient observability at Zendesk Detect, diagnose, and resolve network issues easily with CNM Network Health Connect engineering errors to user impact in early-stage products Cilium configuration for Kubernetes operations at scale Designing feedback loops for progressive delivery Ship features faster and safer with Datadog Feature Flags Choosing the right OpenTelemetry Collector distribution Route your monitor alerts with Datadog monitor notification rules Automate Cloud SIEM investigations with Bits AI Security Analyst Cloud threat detection: How to identify risky activity across control and data planes Collecting Kafka performance metrics Monitoring Kafka with Datadog Monitoring Kafka performance metrics
Understanding data lineage
2025-07-09 · via Datadog | The Monitor blog
Aaron Kaplan

Aaron Kaplan

Harel Shein

Harel Shein

Jonathan Morin

Jonathan Morin

Data lineage is the evolutionary history of datasets. More concretely, lineage is metadata that captures the flow and transformation of data in data pipelines, also called the data lifecycle. (Data pipelines, broadly defined, are any sequential data collection, transformation, and delivery processes.) By describing where our data is coming from, where it is going, and what has happened to it along the way, lineage helps us understand the nature of our datasets, enabling us to ensure and troubleshoot data quality, security, and compliance. This visibility is essential to data engineering, governance, business intelligence, and analytics in general. And it is particularly critical given the complexity of modern data pipelines, which are often collaboratively managed by diverse teams with limited knowledge of each other’s operations.

In this post, we’ll cover the fundamentals of data lineage and its role in fostering healthy and secure data ecosystems. In the process, we’ll also cover the basics of OpenLineage, the open source, industry-standard framework for lineage collection.

The importance of lineage

By helping us better understand the abundance of data in our pipelines, lineage helps us foster healthy data ecosystems and strengthen our analytics. The ability to understand and track lineage plays a key role in improving reliability, facilitating data provenance and discovery, and ensuring compliance.

Improving reliability

Ultimately, the reliability of data pipelines comes down to the quality and availability of the data within them: Is the data you need readily accessible? Is it accurate and up to date? These are the basic questions of reliability—questions that many teams must answer on a continual basis.

When it comes to availability, the issue is timely, dependable throughput from data producers. By contrast, how data quality is measured will vary from organization to organization and from team to team. Generally speaking, data quality tests check for things like:

  • Is the volume of our data what we expect it to be?
  • Do the values in each column fall within expected ranges?
  • Are our distributions correct?
  • Do our schemas look right? Are there unexpected or missing columns?
  • Are there higher-than-expected proportions of null values?

When the quality or availability of our data is compromised, we can use lineage to trace the issue to its causes upstream. For example, lineage can help data engineers conduct root cause analysis for pipeline health and performance issues. Let’s say you’re alerted to a job failure in your pipeline—you can use lineage to quickly trace the issue to its source, whether it’s an upstream schema change or faulty aggregation logic. And data analysts can use lineage to verify the accuracy and freshness of their data. Perhaps a misconfiguration in your data platform’s ingest layer causes duplication of records, skewing your metrics. Lineage can help you quickly trace the issue to its source.

By helping us track the flow of our data downstream, lineage can help us stay ahead of such issues. In other words, lineage enables effective impact analysis in pipelines at scale, helping us understand how changes we make to our datasets will affect downstream dependencies in order to prevent adverse effects on data consumers. This makes lineage essential to change management in pipelines at scale.

Facilitating data provenance and discovery

As data travels through pipelines, it transforms and proliferates. Data pipelines generally comprise many stages of filtering, merging, masking, and aggregation. By showing us where our data is coming from and where it has been—in other words, our data provenance—lineage helps us navigate the abundance of data in our pipelines, enabling us to ensure we are deriving the right data from the right layers for our purposes.

For example, let’s say you’re analyzing customer data for your organization and plan to share your findings with a third party. Perhaps your pipeline touches many different tables labeled “customers,” containing data that is produced and consumed for a wide variety of purposes—processed in varying ways, to varying degrees. You can use lineage to ensure that you’re using the right dataset—one that has been scrubbed of spam, artifacts of internal usage, and PII. This brings us to our next topic.

Ensuring compliance

Lineage is often essential to compliance with data regulations. For example, GDPR, HIPAA, BCBS 239, CCPA, and other regulations call for exhaustive records of when and where private data is collected, processed, and shared. Lineage can also be used to verify the correctness of financial records by documenting the end-to-end flow of transactions—facilitating FINRA or SEC audits, for example.

We have established why lineage is important. Let’s move on to the question of how lineage is collected and used in practice.

Lineage in practice

Historically, the process of collecting and correlating lineage metadata has presented major challenges. On top of the complexity of manually instrumenting pipelines and annotating lineage, there is another main problem: among the wide variety of tooling and storage types that comprise the modern data stack, there is no consistent standard for metadata. This has constrained interoperability and necessitated the ad hoc development and maintenance of highly brittle lineage solutions. These siloed projects have entailed the custom instrumentation of every possible type of data processing job, and the development of integrations that break frequently as data sources, schedulers, and processing frameworks change.

OpenLineage is an open source specification for data lineage that was introduced to address these problems. Since its creation in 2020, OpenLineage has become the industry standard for data lineage. Its extensibility enables consistent collection of lineage metadata across a growing number of platforms, with integrations for both producers (e.g., Airflow, Snowflake, BigQuery, Spark, Flink, dbt) and consumers (e.g., Datadog, Marquez) of lineage.

In order to illustrate how lineage works in practice, let’s examine the OpenLineage core model, which distills lineage to its essential components.

Key lineage metadata

The OpenLineage core model is based on a JSON Schema spec that defines three basic types of lineage metadata: datasets, jobs, and runs.

  • Datasets are representations of data.
  • Jobs are reusable data-processing workloads: repeatable, self-contained processes of reading and writing data, such as SQL queries, Spark or Flink jobs, or Python scripts.
  • Runs are specific instances of jobs (at specific times, with specific parameters).

The core model uses consistent naming for jobs (scheduler.job.task—e.g., my_app.execute_insert_into_hive_table.mydb_mytable,) and datasets (instance.schema.table—e.g., prod.mydb.mytable) in order to facilitate the stitching-together of lineage metadata from diverse sources.

In the most general terms, data pipelines are systems in which jobs consume and produce datasets from other datasets in individual runs. In reality, of course, there’s a lot more to it: There are many other important types of lineage metadata, which is why OpenLineage enables the extensibility of its core specification via facets: customizable pieces of metadata that can be attached to jobs, runs, or datasets. Facets enable users to adapt the core specification to their needs without requiring central approval. Facets may capture dataset schemas, stats such as column distributions or null-value counts, job schedules, query plans, and source code, among countless other types of metadata. The key metadata for streaming datasets such as Kafka topics, for example, will look very different from the key metadata for tables in data warehouses or folders in distributed file systems.

Lineage in a typical data platform

To illustrate lineage in action, let’s consider a fairly “typical” data platform. Data platforms generally comprise several layers, often including:

  • An ingest layer, where data comes in.
  • A storage layer, which might comprise a streaming tier as well as an archive or distributed file system tier.
  • A compute layer, which might comprise a streaming compute tier and a batch/ML compute tier.
  • A business intelligence layer.

Our (hypothetical) data platform looks like this:

Lineage collection in a typical data platform.

Here, lineage data from every layer of our platform is collected, stored, and visualized with Datadog and Marquez, which is the reference implementation of the OpenLineage specification. This example also allows us to see the architectural problem solved by OpenLineage.

The advantages of OpenLineage, illustrated.

OpenLineage turns lineage integrations between data pipeline components into a shared effort. Rather than depending on each other for lineage, all data consumers and producers can depend on OpenLineage.

Towards greater data observability

In this post, we’ve examined the role of lineage in fostering the healthy data ecosystems that form the basis of successful analytics. We’ve also discussed the fundamental importance of lineage to data security and compliance. And we’ve demonstrated the critical visibility lineage provides into data pipelines—visibility that can help us ensure the reliability of our data, protect downstream dependencies, and quickly trace issues to their sources upstream. Finally, we’ve seen how the OpenLineage framework can simplify and improve the interoperability of cross-platform lineage.

Stay tuned for an in-depth exploration of how you can use Datadog to explore data lineage. In the meantime, we encourage you to learn more about OpenLineage, Datadog Data Observability, and using Data Streams Monitoring and Data Jobs Monitoring to observe the data lifecycle. If you’re new to Datadog, you can sign up for a 14-day free trial.