Navigating between cluster resources and observable signals.

Overview

Observable resources produce many kinds of signal - logs, metrics, traces, alerts and others. Each type of signal can have its own distinct data model, naming conventions, query language, and storage. This makes it difficult to navigate relationships between cluster resources and the signals they generate.

Korrel8r is a rule based correlation engine, with an extensible rule set, that can navigate
↳ many types of signal and resource data
↳ using diverse schema, data models and naming conventions
↳ queried using diverse query languages
↳ stored in multiple stores with diverse query APIs

Each type of signal or resource is represented by a domain . Korrel8r can be extended to handle new signals and resources by adding new domains.

Relationships within and between domains are expressed as rules.

Korrel8r generates logical relationship graphs that are intended to be processed or displayed by other tools. There is a brief video demo. In the video, Korrel8r is generating the graphs that are shown in the panel on the right hand side.

The OpenTelemetry project defines a standard vocabulary for describing several types of signal. Korrel8r works with OpenTelemetry but does not require it. See About OpenTelemetry for more.

About domains

A korrel8r domain represents one type of signal or resource. Available domains are described in the Domain Reference.

Each domain defines the following abstractions, allowing Korrel8r to treat domains uniformly:

Object

A data type representing an instance of the domain’s signal or resource, for example a log record or a serialized Kubernetes resource. Korrel8r does not distinguish between signals and resources, they are correlated in the same way.

Store

A service that can be queried for objects. A domain provides one or more types of store. Each store represents a storage service like the Kubernetes API server, Prometheus, Loki or others.

Class

A named class of objects represented by the same data structure. A class name is a string of the form domain:class. Many domains have only one class, for example trace:span. Others have multiple classes. The k8s domain domain has a class for each kind of kubernetes resource, for example k8s:Pod and k8s:DaemonSet

Query

A string of the form domain:class:selector which selects a set of objects from a store. Korrel8r does not define a query language, selectors use the native query language of the store. For example, a trace domain query ussing TraceQL:
trace:span:{.kubernetes.namespace.name="foobar"}

About rules

Rules express relationships between classes, possibly in different domains.

Rules are templates that generate a goal query using data from a start object. The start and goal can be different classes, possibly from different domains. If a rule cannot be applied to an object it may return a blank string, or raise an error.

The set of rules forms a graph connecting all the classes of data that korrel8r knows about. Korrel8r works by traversing this graph: applying rules to some initial objects, executing the resulting queries, retrieving more objects and so on.

There are two types of search:

Goal search

Given a set of start objects and a goal class: find all paths from the start objects to objects in the goal class.

Neighbourhood search

Given a set of start objects and a depth N: find all objects reachable from the start objects in N steps or less.

About OpenTelemetry

The OpenTelemetry project (OTEL) defines a standard vocabulary for traces, metrics, and logs. The Korrel8r trace domain domain uses OTEL attributes, other OTEL-based domains may be added future.

As OTEL is adopted, it will provide a more consistent vocabulary for Korrel8r rules, but it does not replace Korrel8r:

  • There are still widely-deployed systems that do not use OTEL conventions. Korrel8r can bridge between OTEL and non-OTEL systems.

  • OTEL, by itself, does not provide any mechanism for describing or navigating relationships between signals and resources.

  • OTEL does not standardize query languages or store APIs, even for OTEL-compliant systems.

  • Korrel8r handles resource and signal types that are not included (yet) in the OTEL specification. For example k8s:Event or netflow:network events.

Running Korrel8r

Korrel8r usually runs as a cluster service with a REST API. It is used as a back-end for tools that display correlation results. For example, the Red Hat OpenShift console uses Korrel8r to implement its {troubleshoopting-panel}[troubleshooting panel].

It can also be run from the command line for development and testing.

See Configuration for details of configuring Korrel8r.

Korrel8r uses a Bearer Token to authenticate itself to stores.
When run as a server, it impersonates the client by copying the token from the incoming REST request.
On the command line it uses the current kubectl login, so you need to be logged in to the cluster.

In-cluster service

The Red Hat Cluster Observability Operator automatically installs and configures korrel8r on a Red Hat OpenShift cluster.

For testing and development you can also:

Deploy the latest from github.
oc apply -k github.com/korrel8r/korrel8r/config/?version=main
Deploy version X.Y.Z from github.
oc apply -k github.com/korrel8r/korrel8r/config/?version=vX.Y.Z
Use community operator from OperatorHub, look for

Korrel8r Community Tile

To connect to your service from outside the cluster, you can expose it with an 'ingress' or 'route'.

Create a korrel route on Red Hat OpenShift
oc apply -k github.com/korrel8r/korrel8r/config/route?version=main
HOST=$(oc get route/korrel8r -n korrel8r -o template={{.Spec.Host}}

You can use the Clients to test your service at $HOST.

Out-of-cluster service

Korrel8r can run outside the cluster, using routes or ingress URLs to connect to observability stores inside the cluster. This can be useful for development and testing.

Install korrel8r command
go install github.com/korrel8r/korrel8r/cmd/korrel8r@latest

Run korrel8r --help to get command line help.

Download configuration for a Red Hat OpenShift cluster.
curl -o korrel8r.yaml  https://raw.githubusercontent.com/korrel8r/korrel8r/main/etc/korrel8r/openshift-route.yaml
Run as a service outside the cluster on localhost port 8080, with informational logging.
korrel8r -v2 --config korrel8r.yaml web --http=localhost:8080

See Clients for ways to test your service at http://localhost:8080.

Clients

Once the Korrel8r service is running, there are several ways you can interact with the REST API.

  • Command line client korrel8rcli.

  • Use a generic REST request tool like {https://curl.se/[curl]}

All of the clients require a Bearer Token to authenticate with the cluster.
If you are logged in to a Red Hat OpenShift cluster you can find your bearer token like this:

oc whoami -t

korrel8rcli

korrel8rcli is a simple command-line client of the Korrel8r service. It is intended for development and experimentation. In production korrel8r normally functions as a back-end for a console or other visualization or analysis tool.

Install korrel8rcli
go install github.com/korrel8r/client/cmd/korrel8rcli@latest

Run korrel8rcli --help to get command line help.

If you are logged on to a cluster, korrel8rcli will automatically use your bearer token. You can also specify a token explicitly with the --bearer-token option.

In the following examples, replace http://korrel8r.example with the URL for your korrel8r service.

Domains
Get the list of domains and store status.
korrel8rcli -u http://korrel8r.example domains
Example output
- name: alert
  stores:
  - alertmanager: https://alertmanager-main.openshift-monitoring.svc:9094
    certificateAuthority: /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
    domain: alert
    metrics: https://thanos-querier.openshift-monitoring.svc:9091
- name: k8s
  stores:
  - domain: k8s
- name: log
  stores:
  - certificateAuthority: /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
    domain: log
    lokiStack: https://logging-loki-gateway-http.openshift-logging.svc:8080
- name: metric
  stores:
  - certificateAuthority: /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
    domain: metric
    metric: https://thanos-querier.openshift-monitoring.svc:9091
- name: mock
  stores: null
- name: netflow
  stores:
  - certificateAuthority: /var/run/secrets/kubernetes.io/serviceaccount/service-ca.crt
    domain: netflow
    lokiStack: https://loki-gateway-http.netobserv.svc:8080
Neighbours
Get the neighbours graph of the korreler deployment
korrel8rcli -o json neighbours http://korrel8r.example --query 'k8s:Deployment:{namespace: korrel8r}'
Output is a JSON-encoded graph.
{"edges":[{"goal":"k8s:Pod/v1","start":"k8s:Deployment.apps/v1"},...
 "nodes":[{"class":"log:application","count":15,"queries":[...
Web browser
This tool is experimental, it may change or be dropped in future.
Run a web server to vizualize results.
korrel8rcli web -u http://korrel8r.example --addr :9090
View results in a browser.

Open localhost:9090 in a web browser. You can type a korrel8r query in the Start box, and a numeric depth (for neighbours) or korrel8r class name (for goal search). You should see a graph of the correlations, like this.

Screenshot
Figure 1. Example graph.

Using curl

You can use a generic REST client like {https://curl.se/[curl]} to interact with korrel8r.

You must provide a bearer token, for example:

curl --oauth2-bearer $(oc whoami -t) http://localhost:8080/api/v1alpha1/domains

Red Hat Openshift troubleshooting panel

Troubleshooting

You can increase the verbosity of korrel8r logging at run time using the config API.
Using korrel8rcli
korrel8rcli config --set-verbose=9
Using curl
curl --oauth2-bearer $(oc whoami -t) -X PUT http://localhost:8080/api/v1alpha1/config?verbose=9

Configuration

Korrel8r loads configuration from a file or URL specified by the --config option:

korrel8r --config <file_or_url>

The Korrel8r project provides example configuration files. You can download them or use them directly via URL.

openshift-route.yaml

Run korrel8r outside the cluster, connect to stores via routes:

openshift-svc.yaml

Used to run korrel8r as an In-cluster service, connect to stores via service URLs.

The configuration is a YAML file with the following sections:

include

Other configuration fragments to include.
include:
  - "path_or_url"

stores

Connections to data stores.
stores:
  - domain: "domain_name" (1)
    # Domain-specific fields (2)
1 Domain name of the store (required).
2 Domain-specific fields for connection parameters. See Domain Reference.

Every entry in the stores section has a domain field to identify the domain. Other fields depend on the domain, see Domain Reference.

Store fields may contain templates that expand to URLs.

Example: configuring a store URL from an Openshift Route resource.
stores:
  - domain: log
    lokiStack: <-
      {{$r := get "k8s:Route.route.openshift.io/v1:{namespace: openshift-logging, name: logging-loki}" -}} (1)
      https://{{ (first $r).Spec.Host -}} (2)
1 Get a list of routes in "openshift-logging" named "logging-loki".
2 Use the .Spec.Host field of the first route as the host for the store URL.

rules

Rules to relate different classes of data.
rules:
  - name: "rule_name" (1)
    start: (2)
      domain: "domain_name"
      classes:
        - "class_name"
    goal: (3)
      domain: "domain_name"
      classes:
        - "class_name"
    result:
      query: "query_template" (4)
1 Name identifies the rule in graphs and for debugging.
2 Start objects for this rule must belong to one of the classes in the domain.
3 Goal queries generated by this rule may must retrieve one of the classes in the domain.
4 Result queries are generated by executing the query {go-template}` with the start object as context.

Korrel8r comes with a comprehensive set of rules by default, but you can modify them or add your own.

A rule has the following key elements:

  • A set of start classes. The rule can apply to objects belonging to one of these classes.

  • A set of goal classes. The rule can generate queries for any of these classes.

  • A Go template to generate a goal query from a start object.

The query template should generate a string of the form:

<domain-name>:<class-name>:<query-details>

The query-details part depends on the domain, see Domain Reference

aliases

Short-hand alias names for groups of classes.
aliases:
  - name: "alias_name" (1)
    domain: "domain_name" (2)
    classes: (3)
      - "class_name"
1 Alias name can be used in rule definitions wherever a class name is allowed.
2 Domain for classes in this alias.
3 Classes belonging to this alias.

About Templates

Korrel8r rules and store configuration can include Go templates.

This is the same templat syntax as the kubectl command with the --output=template option.

Korrel8r provides additional template functions to simplify writing rules and configurations:

  • The sprig library of general purpose template functions is always available.

  • Some domains (for example the k8s domain) provide domain-specific functions, see the Domain Reference.

  • The following function is available for store configurations:

    query

    Takes a single argument, a korrel8r query string. Executes the query and returns the result as a []any. May return an error.

    Example: Query the k8s cluster for a route, extract the "host" field.
    {{(query "k8s:Route.route.openshift.io:{namespace: netobserv, name: loki}" | first).spec.host}}

Domain Reference

Reference details for the for the classes, objects, queries and stores of each available domain.

alert domain

Domain alert provides Prometheus alerts, queries and access to Thanos and AlertManager stores.

Class

There is a single class alert:alert.

Object

An alert object is represented by this Go type. Rules starting from an alert should use the capitalized Go field names rather than the lowercase JSON names. Object

Query

A JSON map of string names to string values, matched against alert labels, for example:

alert:alert:{"alertname":"KubeStatefulSetReplicasMismatch","container":"kube-rbac-proxy-main","namespace":"openshift-logging"}

To query mutiple alerts at the same time, it’s possible to provide an array of maps:

alert:alert:[{"alertname":"alert1"},{"alertname":"alert2"}]

Store

A client of Prometheus and/or AlertManager. Store configuration:

domain: alert
metrics: PROMETHEUS_URL
alertmanager: ALERTMANAGER_URL

Either or both of metrics or alertmanager may be present.

Query

Query is a map of label name:value pairs for matching alerts, serialized as JSON.

See Go documentation for Query

Object

Object contains alert data, passed as *Object when used as a korrel8r.Object.

See Go documentation for Object

incident domain

Domain incident provides mapping to https://github.com/openshift/cluster-health-analyzer incidents.

Class

There is a single class incident:incident.

Object

An incident object contains id and mapping to the sources (alert is the only supported source type at the moment).

Query

One can query the incident by its id.

incident:incident:{"id":"id-of-the-incident"}

It’s also possible to provide labels from an alert to get a corresponding incident.

incident:incident:{"alertLabels":{
 "alertname":"AlertmanagerReceiversNotConfigured",
 "namespace":"openshift-monitoring"}}

Store

A client of Prometheus. Store configuration:

domain: incident
metrics: PROMETHEUS_URL

Query

See Go documentation for Query

Object

Object contains incident data, passed as *Object when used as a korrel8r.Object.

See Go documentation for Object

k8s domain

Domain k8s implements Kubernetes resources stored in a Kube API server.

Store

The k8s domain automatically connects to the current cluster (as determined by kubectl), no additional configuration is needed.

 stores:
	  domain: k8s

Template Functions

The following template functions are available to rules.

k8sClass
    Takes string arguments (apiVersion, kind).
    Returns the korrel8r.Class implied by the arguments, or an error.

Query

Query struct for a Kubernetes query.

Example:

k8s:Pod.v1:{"namespace":"openshift-cluster-version","name":"cluster-version-operator-8d86bcb65-btlgn"}

See Go documentation for Query

Object

Object represents a kubernetes resource as a map, map keys are serialized field names. Rule templates should use the JSON (lowerCase) field names, NOT the UpperCase Go struct field names.

See Go documentation for Object

log domain

Domain log is a domain for openshift-logging ViaQ logs stored in Loki or LokiStack.

Class

There are 3 classes corresponding to the 3 openshift logging log types:

log:application
log:infrastructure
log:audit

Object

A log object is a JSON map\[string]any in ViaQ format.

Query

A query is a LogQL query string, prefixed by the logging class, for example:

log:infrastructure:{ kubernetes_namespace_name="openshift-cluster-version", kubernetes_pod_name=~".*-operator-.*" }

Store

To connect to a lokiStack store use this configuration:

domain: log
lokistack: URL_OF_LOKISTACK_PROXY

To connect to plain loki store use:

domain: log
loki: URL_OF_LOKI

Copyright: This file is part of korrel8r, released under https://github.com/korrel8r/korrel8r/blob/main/LICENSE

Template Functions

logTypeForNamespace
    Takes a namespace string argument.
    Returns the log type ("application" or "infrastructure") of a container in the namespace.

logSafeLabel
    Convert the string argument into a  safe label containing only alphanumerics '_' and ':'.

Query

Query is a LogQL query string

See Go documentation for Query

Object

Object is a map in Viaq format.

See Go documentation for Object

metric domain

package metric represents Prometheus metric time-series as objects.

Class

There is only one class: metric:metric

Object

A Metric is a time series identified by a label set. Korrel8r does not consider load the sample data for a time series, or use it in rules. If a korrel8r search time constraints, then metrics that have no values that meet the constraint are ignored.

Store

Prometheus is the store, store configuration:

domain: metric
metric: URL_OF_PROMETHEUS

Query

Query is a PromQL query string.

Korrel8r uses metric labels for correlation, it does not use time-series data values. The PromQL query is analyzed to identify series it uses, labels of those series are used for correlation.

See Go documentation for Query

Object

See Go documentation for Object

netflow domain

Domain netflow is a domain for network observability flow events stored in Loki or LokiStack.

Class

There is a single class netflow:network

Object

A log object is a JSON map\[string]any in NetFlow format.

Query

A query is a LogQL query string, prefixed by netflow:network:, for example:

netflow:network:{SrcK8S_Type="Pod", SrcK8S_Namespace="myNamespace"}

Store

To connect to a netflow lokiStack store use this configuration:

domain: netflow
lokistack: URL_OF_LOKISTACK_PROXY

To connect to plain loki store use:

domain: netflow
loki: URL_OF_LOKI

Query

Query is a LogQL query string

See Go documentation for Query

Object

Object is a map holding netflow entries

See Go documentation for Object

otellog domain

Domain otellog is a domain for openshift-logging OTLP logs stored in Loki or LokiStack.

Class

There are 3 classes corresponding to the 3 openshift logging log types:

otellog:application
otellog:infrastructure
otellog:audit

Object

A otellog object is a JSON map\[string]any in ViaQ format.

Query

A query is a LogQL query string, prefixed by the logging class, for example:

otellog:infrastructure:{ kubernetes_namespace_name="openshift-cluster-version", kubernetes_pod_name=~".*-operator-.*" }

Store

To connect to a lokiStack store use this configuration:

domain: otellog
lokistack: URL_OF_LOKISTACK_PROXY

To connect to plain loki store use:

domain: otellog
loki: URL_OF_LOKI

Query

Query is a LogQL query string

See Go documentation for Query

Object

Object represents an OpenTelemetry log

See Go documentation for Object

podlog domain

Domain podlog provides direct access to Kubernetes Pod logs via the Kube API-server.

Logs are returned in OTEL format.

Store

The store is the Kube API server itself, providing direct access to live pod log files. Logs are not guaranteed to be persisted after a pod is destroyed. No parameters are required, a podlog store automatically connects using Kube configuration.

domain: podlog

Query

Query has the same fields as a k8s.Query with and additional 'containers' field.

See Go documentation for Query

Object

See Go documentation for Object

trace domain

Domain trace implements OpenTelemetry traces stored in the Grafana Tempo data store.

Store

The trace domain accepts an optional "tempostack" field with a URL for tempostack. If absent, connect to the default location for the trace store on an Openshift cluster.

stores:
  domain: trace
  tempostack: "https://url-of-tempostack"

Query

Query selector has two forms: a TraceQL query string, or a list of trace IDs.

A TraceQL query selects spans from many traces that match the query criteria. Example:

`trace:span:{resource.kubernetes.namespace.name="korrel8r"}`

A trace-id query is a list of hexadecimal trace IDs. It returns all the spans included by each trace. Example:

`trace:span:a7880cc221e84e0d07b15993358811b7,b7880cc221e84e0d07b15993358811b7

See Go documentation for Query

Object

Object represents an OpenTelemetry span

A trace is simply a set of spans with the same trace-id. There is no explicit class or object representing a trace.

See Go documentation for Object

Korrel8r REST API

Introduction

Generate graphs showing correlations between resources and observability signals in a cluster.

Endpoints

Configure

setConfig

PUT /config

Change configuration settings at runtime.

Description

Modify selected configuration settings (e.g. log verbosity) on a running service.

Parameters
Query Parameters
Name Description Required Default Pattern

verbose

Verbose setting for logging.

-

null
Return Type

-

Responses
Table 1. HTTP Response Codes
Code Message Datatype

200

OK

<<>>
Samples

Correlate

graphGoals

POST /graphs/goals

Create a correlation graph from start objects to goal queries.

Description

Specify a set of start objects, as queries or serialized objects, and a goal class. Returns a graph containing all paths leading from a start object to a goal object.

Parameters
Body Parameter
Name Description Required Default Pattern

request

Search from start to goal classes. Goals

X
Query Parameters
Name Description Required Default Pattern

options

-

null
Return Type

Graph

Content Type

  • application/json

Responses
Table 2. HTTP Response Codes
Code Message Datatype

200

OK

Graph

206

interrupted, partial result

Graph

400

invalid parameters

Error

404

result not found

Error
Samples
graphNeighbours

POST /graphs/neighbours

Create a neighbourhood graph around a start object to a given depth.

Description

Specify a set of start objects, as queries or serialized objects, and a depth for the neighbourhood search. Returns a graph of all paths with depth or less edges leading from start objects.

Parameters
Body Parameter
Name Description Required Default Pattern

request

Search from start for neighbours. Neighbours

X
Query Parameters
Name Description Required Default Pattern

options

-

null
Return Type

Graph

Content Type

  • application/json

Responses
Table 3. HTTP Response Codes
Code Message Datatype

200

OK

Graph

206

interrupted, partial result

Graph

400

invalid parameters

Error

404

result not found

Error
Samples
listGoals

POST /lists/goals

Create a list of goal nodes related to a starting point.

Description

Specify a set of start objects, as queries or serialized objects, and a goal class. Returns a list of all objects of the goal class that can be reached from a start object.

Parameters
Body Parameter
Name Description Required Default Pattern

request

search from start to goal classes Goals

X
Return Type

array[Node]

Content Type

  • application/json

Responses
Table 4. HTTP Response Codes
Code Message Datatype

200

OK

List[Node]

400

invalid parameters

Error

404

result not found

Error
Samples

Query

listDomains

GET /domains

Get the list of correlation domains.

Description

Returns a list of Korrel8r domains and the stores configured for each domain.

Parameters
Return Type

array[Domain]

Content Type

  • application/json

Responses
Table 5. HTTP Response Codes
Code Message Datatype

200

OK

List[Domain]

400

invalid parameters

Error

404

result not found

Error
Samples
query

GET /objects

Execute a query, returns a list of JSON objects.

Description

Execute a single Korrel8r 'query' and return the list of serialized objects found. Does not perform any correlation actions.

Parameters
Query Parameters
Name Description Required Default Pattern

query

Query string.

X

null

/:[^:]:[^:]+/
Return Type

[List]

Content Type

  • application/json

Responses
Table 6. HTTP Response Codes
Code Message Datatype

200

OK

List[[AnyType]]

400

invalid parameters

Error

404

result not found

Error
Samples

Models

Constraint

Constrains the objects that will be included in search results.

Field Name Required Nullable Type Description Format

start

Date

Ignore objects with timestamps before this start time.

date-time

end

Date

Ignore objects with timestamps after this end time.

date-time

limit

Integer

Limit total number of objects per query.

timeout

String

Give up on requests to data stores if they take longer than this duration.

duration

Domain

Domain configuration information.

Field Name Required Nullable Type Description Format

name

X

String

Name of the domain.

stores

List of Store

Stores configured for the domain.

Edge

Directed edge in the result graph, from Start to Goal classes.

Field Name Required Nullable Type Description Format

start

X

String

Class name of the start node.

goal

X

String

Class name of the goal node.

rules

List of Rule

Set of rules followed along this edge.

Error

Error result containing an error message.

Field Name Required Nullable Type Description Format

error

X

String

Error message.

Goals

Starting point for a goals search.

Field Name Required Nullable Type Description Format

goals

X

List of [string]

Goal classes for correlation.

start

X

Start

Graph

Graph resulting from a correlation search.

Field Name Required Nullable Type Description Format

edges

List of Edge

List of graph edges.

nodes

List of Node

List of graph nodes.

GraphOptions

Options controlling the form of the returned graph.

Field Name Required Nullable Type Description Format

rules

Boolean

Include rule names in graph edges.

zeros

Boolean

Include queries that returned no results.

Neighbours

Starting point for a neighbours search.

Field Name Required Nullable Type Description Format

depth

X

Integer

Max depth of neighbours graph.

start

X

Start

Node

Node in the result graph, contains results for a single class.

Field Name Required Nullable Type Description Format

class

X

String

Full class name

count

Integer

Number of results for this class, after de-duplication.

queries

List of QueryCount

Queries yielding results for this class.

QueryCount

Query with number of results.

Field Name Required Nullable Type Description Format

count

Integer

Number of results, omitted if the query was not executed.

query

X

String

Query for correlation data.

Rule

Rule is a correlation rule with a list of queries and results counts found during navigation.

Field Name Required Nullable Type Description Format

name

X

String

Name is an optional descriptive name.

queries

List of QueryCount

Queries generated while following this rule.

Start

Start identifies a set of starting objects for correlation.

Field Name Required Nullable Type Description Format

class

String

Class of starting objects and queries.

constraint

Constraint

Constrain the objects that will be returned.

objects

List of [map]

Objects serialized as JSON.

queries

List of [string]

Queries for starting objects

Store

Store is a map string keys and values used to connect to a store.

Field Name Required Nullable Type Description Format

Glossary

The terms used to discuss observability often have slightly different meanings in different contexts. This glossary clarifies how Korrel8r uses common terms.

OpenTelemetry means the definition matches how OpenTelemetry uses the term.
icon means the term has a specific meaning for Korrel8r.
class

icon See Overview

data model

OpenTelemetry Describes the data in a signal as a set of named fields. For example a log record might have a "body" field containing the original message, and a "timestamp" field containing the time it was produced.

domain

icon See About domains

object

icon See See Overview

query

icon See About domains

resource

OpenTelemetry A source of observable signals. Resources include nodes, pods, hosts and other entities that are described by signals. rule::icon See About rules

signal

icon A single data-item generated by some observable resource, for example a log record, cluster event, or metric time-series.

store

icon Has a special meaning for Korrel8, see Overview