# SUSE Observability
### Supported Telemetry Types
| Logs | Metrics | Traces |
| ---- | ------- | ------ |
| ✓ | ✓ | ✓ |
### Prerequisites
* SUSE Cloud Observability account or self-hosted SUSE Observability instance deployed
* API key or bearer token for authentication
* Network connectivity from your Bindplane agent to the SUSE Observability endpoint
* For self-hosted deployments, appropriate OTLP endpoints configured in ingress (or in-cluster HTTP access available)
For more information, see the [SUSE Observability documentation](https://documentation.suse.com/cloudnative/suse-observability/).
### Configuration
#### Basic Configuration
| Parameter | Description | Default | Required |
| ------------------------------- | ---------------------------------------------------------------------------------------------------------------------- | ------------------------------------------------------------- | -------- |
| **Environment** | Choose between SUSE Cloud Observability (SaaS) or self-hosted instance | cloud | Yes |
| **Instance Name** (Cloud only) | The instance name from your cloud endpoint (e.g., for `otlp-myinstance.app.stackstate.io`, enter `myinstance`) | — | Yes |
| **Endpoint** (Self-hosted only) | The SUSE Observability endpoint. For in-cluster, use `suse-observability-otel-collector..svc.cluster.local` | `suse-observability-otel-collector.default.svc.cluster.local` | Yes |
| **Protocol** | OTLP protocol (gRPC recommended for better performance) | grpc | Yes |
| **API Key** | Authentication token for SUSE Observability | — | Yes |
#### Advanced Configuration
**TLS Configuration**
| Parameter | Description | Default |
| ------------------------------------- | --------------------------------------------------------------------- | ------- |
| **Enable TLS** | Use TLS for the connection. Enabled by default for cloud deployments | true |
| **Skip TLS Certificate Verification** | Skip server certificate verification (not recommended for production) | false |
| **TLS Certificate Authority File** | Path to CA certificate for server verification | — |
| **Server Name Override** | Virtual hostname for TLS verification | — |
| **Mutual TLS** | Enable client certificate authentication | false |
| **TLS Client Certificate File** | Path to client certificate for mTLS | — |
| **TLS Client Private Key** | Path to client private key for mTLS | — |
**Compression and Headers**
| Parameter | Description | Default |
| --------------------------- | ------------------------------------------------------------------------ | ------- |
| **gRPC Compression** | Compression algorithm for gRPC (none, gzip, snappy, zstd) | gzip |
| **HTTP Compression** | Compression algorithm for HTTP (none, gzip, deflate, snappy, zlib, zstd) | gzip |
| **Additional Headers** | Custom HTTP headers to attach to each request | {} |
| **Path Prefix** (HTTP only) | Optional path prefix for HTTP endpoints | — |
| **Timeout** | Timeout in seconds for sending batches | 30 |
### Supported Retry and Queuing Settings
This destination supports the [retry settings](/configuration/bindplane-otel-collector/retry-on-failure.md), the [sending queue settings](/configuration/bindplane-otel-collector/sending-queue.md), and the [persistent queue settings.](/configuration/bindplane-otel-collector/persistent-queue.md)
| Sending Queue | Persistent Queue | Retry on Failure |
| ------------- | ---------------- | ---------------- |
| ✓ | ✓ | ✓ |
### Configuration Tips
#### Environment and Protocol Selection
* **Cloud vs. Self-hosted**: Use "Cloud" for SUSE Cloud Observability SaaS, or "Self-hosted" for on-premises deployments
* **gRPC vs. HTTP**: gRPC is preferred for higher throughput and larger payloads; use HTTP if behind restrictive firewalls or proxies
* **In-cluster deployments**: For self-hosted instances in the same Kubernetes cluster, use HTTP with insecure mode (disable TLS) and the in-cluster service endpoint
#### Authentication and Security
* API keys must be valid bearer tokens for your SUSE Observability instance
* In production, always enable TLS and provide a CA certificate rather than skipping verification
* Store API keys securely using environment variables or secret management systems
* For mTLS, ensure client certificate and key files are readable by the Bindplane agent process
#### Performance Tuning
* Enable Persistent Queuing for mission-critical telemetry to prevent data loss during outages
* Increase Queue Size (default 5000) if queues consistently fill during traffic spikes
* For high-throughput scenarios, use gRPC with compression (gzip or snappy) to reduce bandwidth
* Monitor queue depth in agent logs to identify bottlenecks
### Troubleshooting
#### Connection Failures
**Symptoms**: Connection timeout or "connection refused" errors
**Solutions**:
* Verify the instance name or endpoint is correct and reachable from your network
* Confirm API key is valid and not expired
* For self-hosted, ensure OTLP ingress is configured or HTTP service is accessible
* Test network connectivity: `telnet ` (4317 for gRPC, 4318 for HTTP)
#### TLS and Certificate Errors
**Symptoms**: "certificate verify failed" or "x509: certificate signed by unknown authority"
**Solutions**:
* Verify CA certificate path exists and is readable by the agent process
* Check certificate validity with `openssl x509 -in -noout -dates`
* For self-signed certificates, ensure the CA certificate is provided
* Temporarily disable certificate verification only for testing (set Skip TLS Certificate Verification to `true`)
#### Authentication Failures
**Symptoms**: "401 Unauthorized" or "unauthenticated" errors
**Solutions**:
* Confirm API key is correct and has not been revoked
* Verify the bearer token scheme is properly configured
* Ensure credentials are transmitted only over TLS (never HTTP)
* Check that the API key is properly formatted and does not contain extra whitespace
### Related Resources
* [SUSE Observability Documentation](https://documentation.suse.com/cloudnative/suse-observability/)
* [SUSE Observability OTLP Configuration](https://documentation.suse.com/cloudnative/suse-observability/latest/en/setup/otel/otlp-apis.html)
* [Retry and Queuing Configuration](https://docs.bindplane.com/configuration/bindplane-otel-collector/retry-and-queueing)
---
# Agent Instructions: Querying This Documentation
If you need additional information that is not directly available in this page, you can query the documentation dynamically by asking a question.
Perform an HTTP GET request on the current page URL with the `ask` query parameter:
```
GET https://docs.bindplane.com/integrations/destinations/suse-observability.md?ask=
```
The question should be specific, self-contained, and written in natural language.
The response will contain a direct answer to the question and relevant excerpts and sources from the documentation.
Use this mechanism when the answer is not explicitly present in the current page, you need clarification or additional context, or you want to retrieve related documentation sections.