By Trifork Security | 529 words | Read time: 3 minutes
OpenTelemetry is a popular open-source observability framework that provides a set of APIs, SDKs, and tools for collecting telemetry data (logs, metrics, and traces) from cloud-native and traditional applications alike. Backed by the Cloud Native Computing Foundation (CNCF), it has become the de facto standard for vendor-neutral instrumentation, helping teams gain deep insights into application performance and behavior.
Its strength lies in its flexibility and community-driven evolution. And now, the ecosystem just got even more powerful.
We are excited to see yet another step forward for the OpenTelemetry ecosystem – this time with the official donation of the OpenTelemetry Injector by Splunk to the open-source community.
If you have been following our blog, you might remember our recent post on how Splunk is embracing openness by releasing key parts of its Observability Cloud instrumentation to the public. That move was a strong signal of the company’s ongoing commitment to open standards and transparent collaboration.
Now, with the OpenTelemetry Injector joining the OpenTelemetry project, that vision becomes even more powerful, especially for teams struggling to implement distributed tracing in complex or sensitive production environments.
A quick recap: Why instrumentation is so painful
Getting distributed tracing up and running in real-world environments often means making changes across dozens (or even hundreds) of services. For many organisations – especially those with legacy systems or tightly regulated environments – that’s a non-starter.
Manual instrumentation is not only time-consuming but also error-prone, particularly when you have multiple teams, stacks, and programming languages involved.
Enter the OpenTelemetry Injector: Zero-Code instrumentation
The new OpenTelemetry Injector is designed to solve exactly that problem. It enables zero-touch, zero-code instrumentation by dynamically injecting the OpenTelemetry agent into running services – without requiring changes to your source code.
Here’s how it works:
- The injector intercepts process invocation (e.g., via systemd on Linux hosts).
- It adds the appropriate environment variables for automatic instrumentation based on the language runtime such as Java, Node.js, .NET, Python, etc.
- Configuration is handled through a file, making it easy to define how and where traces and metrics should be exported.
It supports multiple backends via OTLP, including:
- Splunk Observability Cloud
- Grafana Tempo
- Jaeger
- and any other OTLP-compatible tool
Why this matters: From Brownfield to bright future
What makes this so exciting is its ability to bring observability to “brownfield” environments – the kind where touching production code is either difficult, dangerous, or simply off the table.
For teams managing legacy applications, systems with strict change management policies, or high-security environments, the OpenTelemetry Injector is a game-changer. It enables a controlled, minimal-risk path to achieving distributed tracing across the stack, without waiting for application teams to add instrumentation manually.
Learn More
- Full announcement on the OpenTelemetry blog
- GitHub repository: opentelemetry-injector
- Missed our previous post? Catch up on how Splunk is contributing to open observability standards
At Trifork Security, we believe in building security and observability into your systems from the ground up – but we also know that’s not always possible. Tools like the OpenTelemetry Injector offer a bridge between best practices and the messy reality of complex infrastructure.
Want help figuring out how to use this in your own environment? We’re happy to help.