LLM Observability Metrics: What to Instrument in Production
Trace the complete user request from product entry point through model calls, retrieval, tools, validation, and final outcome. Metrics tell you that behavior changed; traces show where; evaluations tell you whether the change matters.
The production LLM metric map
Begin with questions an operator must answer during a regression or incident. Emit dimensions that separate model, prompt, retrieval, tool, and product changes without placing raw user content into every metric label.
| Metric family | Measure | Question answered | Useful dimensions |
|---|---|---|---|
| Service reliability | Request count, success, error class, timeout, cancellation, queue delay, and fallback | Is the product path available, and where are requests failing? | Route, environment, release, dependency, and failure stage |
| Latency | End-to-end duration, time to first output, generation duration, retrieval duration, and tool duration | Which stage changed the user wait time? | Model, region, route, prompt version, retriever, and tool |
| Usage and cost | Input and output tokens, model calls, retries, cache use, tool calls, and estimated cost | Which behavior or release changed the operating envelope? | Model, feature, customer tier, release, and cached versus uncached |
| Model response | Finish reason, refusal, empty output, structured-output validation, repair, and fallback | Did the model complete the expected response contract? | Model, prompt version, output schema, and policy version |
| Retrieval | Query count, candidate count, no-result events, rank signals, document age, and citation coverage | Did the system retrieve timely, relevant evidence and use it in the answer? | Index version, retriever version, corpus, tenant boundary, and query class |
| Tools and agents | Tool choice, argument validation, call success, retry, loop depth, state mutation, and stop reason | Did the system act through the intended path and stop safely? | Agent version, tool contract, policy decision, and action class |
| Quality | Task success, rubric scores, evidence support, abstention quality, human correction, and regression category | Did the response solve the user task rather than merely return successfully? | Evaluation version, task type, language, risk tier, and model version |
| Safety and privacy | Policy decisions, blocked actions, injection detections, redactions, sensitive-data events, and human approvals | Did the request stay within the declared boundary? | Policy version, rule, action class, input channel, and review outcome |
| Product outcome | Acceptance, correction, retry, escalation, abandonment, downstream completion, and user feedback | Did the model interaction create the intended product result? | Workflow, cohort, task type, release, and outcome class |
No single metric proves quality. A low error rate can coexist with incorrect answers; a strong evaluation score can coexist with timeouts; a fast response can still invoke the wrong tool. Keep the families joinable through trace identifiers and release metadata.
Design one trace around the user outcome
Create a parent span for the product request, not merely for the model API call. Add child spans for context assembly, retrieval, reranking, model calls, output validation, tool execution, fallback, and downstream state changes. The trace should end only when the user-visible workflow reaches a terminal result.
The OpenTelemetry registry for generative AI attributes provides common telemetry names for model operations. Use the conventions supported by your instrumentation version, record that version, and keep product-specific attributes in a documented namespace rather than overloading standard fields.
Version everything that can change behavior
At minimum, attach the application release, model identifier, prompt or policy version, output schema, retriever and index version, tool contract version, and evaluation version. Without those joins, a dashboard can show a regression while leaving the operator unable to identify what changed.
Separate content capture from operational telemetry
Metrics should use bounded labels, not raw prompts, responses, document text, email addresses, or user IDs. Traces can carry carefully controlled content when the use case permits it, but content capture needs explicit access, retention, redaction, and sampling rules. A safer default is to record hashes, sizes, classifications, and document identifiers while storing sensitive payloads only in an approved diagnostic path.
Join online signals with offline evaluations
Runtime telemetry reveals drift, error clusters, and new task shapes. Evaluations determine whether those changes are acceptable. Sample representative or failed traces into a reviewed evaluation corpus, remove sensitive content, label the failure category, and promote confirmed incidents into regression cases.
Observability failure cases
- The model-call dashboard: provider latency and token usage look healthy while retrieval, validation, or downstream actions fail. Trace the product path, not one dependency.
- Averages without distributions: a small class of very slow or failing requests disappears inside the mean. Inspect distributions and segment by route, model, task, and release.
- Logs without correlation: retrieval, model, and tool events cannot be joined to one user outcome. Propagate trace and run identifiers across every boundary.
- Raw content in metric labels: sensitive data leaks into a high-cardinality system that is expensive to query and hard to govern. Use bounded classifications and protected diagnostic storage.
- Unversioned prompts and indexes: quality changes but the operator cannot identify the behavioral change. Version configuration and data artifacts beside code releases.
- Every anomaly becomes a page: operators learn to ignore alerts that do not map to user impact or an action. The alert signal-to-noise guide shows how to route symptoms to actionable conditions.
- Success means HTTP 200: transport success is mistaken for task success. Join service metrics with evaluations and product outcomes.
A staged implementation sequence
- Map the critical path. Draw the request from user action to terminal product outcome. Name every model, retrieval, tool, validation, and storage boundary that can fail.
- Define the trace contract. Standardize identifiers, span names, timestamps, status, error classes, versions, policy decisions, and resource-usage fields before adding dashboards.
- Instrument boundaries first. Capture start, completion, failure, timeout, cancellation, retry, and fallback at each dependency. Confirm that context propagates across asynchronous work.
- Derive bounded metrics from traces. Build service, latency, usage, retrieval, tool, safety, quality, and product-outcome views with labels that remain stable and queryable.
- Write the content-handling policy. Decide what prompt, response, and retrieved content may be captured, who can read it, how it is redacted, and when it is deleted.
- Connect alerts to actions. Tie service objectives and quality gates to user impact, then document the owner, diagnostic query, fallback, and escalation for each alert. Use the production monitoring checklist to review path coverage.
- Run an incident replay. Starting from one alert, verify that an operator can identify the affected release and stage, inspect a representative trace, determine user impact, and choose rollback, fallback, or further investigation.
Primary and official sources
- OpenTelemetry generative AI attribute registry — official semantic-convention names for generative AI telemetry.
- OpenTelemetry trace concepts — official guidance on traces, spans, parent-child relationships, and context propagation.
- NIST AI Resource Center — official AI risk-management resources connecting measurement, governance, and ongoing monitoring.