In the previous post, we covered some of the frameworks accessible by kernel extensions that provide information about file system, process, and network events. These frameworks included the Mandatory Access Control Framework, the KAuth framework, and the IP/socket filter frameworks. In this post, we will go into the various tips and tricks that can be used in order to obtain even more information regarding system events.
Today’s business needs make it virtually impossible to function without relying on an extensive network of partners and third-party providers. An IBM study found that 70 percent of businesses were looking to increase their external partnerships.
Happy New Year! We’re starting 2020 by sharing some exciting news. Today we announced that LogicMonitor has acquired Unomaly, an AIOps-centric logs analytics company headquartered in Stockholm! Unomaly’s technology focuses on the automatic detection of log anomalies to support fast, accurate root cause analysis in complex IT environments.
This year at BSidesDFW, my local security conference, I highlighted a continuing trend of adversaries using open source offensive tools. The talk reviewed one of these post-exploitation frameworks named Koadic and walked through different ways defenders can build behavioral detections through the use of Event Query Language (EQL).
We're happy to announce an initial alpha release of a new Rust client for Elasticsearch! You can find it on crates.io with the crate name elasticsearch and dive into the documentation to get started.
“If you can’t measure something to get results, you can’t possibly get better at it. Worse yet, you won’t know what you should be focusing on,” says Dennis Brazil, Sr. Engineering Manager, SRE Monitoring at PayPal. Brazil and his team needed a scalable end-to-end host monitoring solution to keep pace with the company’s infrastructure modernization to a container-based architecture.
2019 was a great year for InfluxData. But before I get into the details, I need to emphasize that none of this was possible without the incredible open source community around InfluxDB, the customers that rely on our products, and the investors that believe in our team.
Redis is an extremely fast NoSQL data store. While it is used mainly as a cache, it can be applied to uses as diverse as graph representation and search. Client libraries are available in all of the major programming languages, and it is provided as a managed service by all of the top cloud service providers. For the past three years, Redis has been named the most loved database by the Stack Overflow Developer Survey.
As part of Elasticsearch 7.5.0, we introduced a couple of ways to control the index age math that’s used by index lifecycle management (ILM) for phase timings calculations using the origination_date index lifecycle settings. This means you can now tell Elasticsearch how old your data is, which is pretty handy if you’re indexing data that’s older than today-days-old.
