Operations | Monitoring | ITSM | DevOps | Cloud

We have been busy adding new features to our growing list of abilities. Logz.io Cloud SIEM is no exception. Throughout 2020 we have been enriching our security incident and event management tool, refining threat intelligence, adding new dashboards, and improving the user experience to ensure there’s an eagle’s-eye view of the security challenges that organizations face. Here are a few of those updates that we have recently put to production.

It is tempting to consider logging as a simple, solved problem. We write a log, check our file and, boom, we’ve cracked it. Yet those of us who have sat up at three in the morning, trawling through log files over an unreliable SSH connection, know that this is simply not enough. As your system scales, so too must the sophistication of your tooling. Your logging best practices must be scalable and ready to support your efforts.

We recently adopted NodeBB as our software of choice for building the Netdata Community. We have many good reasons for why we wanted to provide our community with a proper home online, but I wanted to cover some of the technical reasons for choosing NodeBB for our platform, and the many parallels between the NodeBB and Netdata projects, which was certainly a driving force behind this decision.

You’re ingesting 20,000 data points a second, in 400,000 metrics, from thousands of AWS instances – and your monitoring can’t handle the load. You need a scalable, highly-available monitoring and dashboarding solution (and you need it yesterday). Should you do it yourself with an in-house Graphite or Prometheus monitoring system? Or will you skip the headache and choose a hosted service like MetricFire?

While working from home is the new normal, communicating and collaborating virtually hasn't become any easier. And for developers, being productive while at home has its own set of challenges (we're thinking of things like figuring out how to pair program over Zoom or how to make do with only a single monitor). In times like this, our engineering team has been relying on one short-cut towards productivity: the Bitbucket Cloud bot for Slack.

When COVID-19 hit in the spring and schools quickly transitioned to remote learning, we saw in real-time how important IT departments in education are. It was IT’s quick thinking that helped administrators, teachers, and students continue in their learning environments. Now that the ‘20-’21 school year is ramping up, it’s important that IT leaders in education continue on the path to success and plan for the expected and unexpected.

The growth of Kubernetes has been stellar and K8s applications have grown in importance and complexity. Today, even configuring a single application can require creating many interdependent K8s sources that each depend on writing a detailed YAML manifest file. With this in mind, Helm as a package manager for Kubernetes is a major way users can make their K8s configurations reusable.

Curious how to get data flowing from your Go application into Honeycomb using OpenTelemetry? This guide will help you step by step through adding OpenTelemetry into your web service and sending the data to Honeycomb.

Last month, members of the Elastic Security team hosted a threat hunting capture the flag (CTF) event at BSides SATX. We provided the community with an environment to learn and practice threat hunting with our team, and cultivated new relationships with attendees. By sharing information with security practitioners, we can help prepare them to defend their organization’s data from attack through knowledge transfer.

Persistence is effectively the ability of the attacker to maintain access to a compromised host through intermittent network access, system reboots, and (to a certain degree) remediation activities. The ability of an attacker to compromise a system or network and successfully carry out their objectives typically relies on their ability to maintain some sort of persistence on the target system/network.