Operations | Monitoring | ITSM | DevOps | Cloud

Visualizing observability with Kibana: Event rates and rate of change in TSVB

When working with observability data, a good portion of it comes in as time series data — things like CPU or memory utilization, network transfer, even application trace data. And the Elastic Stack offers powerful tools within Kibana for time series analysis, including TSVB (formerly Time Series Visual Builder). In this blog post, I’m going to attempt to demystify rates in TSVB by walking through three different types: positive rates, rate of change, and event rates.

How to design your Elasticsearch data storage architecture for scale

Elasticsearch allows you to store, search, and analyze large amounts of structured and unstructured data. This speed, scale, and flexibility makes the Elastic Stack a powerful solution for a wide variety of use cases, like system observability, security (threat hunting and prevention), enterprise search, and more. Because of this flexibility, effectively architecting your deployment’s data storage for scale is incredibly important.

Virtual safety: How to teach your kids cybersecurity best practices

Confession: I am a security practitioner. I am also a mom. What I am not is a homeschool teacher. Earlier this year, I spoke to the 5th- and 6th-grade classes at my son’s Innovation Day about cybersecurity. I discussed what it means to be a cybersecurity practitioner and how the practice of cybersecurity affects everyday life.

Generating MITRE ATT&CK® signals in Elastic SIEM: Sysmon data

Many mature security teams look to the MITRE ATT&CK® matrix to help improve their understanding of attacker tactics, techniques, and procedures (TTPs) and to better understand their own capabilities relative to these common adversarial approaches. With the release of Elastic Security 7.6, Elastic SIEM saw 92 detection rules for threat hunting and security analytics aligned to ATT&CK.

Elastic Cloud Enterprise 2.5: Dedicated coordinating layer, snapshot lifecycle management, and more

We’re excited to announce the release of Elastic Cloud Enterprise (ECE) 2.5! This release improves the experience of managing your deployments with a dedicated coordinating layer, support for snapshot lifecycle management (SLM), and more.

Finding a home (and career) in the open source community

Open source software development can have a reputation for abrasive behavior. The search community is a clear counterexample for me, with a culture that emphasizes respect and acceptance. This culture played an important part in my own path to open source development. A little over six years ago, I was a wide-eyed software engineer settling into my first full-time job.

Searching Microsoft's cloud productivity suite with Elastic Workplace Search

If your organization is like virtually every other in the world (including ours!), you use a mix of Microsoft products in your productivity stack, possibly including SharePoint, Office 365 and OneDrive. But you probably also rely on a variety of other applications, maybe even mingling in “competing” tools like G Suite or Dropbox, in addition to complementary tools like Zendesk or GitHub.

Ingram Micro chooses Elastic to bolster search, sales on ecommerce site

Ingram Micro is a Fortune 100 company with $50 billion plus in revenue and operating in 56 countries. As the global leader in delivering technology and supply chain services to businesses, Ingram Micro touches about 80% of all high tech products sold around the world. Andre Dykhno, Head of Product for Global ecommerce, says ecommerce has been a large contributing factor to Ingram Micro’s modern day successes.

Adversary tradecraft 101: Hunting for persistence using Elastic Security (Part 2)

In Part 2 of this two-part series, our goal is to provide security practitioners with better visibility, knowledge, and capabilities relative to malicious persistence techniques that impact organizations around the world every day. In this post, we’ll explore two additional persistence techniques that are being used by attackers in the wild: Scheduled Tasks (T1053) and BITS Jobs (T1197).

The Elastic Stack: Free. Open. Limitless.

From the very beginning, the Elastic Stack — Elasticsearch, Kibana, Beats, and Logstash — has been free and open. Our approach is not only to make our technology stack available for free, but to make it open — housed in public repositories and developed through a transparent approach with direct involvement from the community. Two simple principles — free and open — broke down barriers and enabled many amazing things.