Operations | Monitoring | ITSM | DevOps | Cloud

We all know how our life has changed in the last two decades in terms of how we interact with our vendors for day to day activities, regardless if we shop for a birthday present or read a newspaper. This digital transformation of everything we do increased even more during the pandemic, when it appeared that a malfunctioning digital access channel can often mean lack of possibility to enter certain places like even the country or a plane to get back home.

In the era of data abundance, there exists a significant need for database systems that can effectively manage large quantities of data. For certain types of applications, an oft-considered option is Apache Cassandra. Like any other piece of software, however, Cassandra has issues that could potentially impact performance. When this happens, it’s critical to know where to look and what to look for in the effort to quickly restore service to an acceptable level.

In today's environment, security teams face a pervasive threat landscape, with the expectation that some threat actors will be successful in bypassing perimeter defenses. To deal with this, security teams must learn how to actively hunt down threats, both outside and inside the perimeter, using solutions, such as Sumo Logic’s Cloud SIEM Enterprise and Continuous Intelligence Platform.

With a multitude of digital options available in almost every industry, it’s become increasingly critical that applications and services provide a positive user experience. Doing so requires a high level of availability, made possible (in part) by efficiently identifying and resolving issues with the system, when they occur. To achieve this, monitoring all critical components of an application and its infrastructure is a necessity.

Those who don’t move forward are moving backward. This saying particularly holds true in the cyber security world, as the constantly evolving threat landscape puts enormous pressure on traditional SOC teams. Most traditional SOC teams are understaffed, lack specific skills and are overworked.

In one of my previous blogs I explained how important it is for a modern observability platform to provide “the observers” full, flexible access to all raw telemetry. Observability’s promise to find unknown unknowns relied directly on the ability of fast, powerful and multidimensional high-cardinality analysis of raw data, to uncover previously unknown patterns that have not yet been visualized as a metric, dashboard panel or an alert or anomaly event.

Apache Cassandra is an open-source distributed NoSQL database management system that was released by Facebook almost 12 years ago. It’s designed to handle vast amounts of data, with high availability and no single point of failure. It is a wide-column store, meaning that it organizes related facts into columns. Columns are grouped into “column families.” The benefit is that you can manage data that just won’t fit on one computer.

Many of our customers today leverage Office 365 GCC High, including organizations looking to meet evolving requirements for working with the United States Department of Defense. Sumo Logic enables customers to leverage our out-of-the-box monitoring and analytics capabilities to analyze Office 365 GCC High data to offer security engineers and security analysts stronger situational awareness of internal employee data.

A common scenario for log analytics is that many log events are high value for real time analytics, but there are also events that are low value for analytics, but account for a very large percentage of overall log volume. Often these same low value logs are used only for ad-hoc investigations from time to time or need to be retained for audit purposes.

Apache Kafka® is one of the most popular streaming and messaging platforms, commonly used in a pub-sub (publish-subscribe) model, where consumer software applications send data via messages that producer software applications can consume. Teams use Kafka for a variety of use cases, including monitoring user activity, sending notifications, and concurrently processing streams of incoming data such as financial transactions.