With 2020 now well underway and the end of our financial year just around the corner, it’s a great moment to review some of the successes we have had in the EMEA Partner team over the past year. One particular highlight for us came in December when Orange Business Services, the digital transformation arm of Orange, named Splunk as its Digital & Data Partner of the Year at its annual awards in Paris.
Hey Everyone, We recently did a webinar with Christian Heger, technical head of the DATEV SOC, as well as Sebastian Schmerl, head of cyber defense of Computacenter. They shared their 6-month path of modernizing their security operations with help of Splunk technology and the MITRE ATT&CK framework. As we weren’t able to address all of the questions during the webinar, we discussed these afterwards and share them in this blog post as a Q&A follow-up.
Does one or more of the following personas describe you? If you fit one of those personas, you are in luck because I’m happy to tell you about some new Splunk integrations with Visual Studio Code in this blog.
Data destruction is an aggressive attack technique observed in several nation-state campaigns. This technique under MITRE ATT&CK 1485, describes actions of adversaries that may “..destroy data and files on specific systems or in large numbers on a network to interrupt availability to systems, services, and network resources. Data destruction is likely to render stored data irrecoverable by forensic techniques through overwriting files or data on local and remote drives”.
Amazon Managed Streaming for Apache Kafka (MSK) is a fully managed service that allows developers to build highly available and scalable applications on Kafka. In addition to enabling developers to migrate their existing Kafka applications to AWS, Amazon MSK handles the provisioning and maintenance of Kafka and ZooKeeper nodes and automatically replicates data across multiple availability zones for high availability.
If you’re running Solr and have to troubleshoot it (or maybe you just want a good overview!), then you’d probably want to collect logs, configs, maybe a snapshot of metrics and some system data, like top or netstat. We created a small tool for this exact task, creatively named solr-diagnostics. It’s been out there for almost two years, and we found it useful in our Solr consulting and production support engagements. So we thought it’s about time to spread the word.
In Part 1 we’ve described what container monitoring is and why you need it. Because each container typically runs a single process, has its own environment, utilizes virtual networks, or has various methods of managing storage. Traditional monitoring solutions take metrics from each server and the applications they run. These servers and applications running on them are typically very static, with very long uptimes.
Even though containers have been around for ages, it wasn’t until Docker showed up that containers really became widely adopted. Docker has made it easier, faster, and cheaper to deploy containerized applications. However, organizations that adopt container orchestration tools for application deployment face new maintenance challenges.
As the open-source monitoring system Prometheus grew, so did the need to grow its capacity in a way that is multi-tenant and horizontally-scalable, along with the ability to handle infinite amounts of long-term storage. So in 2016, Julius Volz and Tom Wilkie (who is now at Grafana Labs) started Project Frankenstein, which was eventually renamed Cortex.
AWS VPC Flow Logs record details about the traffic passing through your application, including requests that were allowed or denied according to your ACL (access control list) rules. It also has information about the IP addresses, and ports for each request, the number of packets, bytes sent, and timestamps for each request. This information brings deep visibility and the ability to improve your security posture over time.
