Security information and event management (SIEM) helps with managing and analyzing the vast amount of log information generated by networks. Of all the capabilities of SIEM, event correlation is the most powerful. This technique analyzes log data from your servers, applications, routers, firewalls, and other network devices, and identifies patterns of activity that indicate potential attacks.

Here’s the next installment of a new series of posts we’re doing on the Mattermost blog: Mattermost Recipes. The goal of these posts is to provide you with solutions to specific problems, as well as a discussion about the details of the solution and some tips about how to customize it to suit your needs perfectly.

We are happy to announce a new bugfix release for Icinga Web 2. Official packages are available on packages.icinga.com. Community repositories might need a while to catch up.

Today we are releasing a new support version of Icinga 2.8, a small one to pass the time until 2.9. This release includes fixes for the InfluxDB and Elasticsearch features. Please note that Elasticsearch 6 support is coming with 2.9. In addition to the fixes we’ve added support for multiple check parameters for the check_nscp_api plugin and working sysconfig/defaults variables support, you’ll also find many documentation updates.

If you think about it, mobile apps are among the production services most in need of real observability: nearly countless hardware platforms and operating systems in combination with your app’s code result in a dizzying matrix of possible sources for any given issue, which means you need the power of true high-cardinality search to solve your problems.

The news is filled with stories about horrible attacks against corporate and government networks. It’s almost enough to make administrators for small and mid-sized networks give up. But it’s important to note not all of these attacks are the same. There’s a vast difference, for example, between the incredibly sophisticated long-term attacks against high-profile companies and government agencies, and the mere smash-and-grab attacks.

Containers are portable assets that let you design and deploy with little overhead from your development team. They take your monolithic code base and turn it into several lightweight modules that you can more easily manage and interconnect without worry of one small module taking out your entire application. This gives you more granular control of your code, but it also means that you have several moving parts as part of your platform.

Business owners are constantly searching for the next great technology that will help streamline solutions, improve workflow efficiency, and boost their ROI. Cloud computing has quickly become one of the most effective technologies in helping companies increase work output and cut costs.

Imagine you’re the manager for the IT Operations for a multimillion-dollar retail chain. The chain not only has numerous stores throughout the U.S. but also a robust online presence. Now imagine that you need to conduct security and software updates on the company’s servers. The update will end up disrupting store services for 30 minutes after the work day.

v0.6.2 is released! Need HTTP endpoint monitoring? The new guide by @wmnnd describes how to set up serverless HTTP(S) monitoring!