Operations | Monitoring | ITSM | DevOps | Cloud

Aurora, a hosted relational database service available on the Amazon cloud, is a popular solution for teams that want to be able to work with tooling that is compatible with MySQL and PostgreSQL without running an actual MySQL or PostgreSQL database. In order to leverage Aurora’s benefits fully, it’s critical to log and analyze the various types of monitoring data that are available from an Aurora environment.

This blog is part two of Splunk's Sunburst Backdoor response aimed at providing additional guidance to our customers (you can read part one, "Using Splunk to Detect Sunburst Backdoor," by Ryan Kovar). In this blog, we’ll cover how to ingest threat indicators to combat Sunburst Backdoor in Splunk Enterprise Security (ES).

The news of the “Sunburst Backdoor” malware delivered via SolarWinds Orion software has organizations choosing to shut down Orion to protect themselves. This includes several U.S. government organizations following the recent CISA guidance. If you are considering a similar response in your own environment, a critical next step is quickly restoring the lost visibility to the health and operations of your infrastructure.

We’re excited to share that the official Elastic Cloud Terraform provider is now available in beta. Operations and SRE teams often rely on Terraform to safely manage production-related infrastructure using methodologies such as infrastructure as code, which allows you to apply peer-reviewed infrastructure changes in an automated and controlled fashion. The provider works with Elasticsearch Service on Elastic Cloud, Elastic Cloud Enterprise, and Elasticsearch Service Private environments.

At the recent Illuminate conference, Dave Sudia from GoSpotCheck shared the process that led them to choosing Sumo Logic for their observability needs.

Sematext Logs is a Log Management-as-a-service. Think of it as your own central location for logs in the cloud. If you prefer or need to keep logs in your own environment instead of shipping it to the cloud Sematext Enterprise, designed to run on your own infrastructure, makes that possible. You can collect logs from any part of your software stack or infrastructure, IoT devices, network hardware, and much more.

This week, the world stopped for a few hours as Google users experienced an outage on a massive scale. The outage affected ALL services which require Google account authentication. This includes the Google Cloud Platform (Cloud Console, Cloud Storage, BigQuery, etc.), Google Workspace (Gmail, Calendar, Docs, Drive, etc.) and Google Classroom. With the myriad of affected platforms, this particular outage was far from passing by unnoticed by users.

We are delighted to announce that Elastic Cloud on Kubernetes (ECK), the official Elastic Operator, is now a Red Hat OpenShift Certified Operator. The operator helps make it easier to deploy and automate Elasticsearch, Kibana, APM Server, Beats, and Enterprise Search in your OpenShift environment.

The global security community recently learned of a supply chain attack against SolarWinds via their Orion® Platform. In this blog we are providing recommendations for Sumo Logic customers to gain a deeper understanding of how to utilize available Indicators of Compromise (IOCs) within our Cloud SIEM offerings to determine your exposure to the attack. Additionally, we’re sharing targeted search recommendations from our Sumo Logic Special Operations (or SpecOps) threat hunting team.