Operations | Monitoring | ITSM | DevOps | Cloud

Oftentimes, security attacks that were clearly recorded in logs go unnoticed. They are obscured by a large sea of log data created by most modern cloud environments. In some cases, like during a DDoS attack, there will be a huge spike in logs so it will be very clear what happened. In other situations, just a few logs will document the attack. Finding these logs can be like finding a needle in a hay stack. But if you know what to looks for, it doesn’t need to be so hard to spot these attacks.

We are excited to partner with AWS in launching AWS Bottlerocket, a container optimized operating system. Bottlerocket gives DevOps teams speed, efficiency and security in containerized environments.

A few months ago, I wrote an in-depth article describing how labels work in Loki. Here, I’m consolidating that information into a more digestible “cheat sheet.” There are some big differences in how Loki works compared to other logging systems which require a different way of thinking. This is my attempt to convey those differences as well as map out our thought process behind them. As a Loki user or operator, your goal should be to use the fewest labels possible to store your logs.

Metrics help you understand how your business and applications are performing. Longer metric retention enables quarter-over-quarter or year-over-year analysis and reporting, forecasting seasonal trends, retention for compliance, and much more. We recently announced the general availability (GA) of extended metric retention for custom and Prometheus metrics in Cloud Monitoring, increasing retention from 6 weeks to 24 months. Extended retention for custom and Prometheus metrics is enabled by default.

Elastic Cloud Enterprise (ECE) makes it easy to manage your Elastic Stack deployments, just like role-based access control (RBAC) makes it easy to manage your users. Combining the two can really make an administrator's life much simpler. The intent of this blog post is to provide instructions for configuring a SAML realm for RBAC in ECE environments where Auth0 is used as an identity provider (IdP).

Once you’ve reached the point where you want to deploy your machine learning models to production, you will eventually need to monitor operations and performance. You might also want to receive alerts in case of any unexpected behavior or inconsistencies with your model or your data quality. This is where you most likely start learning about various aspects of Machine Learning Operations (MLOps).

In our blog post on structuring Elasticsearch data with grok on ingest for faster analytics, we took a look at how to structure unstructured data on ingest (schema on write) to make sure your analytics run at near real time. Speed like that can help take your observability use cases to the next level. In this article, we’re going to build on what we learned by incrementally creating a new grok pattern from scratch!

Java is a well-established object-oriented programming language that epitomizes cross-platform software development and helped to popularize the “write once, run anywhere” (WORA) concept. Java runs on billions of devices worldwide and powers a huge range of important software, such as the popular Android operating system and Elasticsearch. In this tutorial, we will go over how to manage Java logs with the ELK Stack and Logz.io.