Icinga for Windows: Hyper-V and Cluster Plugin Release v1.0

After months of developing and testing, we are finally ready to announce the release of our Icinga for Windows Hyper-V and Cluster plugins version v1.0 today! We collected lots of feedback, tested different approaches and re-designed some plugins to ensure we can provide good monitoring basics for these environments, allowing us to improve and extend them in the future.


8 Best Practices for Windows Patch Management

Given the numerous cyber-threats that organizations face these days, security has become one of the most serious issues on everyone’s mind. When it comes to protecting business-critical environments from malware, various security measures can make a significant difference. Patching is one such important component of ensuring the security of your infrastructure and data.


ProblemChild: Generate alerts to detect living-off-the-land attacks

In an earlier blog post, we spoke about building your own ProblemChild framework from scratch in the Elastic Stack to detect living off the land (LOtL) activity. As promised, we have now also released a fully trained detection model, anomaly detection configurations, and detection rules that you can use to get ProblemChild up and running in your environment in a matter of minutes.


Windows Cloud Hosting on VMs inside Jelastic PaaS

Windows-based cloud hosting running inside virtual machines has been on the wish list of our customers and cloud partners for quite some time. So now Jelastic multi-cloud platform provider has not only made this possible, but achieved an intuitive process that is natively implemented within the PaaS. Many companies around the world base their IT on Microsoft tools. Therefore, it is natural that customers also are looking for these services while choosing cloud hosting.


How to Use Event Triggers For Windows Server Monitoring

Windows event logs and event triggers are an important part of Windows server monitoring. With the addition Event Viewer feature, Windows made it possible for server administrators to create custom tasks for certain events. This would be the so-called event trigger, and it could be a script or an email notification. This feature is highly important in terms of security and proactively dealing with issues with the server.


InfluxDB OSS and Enterprise Roadmap Update from InfluxDays EMEA

Since the initial release of InfluxDB OSS 2.0 in November 2020, more than 10% of the community has successfully upgraded, and the pace of the upgrades continues at a steady rate. We have released a number of maintenance releases to address defects, expand platform coverage, and enhance the update experience based on feedback.


The essentials of central log collection with WEF and WEC

Last week we covered the essentials of event logging: Ensuring that all your systems are writing logs about the important events or activities occurring on them. This week we will cover the essentials of centrally collecting these Event Logs on a Window Event Collector (WEC) server, which then forwards all logs to Elastic Security.


The essentials of Windows event logging

One of the most prevalent log sources in many enterprises is Windows Event Logs. Being able to collect and process these logs has a huge impact on the effectiveness of any cybersecurity team. In this multi-part blog series, we will be looking at all things related to Windows Event Logs. We will begin our journey with audit policies and generating event logs, then move through collecting and analysing logs, and finally to building use cases such as detection rules, reports, and more.


We've added first-class Windows support to Grafana Agent

The Grafana Agent team is happy to announce that Grafana Agent 0.14.0-rc2 includes improved Windows support. Up until now, running Grafana Agent — our tool for gathering metrics, logs, and traces — in Windows was difficult and not well supported for Windows best practices. In short, it was not a good Windows citizen. In the new release candidate, we’re making changes to improve the experience, based on feedback from GitHub issues, customer contacts, and our own experience.