Operations | Monitoring | ITSM | DevOps | Cloud

Hey, there. This is part four of the Elastic SIEM for home and small business blog series. If you haven’t read the first, second, and third blogs, you may want to before going any further. In the Getting started blog, we created our Elasticsearch Service deployment and started collecting data from one of our computers using Winlogbeat. In the Securing cluster access blog, we secured access to our cluster by restricting privileges for users and Beats.

Have you ever needed to grab a log from a local server that is not part of the Windows Event Channel? Applications like IIS or DNS can write their logs to a local file, and you need to get them into your centralized logging server for correlation and visualization. Graylog sidecar can help by creating and managing a centralized configuration for a filebeat agent, to gather these types of logs across all your infrastructure hosts.

During the past years we made plenty of contributions to improve the current state of the Windows monitoring. We tried to improve the actual installation with the Icinga 2 Powershell Module, allowing users to easier automate installation and configuration of Icinga 2. On a long term we however wanted to improve the monitoring of Windows infrastructures entirely, by not only providing new plugins but also to increase the contribution by the community.

With 900 billion devices running on Windows 10, the future is bright for the Universal Windows Platform (UWP). UWP’s strength lies in its ability to adapt itself completely to the native user interface - whether that’s a computer, tablet, Xbox or IoT device. It’s a win-win; users get a consistent experience as they consume across devices, while developers get easier deployments.

Windows Support went GA for Kubernetes in version 1.14 and represented years of work. This has been the effort of excellent engineers from companies including Microsoft, Pivotal, VMWare, RedHat, and the now-defunct Apprenda, among others. I’ve been a lurker and occasional contributor to the sig-windows community going back to my days with Apprenda, and I’ve continued to follow it in my current role with Rancher Labs.

Skip ahead to see how we solve a typical Windows 10 update problem (Windows Defender) It hasn’t been the easiest of weeks for Windows 10 users and support staff. And if we’re being honest, the previous months haven’t been all sunshine and rainbows either. For many, Patch Tuesday is starting to look less like a welcomed milestone for Windows 10 updates and fixes, and more like a doomsday for new malware and computing defects.

WSUS (Windows Server Update Service) is an add-on provided by Microsoft for patching Windows applications. Along with being free, the basic functionalities that WSUS provides makes it an easy choice for major SMBs. However, in reality, WSUS falls short in a number of ways; because of this, many teams that rely on WSUS for their patching needs end up investing in additional tools that usually come at an additional cost.

Justifiably or not, Microsoft’s Windows 10 has gained the reputation as an operating system that doesn’t respect your privacy as much as it should. If you or your organization are Windows 10 users, this guide will assist you in protecting your privacy during day-to-day operations.

Today we are announcing the support for Windows containers with Kubernetes 1.14 in Preview mode. As many users may know, Rancher 2.1.0 supported Windows containers in experimental mode. Now that SIG Windows and Microsoft have announced the general availability of containers in Windows Server 2019 with Kubernetes 1.14, we have upgraded Rancher to both support the latest version of Windows containers (and Kubernetes) and after the preview is over, make it generally available.

Hyper-V is a hardware virtualization platform used to create and run virtual machines on Windows host systems. Hyper-V allocates resources from the physical hosts it runs on to the virtual machines it creates. If those resources are spread too thin, virtual machines may encounter slow performance and startup failures. With our new integration you can monitor the health of every layer of your Hyper-V stack: physical hosts, virtual machines, and all of the applications and services running on them.