Operations | Monitoring | ITSM | DevOps | Cloud

Elastic

Detecting threats in AWS Cloudtrail logs using machine learning

Cloud API logs are a significant blind spot for many organizations and often factor into large-scale, publicly announced data breaches. They pose several challenges to security teams: For all of these reasons, cloud API logs are resistant to conventional threat detection and hunting techniques.

Elasticsearch caching deep dive: Boosting query speed one cache at a time

Cache is king for speedy data retrieval. So if you’re interested in how Elasticsearch leverages various caches to ensure you are retrieving data as fast as possible, buckle up for the next 15 minutes and read through this post. This blog will shed some light on various caching features of Elasticsearch that help you to retrieve data faster after initial data accesses.

Elastic searchable snapshots or AWS UltraWarm: Making the right choice

Your logs, metrics, security, and trace data are all invaluable to you. They are mission critical for your observability and security needs. As your IT infrastructure grows and keeps generating more and more data, your data volumes and data storage needs go up accordingly. It can quickly become cost-prohibitive to indefinitely store all of it on your hottest machines.

Elastic + Grafana Labs partner on the official Grafana Elasticsearch plugin

Today, I’m happy to share more about our partnership and commitment to our users that they will have the best possible experience of both Elasticsearch and Grafana, across the full breadth of Elasticsearch functionality, with dedicated engineering from both Grafana Labs and Elastic. Through joint development of the official Grafana Elasticsearch plugin users can combine the benefits of Grafana’s visualization platform with the full capabilities of Elasticsearch.

Analyzing Elastic Workplace Search usage in a Kibana dashboard - part 2

For the 7.10 release of Elastic Workplace Search, we highlighted some of the new analytics logging capabilities and took you through a short walkthrough of some sample analysis scenarios. With the 7.11 release we introduced analytics fields, which open up new possibilities for exploring query and click data with helpful dashboards and visualizations.

Using Elastic machine learning rare analysis to hunt for the unusual

It is incredibly useful to be able to identify the most unusual data in your Elasticsearch indices. However, it can be incredibly difficult to manually find unusual content if you are collecting large volumes of data. Fortunately, Elastic machine learning can be used to easily build a model of your data and apply anomaly detection algorithms to detect what is rare/unusual in the data. And with machine learning, the larger the dataset, the better.

Ruby and Python clients for Elastic Enterprise Search now generally available

Back in our 7.10 release of the Elastic Stack, we announced the beta of our Ruby and Python clients for Elastic Enterprise Search. Now, with 7.11, both the Ruby and Python clients are generally available. We’ve also begun work on a PHP client. All client source code for both enterprise-search-ruby and enterprise-search-python is available on GitHub. Documentation on how to get started with each client is available on elastic.co.