The ultimate success of any security monitoring platform depends largely on two fundamental requirements – its ability to accurately and efficiently surface threats and its level of integration with adjacent systems. In the world of SIEM, this is perhaps more relevant than any other element of contemporary IT security infrastructure.
Over the last 15-plus years, the Payment Card Industry Data Security Standard – a.k.a. PCI DSS – has endured as the bellwether of IT security standards. For today’s e-commerce vendors and cloud centric retailers, maintaining alignment with “PCI” remains as relevant as ever, especially given the continued proliferation of threats and diversity of cloud and hybrid environments.
Many organizations are moving from monolithic to microservices-based architectures. Microservices allow them to improve their agility and provide features more quickly. Although developing a single microservice is simpler, the complexity of the overall system is much greater. Here, we’ll review how to add distributed tracing to C++ with the OpenTelemetry collector and send to Logz.io. One of the biggest challenges is finding efficient tools to quickly debug and solve production problems.
The past year has been significant for continued development of both DevOps practices and new developments across the open source community. To that end, Logz.io is moving forward with renewed support for the Fluentd log shipper. This new proxy will serve as an alternative to Filebeat and Logstash, which recently moved away from open source licensing. Additionally, this integration utilizes an HTTP proxy instead of the SOCKS5 proxy necessary for Filebeat.
Telegraf is one of the coolest open source agents for collecting metrics. It’s part of the TICK Stack (Telegraf, Influx, Chronograf and Kapacitor) and with Telegraf you can collect metrics from a wide array of inputs and write them into a wide array of outputs. It is plugin-driven for both collection and output of data so it is easily extendable.
Do you also find yourself confused by all the Open-this and Open-that names flying around? There are currently a good few Open projects, standards, tools – OpenTelemetry, OpenTracing, OpenCensus, OpenSearch… heck, even my podcast is called OpenObservability! And new Open names seem to be popping up every other day. If you too feel this way, there’s no need. Many feel similarly confused.
The SIEM is a central point where data is collected and correlated, and as we move to consume more cloud services and data sets the SIEM itself must also change in architecture. Architecture change is hard to make for existing products. Calling a product a ‘cloud solution’ is not the same as taking an on-premises product and hosting it for customers. It means building a new SIEM for a new world. There are a lot of reasons users seek new SIEMs.
Logz.io is proud to launch a new partnership with Microsoft that enables Azure customers to directly integrate with Logz.io’s platform from within the Azure Console. This integration importantly allows Azure developers to begin monitoring their workloads faster than ever before, using the open-source technologies that their teams love. Check out this video for a demonstration of how it works.
We just announced the creation of a new RemoteWrite SDK to support custom metrics from applications using several different languages. This tutorial will give a quick rundown of how to use the Python SDK. Using these integrations, Prometheus users can send metrics directly to Logz.io using the RemoteWrite protocol without sending them to Prometheus first. Each SDK, while for a separate language, is each capable of working with frameworks like Thanos, Cortex, and of course M3DB.
