The latest News and Information on Log Management, Log Analytics and related technologies.
What are the essential things to monitor in your infrastructure? Sure, CPU utilization, memory usage, and IO throughput. However, once you notice a significant load somewhere in your infrastructure you want to know what is causing it, and that typically boils down to needing to find the process that’s using too much CPU or memory or that’s doing disk or network IO like there’s no tomorrow.
Pulling in data exposed via API is not one of the most common use cases for ELK Stack users but it is definitely one I’ve come across in the past. Developers wrapping their database services with REST API, for example, might be interested in analyzing this data for business intelligence purposes. Whatever the reason, the ELK Stack offers some easy ways to integrate with this API. One of these methods is the Logstash HTTP poller input plugin.
Amazon S3 is an object storage service widely used for storing many different types of data in the cloud. While it’s inexpensive and easy to set up and maintain S3 buckets, it’s also very easy to overlook S3 security aspects and expose them to malicious attacks. A typical example is accidentally allowing public access to S3 files. Several recent high-profile data breaches were caused by lax S3 security.
One question that customers often ask is “why does the LogDNA agent need to run as root?” With IT departments and DevSecOps teams pushing to secure systems against cyberattacks, running a cloud-based logging agent as root sounds like a huge risk. While it’s true that you should avoid running applications as root, there are several reasons why our agent runs as root out of the box and several ways that we reduce your risk of attack.
Now that you have your brand new Graylog instance up and collecting your organization’s logs, all the data is quickly searchable and available for troubleshooting any issues as they arise. Just as easy as it is for you to use, an attacker with access to the logs now has a much simpler job of understanding your environment and seeing all of your data. You need to make sure you are doing all the due diligence you can to protect the data.