Operations | Monitoring | ITSM | DevOps | Cloud

A SIEM system (Security Information and Event Management) is often used by security operations centers (SOCs) for real-time detection of suspicious activity and security events. While some teams choose to adopt a purpose-built SIEM, others rely on the same DevOps tools they are already using for tasks like troubleshooting and operational log data analysis.

OK, so you’ve decided to move from Elasticsearch to OpenSearch. Maybe our comparison helped you decide and maybe you’ve checked our guide on how to perform the migration. But how do you know if your new OpenSearch performs as well and functions as correctly as the existing Elasticsearch? Even when comparing old with new versions, upgrades don’t always translate into better performance.

One of the things I really love about working for Cribl is the ability to help our customers optimize their data. Microsoft Windows Event Logs are something I have always looked to as a proverbial Rosetta Stone to help translate semi-structured, classic-style events into something more efficient and less resource-intensive to search. Extracting field values requires a large number of regular expressions to parse the events, which isn’t ideal.

Today, we released our systemd journal plugin for Netdata, allowing you to explore, view, search, filter and analyze systemd journal logs. Like most things about Netdata, this is a zero-configuration plugin. You don’t have to do anything apart from installing Netdata on your systems.This is key design direction for Netdata, since we want Netdata to be able to help even if you install it mid-crisis, while you have an incident at hand.

In a recent reddit thread, I got into a conversation about justifying the cost of observability. It got to a really basic question about running a tech company: how do you know that any cost is justified? While a small number of expenses have clear and direct business values, a bunch of other costs, I would even say most costs, just aren’t that clear cut.

What are the current options to migrate from OpenSearch to Elasticsearch®? OpenSearch is a fork of Elasticsearch 7.10 that has diverged quite a bit from itself lately, resulting in a different set of features and also different performance, as this benchmark shows (hint: it’s currently much slower than Elasticsearch).

Metrics are closely associated with cloud infrastructure monitoring or application performance monitoring – we monitor metrics like infrastructure CPU and request latency to understand how our services are responding to changes in the system, which is a good way to surface new production issues. As many teams transition to observability, collecting metric data isn’t enough.

Predictive maintenance is a maintenance strategy that uses machine learning algorithms trained with Industrial Internet of Things (IIoT) data to make predictions about future outcomes, such as determining the likelihood of equipment and machinery breaking down. Using a combination of data, statistics, machine learning and modeling, predictive maintenance is able to optimize when and how to execute maintenance on industrial machine assets.