Operations | Monitoring | ITSM | DevOps | Cloud

We are offering a variety of on-demand Elastic training courses for free — featuring 11 titles that span observability, security, and Elastic Stack administration. If you haven’t tried one of our self-paced courses yet, now is the perfect time to find out why so many people have shifted their learning preference from in-class to online. Our on-demand courses provide the same immersive learning experience found in the classroom, but delivered in a convenient, remote environment.

Managing a network more effectively has been something our customers have been asking us about for many years, but it has become an increasingly important topic as working from home becomes the new normal across the globe. In this blog series, I thought I’d present a few analytical techniques that we have seen our customers deploy on their network data to: Better understand their network and Develop baselines for network behaviour and detect anomalies.

A difficult question we come across with many customers is ‘what does normal look like for my network?’. There are many reasons why monitoring for changes in network behaviour is important, with some great examples in this article - such as flagging potential security risks or predicting potential outages.

When working with observability data, a good portion of it comes in as time series data — things like CPU or memory utilization, network transfer, even application trace data. And the Elastic Stack offers powerful tools within Kibana for time series analysis, including TSVB (formerly Time Series Visual Builder). In this blog post, I’m going to attempt to demystify rates in TSVB by walking through three different types: positive rates, rate of change, and event rates.

Elasticsearch allows you to store, search, and analyze large amounts of structured and unstructured data. This speed, scale, and flexibility makes the Elastic Stack a powerful solution for a wide variety of use cases, like system observability, security (threat hunting and prevention), enterprise search, and more. Because of this flexibility, effectively architecting your deployment’s data storage for scale is incredibly important.

In this article, we’ll learn about the Elasticsearch flattened datatype which was introduced in order to better handle documents that contain a large or unknown number of fields. The lesson examples were formed within the context of a centralized logging solution, but the same principles generally apply. By default, Elasticsearch maps fields contained in documents automatically as they’re ingested.

One of the most common dashboards for metric visualization and alerting is, of course, Grafana. In addition to logs, we use metrics to ensure the stability and operational observability of our product. This document will describe some basic Grafana operations you can perform with the Coralogix-Grafana integration. We will use a generic Coralogix Grafana dashboard that has statistics and information based on logs. It was built to be portable across accounts.

In Grafana, Loki isn’t just for log visualization anymore. Now there’s a simple way to use a Loki datasource as a metric datasource in your graphs. This used to require a hack to make it work – adding Loki as a Prometheus datasource – and the process was very tedious. But Grafana v6.6 integrates Loki even better than before. As a result, right out of the box you can create very nice dashboards about your logs, and mix them with your dashboards about metrics.