Operations | Monitoring | ITSM | DevOps | Cloud

Docker is an essential bridge in modern DevOps. Despite Kubernetes overtaking Docker on orchestrating containers, the Docker container itself remains the standard and likely will for the foreseeable future. We developed the Docker Metrics collector to operate as its own container that will run Metricbeat using the modules you are running in real time. Now, in addition to the Docker module, we are now releasing an AWS module for operations in the cloud.

Graylog Enterprise v3.2 is out in the world, customers are using it and loving it, and we want to share with you what we've learned from them. Like most departments, IT is buried with day-to-day activities. Proverbial system and user fires that need extinguishing get in the way of that list of projects gathering dust because nobody has time to get to them. To ease this burden and give you back much needed time to tackle it all, Graylog focused the v3.2 release on usability and productivity.

The Extract and Aggregate fields feature allows users to custom parse historical logs (post ingestion) and get an aggregated count on those newly parsed fields. Enterprise SREs work with large systems that consist of internally built components and external products. Debugging with logs from external products can be extremely challenging.

A unified cloud infrastructure data model is fundamental for enterprises using multiple cloud vendors. Enterprise customers prefer to use multiple cloud vendors as a way to prevent being locked in and dependent on specific platforms. According to Gartner the top vendors for cloud infrastructure as a service in the years 2017-2018, are Amazon 49.4%, Azure 12.7% and Google with 3.3%.

We believe that small businesses are the backbone of the local economy and consider our suppliers as partners in our success. Unfortunately, the novel coronavirus/COVID-19 has brought tough times and economic disruption that could significantly change the global economy. So we at Logz.io decided that we can make a meaningful impact by supporting our suppliers and helping them to meet the challenges that this new era brings.

You can view mobile-friendly dashboards and interact with augmented reality (AR) visualizations with the Connected Experiences suite of mobile apps. Splunk Mobile, Splunk AR, and Splunk TV allow you to take Splunk data on the go for a secure mobile experience. Below, Ryan O'Connor from the Splunk for Good team shares some examples of how to build mobile-friendly dashboards. Splunk for Good makes machine data accessible and valuable to nonprofit organizations and educational institutions.

The duality of observability is controllability. Observability is the ability to infer the internal state of a "machine” from externally exposed signals. Controllability is the ability to control input to direct the internal state to the desired outcome. We need both in today's cloud native world. Quite often we find that observability is presented as the desired end state. Yet, in modern computing environments, this isn’t really true.

Security information and event management, or SIEM, has become part of the vocabulary of every organization. SIEM solutions gather events from multiple systems and analyze them—both in real time and through historical data. SIEM costs—as cyber security costs in general—can be high, but there is a tradeoff if you opt for the FOSS route (free and open source solutions).

Last month, we hosted a webinar, Hunting for persistence using Elastic Security, where we examined some techniques that attackers use in the wild to maintain presence in their victim’s environment. In this two-part blog series, we’ll share the details of what was covered during our webinar with the goal of helping security practitioners improve their visibility of these offensive persistence techniques and help to undermine the efficacy of these attacks against their organization.