Operations | Monitoring | ITSM | DevOps | Cloud

Splunk adds and updates features and functions to Splunk Enterprise regularly to keep pace with innovation and reduce risk. In fact, Splunk releases these updates on the Splunk Cloud platform continually. For on-prem customers, Splunk releases two levels of software updates to Splunk Enterprise. On-prem customers benefit from the continual updates to the Cloud platform because features, functions, and updates are thoroughly road-tested and hardened when they are released in a major version update.

The other day I found myself trying to tune a Ruby on Rails app I had written as a side project. (The app lets me keep track of my favorite eateries and pubs. It’s searchable, includes multiple images, and has stored locations.) On past projects, I relied on SolarWinds® Papertrail™, path testing, a lot of trial and error, and a general feel to try to improve performance. This time I thought I would give SolarWinds AppOptics™ Dev Edition a try.

In advance of the RSA Conference 2020, we wanted to get a pulse of attendees’ perceptions on a few topics, specifically challenges facing modern SOCs (security operations centers) and the value they are getting from technologies such as analytics, automation, and their SIEM tools. To get this, we fielded a series of questions to the Twitter-verse and received nearly 17,000 votes! After going through the results, we found a few interesting things…

As the team responsible for building dormakaba’s first cloud-access control solution, Exivo, the Cloud Development team at dormakaba AS EMEA needed a logging solution that with scalable logging throughout their global environment, handle a huge amount of throughput, be piped through an API, and remain highly secure so it could be implemented on the doors and entry systems the company produces. Logz.io was the perfect fit for these requirements.

The tongue-in-cheek named malware detection tool, Yet Another Recursive Acronym (YARA) is described as “the pattern-matching Swiss Army knife for malware researchers (and everyone else)”. The Sumo Logic Cloud SIEM Enterprise platform is one of the first SIEM solutions to incorporate it as a built-in feature. This gives blue teamers an additional layer of detection built into the SIEM.

Log management plays an important role in helping to debug Kubernetes clusters, improve their efficiency, and monitor them for any suspicious activity. Kubernetes is an open-source cluster management software designed for the deployment, scaling, and operations of containerized applications.

Several months ago, Bryan Boreham introduced a few changes to Cortex that massively reduced its storage requirements. The changes were quite simple and altogether had a nice benefit of using almost 3x less data storage than prior versions. Since Loki shares a lot of code with Cortex, could we use these ideas to the same effect? (Spoiler alert: Yes, we can!)

Kinesis is a managed, high-performance and large-capacity service for real time processing of (live) streaming data. Prominent users include Netflix, Comcast and Major League Baseball. Its design to let it grab data from multiple sources at the same time and to scale processing within EC2 instances.