As networks become more distributed and complex, it’s becoming ever more challenging for IT professionals to track all the events happening on their networks. Still, it’s vitally important to do so—logging activity on an agency’s network is critical to determining who’s on the network, what applications they’re using, and whether those applications can compromise the network and user data.

Isn’t all logging pretty much the same? Logs appear by default, like magic, without any further intervention by teams other than simply starting a system… right? While logging may seem like simple magic, there’s a lot to consider. Logs don’t just automatically appear for all levels of your architecture, and any logs that do automatically appear probably don’t have all of the details that you need to successfully understand what a system is doing.

If I asked you to describe Splunk, you’d likely reply with something about it being really good (the best!) at gathering and searching logs. You’re right! But while that’s true, you may not know Splunk is also tops at gathering and analyzing metrics. Putting the two together is very powerful; logs (events, more generically) and metrics go together like cookies and milk!

In this post, we will cover some of the main use cases Filebeat supports and we will examine various Filebeat configuration use cases. Filebeat, an Elastic Beat that’s based on the libbeat framework from Elastic, is a lightweight shipper for forwarding and centralizing log data. Installed as an agent on your servers, Filebeat monitors the log files or locations that you specify, collects log events, and forwards them either to Elasticsearch for indexing or to Logstash for further processing.

SolarWinds® Papertrail™ now supports SAML v2.0, which makes Papertrail even faster and easier to access. Using SAML authentication you can log into your Active Directory domain or intranet and have immediate access to Papertrail, with no additional login required. The new SAML support also enables you to enforce user identity verification policies. If you are interested in enabling SAML authentication, select Settings and scroll down to the new security area.

More people than ever are working remotely, and about one-third say the coronavirus pandemic was their first chance to do so. As companies return to a new normal, they are considering how to manage workers who are not in the office, and mobile workers add a unique challenge. The term “remote worker” includes work-from-home employees and mobile workers. Most employees who work remotely do both.

AWS Lambda enables you to run serverless functions in the AWS cloud, by manually triggering functions or by creating trigger events. To ensure your Lambda functions are running smoothly, you can monitor metrics that measure performance, invocations, and concurrencies. However, even if you continuously monitor, once in a while you are going to run into what’s termed a Lamba cold start. There are various ways to prevent AWS Lambda cold starts.

When thinking about serverless applications, one thing that comes to mind immediately is efficiency. Running code that gets the job done as swiftly and efficiently as possible means you spend less money, which means good coding practices suddenly directly impact your bottom line. How does logging play into this, though? Every logging action your application takes is within the scope of that same performance evaluation.

Two years ago we introduced Splunk Insights for AWS Cloud Monitoring and Splunk Insights for Infrastructure on the AWS Marketplace as a Pay-As-You-Go Amazon Machine Image, where you could initiate an instance and pay hourly to use these products after a 15-day trial. Assessing our portfolio, we are discontinuing these offerings to focus on differentiating capabilities, namely the ability to search and apply machine learning to your data in addition to visualizing insights.