|
By Bryan Turriff
Data fabrics are cohesive data layers that bridge data sources with data consumers, including analytics platforms such as SIEMs. They automate tasks like data ingestion, integration, and curation across diverse data sources, improving the agility and responsiveness of data ecosystems. More specifically, a security data fabric adds additional capabilities, including governance and compliance, security enrichment, and the integration of security events.
|
By Bryan Turriff
The massive growth of observability data isn’t limited to just log data. Metrics are growing just as fast, or faster. Making matters worse, DevOps and Engineering teams aren’t just dealing with the increasing volume of metrics data causing a spike in egress, storage, and compute costs. Many tools also charge by the number of custom metrics they track.
|
By Bryan Turriff
Observo AI is excited to announce that we have partnered with Microsoft and it is now available on the Azure Marketplace. This will make it easier for Azure customers to quickly adopt the AI-Powered Security and Observability Pipeline to help control costs, manage data sprawl, boost productivity, and identify and resolve critical incidents faster. Customers can now deploy Observo AI at speed while benefiting from Azure’s trusted and secure infrastructure, as well as its global commercial footprint.
|
By Bryan Turriff
History is filled with stories of human triumph. One of the most famous such stories is that of John Henry, “The Steel Driving Man.” As the traditional American folk story goes, John Henry and his fellow workers were faced with the arrival of the steam engine, which threatened to replace their manual labor. To prove that human strength and skill could outperform the new technology, John Henry challenged the machine to a contest.
|
By Bryan Turriff
Observo AI is excited to announce that we have partnered with AWS and our solution is now available on the AWS Marketplace. This will make it easier for AWS customers to quickly adopt the AI-Powered Security and Observability Pipeline to help control costs, manage data sprawl, boost productivity, and identify and resolve critical incidents faster.
|
By Observo.ai Team
FortiGate firewall logs are crucial for network security and compliance. These logs contain valuable information about network traffic, including source and destination IP addresses, ports, protocols, timestamps, and firewall actions. With FortiGate log volumes growing annually, many organizations face challenges in processing and storing these logs efficiently. In part 1 of this series, we covered an overview of Fortigate logs, and some of the challenges they pose for Security and DevOps teams.
|
By Observo.ai Team
Fortinet FortiGate firewalls are crucial network security devices that help manage and protect your network by monitoring and controlling incoming and outgoing traffic. They do this based on a set of predetermined security rules. The logs generated by FortiGate firewalls are rich with information about network activities and security events, making them indispensable for both security and DevOps teams in enterprises.
|
By Gurjeet Arora
Observo AI is excited to announce that we are an official partner with Splunk, a Cisco company. Pairing Splunk Enterprise with Observo AI's observability and security data pipeline enhances the capabilities and efficiencies of security and DevOps teams even further. By optimizing data before it hits a Splunk index and creating a fully searchable data lake for long-term retention, Observo AI can optimize customers’ infrastructure costs including storage, cloud egress, and compute.
|
By Observo.ai Team
In part 1 of this series, we took a look at what CloudTrail logs are, the value addition that CloudTrail logs serve and some of the problems involved in processing and storing these logs. In part two of this series, we will look at how Observo helps organizations process CloudTrail logs at scale and derive value from them. As a quick recap, let’s take a look at what a CloudTrail event looks like.
|
By The Observo.ai Team
Observo.ai is excited to share that we now integrate with Panther Labs, a modern SIEM built for the cloud. This enables Panther users to leverage Observo.ai’s powerful telemetry data pipeline features. Observo.ai was created to help Security and DevOps teams solve their biggest telemetry problems. Using Artificial Intelligence, Observo.ai optimizes and transforms data from any source and routes it to the destinations where it has the most value.
|
By Observo.ai
Rinki Sethi, CISO of Bill, discusses how Observo Ai can quickly add value to control data sprawl so security teams can focus their time and efforts on Threat Hunting.
|
By Observo.ai
In this demo first shown at Splunk.conf24, we look at the data-lake creation feature of Observo. Data is stored in the parquet format - a open columnar format. We also support searching the data-lake based on natural language search - under the hood this functionality uses LLM for text to SQL functionality. Use the rehydrate function to send any subset of data to the analytics platform of choice, on-demand. Consider keeping a smaller Splunk index, and use the lake for retention - retain more data, longer, for a lot less cost, all in a flexible format.
|
By Observo.ai
In this demo from Splunk.conf24, we look at a super voluminous source of data like flow logs and see how Observo pipeline’s Smart Summarization Engine helps reduce complexity and makes it much easier to find the needle in a haystack.
|
By Observo.ai
In this demo first aired at Splunk.conf24, we showed the flexible enrichment capabilities of the Observo AI pipeline. A common enrichment scenario for security teams is GeoIP enrichment - it involves adding geographical information to IP addresses. Among other things, GeoIP enrichment can be very useful for location based customization, threat analysis & network traffic pattern mining. Let us see how we do it.
|
By Observo.ai
In this demo, first shown at our Splunk.conf24 breakout session, we look at how easy it is to enforce data policies including PII obfuscation using Observo AI’s Smart Pipeline. Our data plane is written in Rust and supports extremely high performance scanning of patterns at wire speed. Let us see how we do it.
|
By Observo.ai
Observo sentiment analysis recognizes patterns of normal data and anomalies that need more investigation using our machine learning models. Alert fatigue happens when your teams are inundated with alerts that may have little to no important information in them. By using sentiment analysis, they can prioritize the alerts that need attention right away and which can be looked at later - resolve critical incidents faster before they spiral into a bigger problem. Our customers have reported 40% or more boost in incident resolution speeds.
|
By Observo.ai
We take a look at the main dashboard of Observo AI and delve into concepts like Sources, Destinations, pipelines, and transforms. (set your quality to HD using the setting button below for more detail)
|
By Observo.ai
In this Observo AI demo from Splunk.conf24, we show how easy it is to drag and drop to create a pipeline from scratch and then we show how to transform data from Windows logs and XML into the Splunk CIM for easy ingestion to Splunk.
|
By Observo.ai
Visit us at observo.ai.
|
By Observo.ai
In our comprehensive whitepaper, we delve into the challenges of observability, including data overload, legacy architectures, rising costs, security risks, noisy data, and lack of dedicated resources.
- October 2024 (2)
- September 2024 (2)
- August 2024 (1)
- July 2024 (2)
- June 2024 (9)
- May 2024 (3)
- April 2024 (3)
- March 2024 (2)
- February 2024 (4)
- January 2024 (4)
- November 2023 (4)
- October 2023 (1)
- September 2023 (1)
- February 2023 (1)
Observo.ai helps you reduce security and observability costs by 50% or more while resolving incidents 40% faster.
With artificial intelligence, Observo.ai elevates observability beyond static, rules-based tools. We automate observability pipelines, for smarter, deeper data optimization, faster deployment, and bigger savings.
AI-driven features to optimize telemetry data for Security and DevOps:
- Data Optimization & Reduction: Cut log volume by 80% and reduce the total cost of observability by 50% or more.
- Anomaly Detection: Lower Mean Time to Resolution (MTTR) of incidents by 40% or more.
- Smart Routing: Avoid vendor lock-in by routing data where it has the most value.
- Searchable, Low-Cost Data Lake: Retain more data, spend less money, be more flexible.
- Data Enrichment: Add context to data for faster searches and eliminate Alert Fatigue.
- Sensitive Data Discovery: Earn your customers’ trust by securing all PII to stay in compliance.
The AI-Powered Observability Pipeline.