If you have or plan to collect data from Google Cloud Platform (GCP), you will have noticed that your option of ingesting data has been by using Splunk’s Google Cloud Platform Add-On. However, many customers are adopting “serverless” cloud services to deliver their cloud solutions. There are many reasons for this, but mainly it provides solutions that do not require any overheads of server or container management, that scale and is delivered as a part of their cloud platform.

Being a CIO is not easy these days. The industry is buzzing about data-driven business transformation, and every executive and manager wants to make data-driven decisions. For the CIO, finding the right solution – and getting the maximum benefit from it – can be overwhelming. Most customers have a minimum expectation, but beyond that it can be difficult to envision what’s possible. It’s hard to see what else data can make possible.

In the previous post, we covered some of the frameworks accessible by kernel extensions that provide information about file system, process, and network events. These frameworks included the Mandatory Access Control Framework, the KAuth framework, and the IP/socket filter frameworks. In this post, we will go into the various tips and tricks that can be used in order to obtain even more information regarding system events.

Today’s business needs make it virtually impossible to function without relying on an extensive network of partners and third-party providers. An IBM study found that 70 percent of businesses were looking to increase their external partnerships.

As any developer or system administrator will tell you, log files are an extremely useful tool for debugging issues within a web application. In fact, log files are typically utilized as the primary source of information when a website is malfunctioning. One specific log file that can be used in debugging applications (or simply gaining insight into visitor activity) is the access log produced by an Apache HTTP server.

Recently we released a new SNMP Trap input plugin in Telegraf 1.13. I’d like to tell you more about that plugin and how you can use it.

Happy New Year! We’re starting 2020 by sharing some exciting news. Today we announced that LogicMonitor has acquired Unomaly, an AIOps-centric logs analytics company headquartered in Stockholm! Unomaly’s technology focuses on the automatic detection of log anomalies to support fast, accurate root cause analysis in complex IT environments.

This year at BSidesDFW, my local security conference, I highlighted a continuing trend of adversaries using open source offensive tools. The talk reviewed one of these post-exploitation frameworks named Koadic and walked through different ways defenders can build behavioral detections through the use of Event Query Language (EQL).

We're happy to announce an initial alpha release of a new Rust client for Elasticsearch! You can find it on crates.io with the crate name elasticsearch and dive into the documentation to get started.

At this year’s AWS reInvent, we heard Andy Jassy go on stage to announce a bunch of new services to help companies unleash the power of cloud. 27 new services to be exact - everything from Machine learning IDE, to code review tools to contact center offerings (see the full list here); last year, AWS announced another 30 new services ranging from machine learning to VR/AR to satellite data. So now AWS has over 175 services - a staggering count by any imagination.