Operations | Monitoring | ITSM | DevOps | Cloud

July 2021

Splunk Mobile - Backend Summary (in 60s)

Get to know the Secure Gateway Splunk app, which allows you to deploy and manage your fleet of mobile devices at scale. Plus, take a peek behind the scenes to learn how Splunk Secure Gateway facilitates communication between mobile devices and Splunk platform instances using an end-to-end encrypted cloud service called Spacebridge. Finally, get the latest on Spacebridge compliance and data privacy, since Spacebridge has now been certified to meet SOC2, Type 2 and ISO 27001 standards and is HIPAA and PCI-DSS compliant.

Splunk Cloud Monitoring Console on Mobile (in 60s)

The Cloud Monitoring Console (CMC) lets Splunk Cloud administrators view information about the status and performance of their Splunk Cloud deployment at a glance. On Splunk Mobile, you can access many of the same CMC dashboards as on Splunk Web. Whether you’re interested about your users, indexes, searches, or ingest volume, you can access this data on the go or at the comfort of your own couch.

How to Maximize the Performance of Your Kubernetes Deployment

With Kubernetes emerging as a strong choice for container orchestration for many organizations, monitoring in Kubernetes environments is essential to application performance. Poor application/infrastructure performance impact in the era of cloud computing, as-a-service delivery models is more significant than ever. How many of us today have more than two rideshare apps or more than three food delivery apps?

What Is Network Latency: Complete Guide on How to Check, Measure and Reduce It to Improve Performance

So you finally launched your service worldwide, great! The next thing you’ll see is thousands and thousands of people flooding into your amazing website from all corners of the world expecting to have the same experience regardless of their location. Here is where things get tricky. Having an infrastructure that will support the expansion of your service across the globe without sacrificing user experience is going to be real though as distance will introduce latency.

Splunk Machine Learning Toolkit Overview

You no longer have to be a data scientist to bring intelligence to your Splunk data. The Machine Learning Toolkit (MLTK) availble for free on Splunkbase, is a purpose built tool that extends Splunk Processing Language (SPL) with machine learning algorithms, new commands, and powerful visualizations. This video provides a high-level overview of MLTK and preview the use-cases that it supports.

Splunk Mobile - Overview (in 60s)

Splunk Mobile enables you to unlock value from your data anywhere at any time. Regardless of your role or level of technical expertise, you can use Splunk Mobile to view dashboards and take action from your mobile device. Whether you’re a C-suite executive looking for a report, a NOC manager investigating an issue, or a SOC analyst uncovering an anomaly, getting answers has never been more convenient with the power of Splunk in the palm of your hands. Splunk Mobile is made for all organizations and roles, including yours.

Announcing our $55M Series C Round Funding to further our storage-less data vision

It’s been an exciting year here at Coralogix. We welcomed our 2,000th customer (more than doubling our customer base) and almost tripled our revenue. We also announced our Series B Funding and started to scale our R&D teams and go-to-market strategy. Most exciting, though, was last September when we launched Streamaⓒ – our stateful streaming analytics pipeline. And the excitement continues!

Logging and Monitoring: A Match Made in Software Heaven

All code and no logging makes your application a black box system. Similarly, all logging and no monitoring makes analyzing performance complicated and inconvenient. The goal is to achieve better visibility into the operations of your application, its status, performance, and overall health. Making this information easily accessible presents more context about the critical incidents and surfaces actionable insights for optimizing performance.

Why Cloud-Native SIEM?

The SIEM is a central point where data is collected and correlated, and as we move to consume more cloud services and data sets the SIEM itself must also change in architecture. Architecture change is hard to make for existing products. Calling a product a ‘cloud solution’ is not the same as taking an on-premises product and hosting it for customers. It means building a new SIEM for a new world. There are a lot of reasons users seek new SIEMs.

The Top 21 Grafana Dashboards & Visualisations

In our guide on the best Grafana dashboards examples, we wanted to show you some of the best ways you can use Grafana for a variety of different use cases across your organisation. Whether you are a software architect or a lead DevOps engineer, Grafana is used to make analysis and data visualisation far easier to conduct for busy engineering and technical teams throughout the world.

How Log Analytics Powers Cloud Operations, Part II: Use Cases

Cloud computing shapes the ability of enterprises to transform themselves and compete in the 2020s. By renting elastic cloud resources, enterprises can support new customer platforms, distributed workforces, and back-office operations. The cross-functional discipline of CloudOps helps enterprises realize the promise of cloud computing by optimizing applications and infrastructure on cloud platforms.

Announcing the GA of the LogDNA Configuration API and LogDNA Terraform Provider

We’re excited to announce that our Configuration API and Terraform Provider are now generally available for all LogDNA customers. We received tremendous feedback from our public beta release and, based on that feedback, we are enabling several new features with the GA release that allow for more programmatic workflows with LogDNA. First, we are enabling Preset Alerts as a new resource that can be configured with the configuration API as well as within Terraform.

NiCE Log File Monitor Management Pack 2.0 for Microsoft SCOM

The NiCE Log File Monitor Management Pack 2.0 is a FREE solution supporting the SCOM Community in next-level log file analysis. It helps IT performance and security data analysts identify errors causing transactions and queries to take too long or not run at all. Software-related bugs, security issues, or erroneous configurations that impact website or application performance are figured out quickly by employing improved templates for alert rules, performance rules, or monitors.

Integrating Logz.io with Azure

Azure users can now deploy the Logz.io platform directly from the Azure Console with the click of a button. The seamless integration between Azure and Logz.io delivers visibility and monitoring for enterprise organizations developing applications on Azure, providing the specific information needed to streamline code development and achieve business agility.

Monitoring Kubernetes the Elastic way using Filebeat and Metricbeat

In my previous blog post, I demonstrated how to use Prometheus and Fluentd with the Elastic Stack to monitor Kubernetes. That’s a good option if you’re already using those open source-based monitoring tools in your organization. But, if you’re new to Kubernetes monitoring, or want to take full advantage of Elastic Observability, there is an easier and more comprehensive way. In this blog, we will explore how to monitor Kubernetes the Elastic way: using Filebeat and Metricbeat.

How to monitor Cassandra database clusters

Apache Cassandra is an open-source distributed NoSQL database management system that was released by Facebook almost 12 years ago. It’s designed to handle vast amounts of data, with high availability and no single point of failure. It is a wide-column store, meaning that it organizes related facts into columns. Columns are grouped into “column families.” The benefit is that you can manage data that just won’t fit on one computer.

Logz.io Delivers Cloud Native Monitoring to the Azure Marketplace

Logz.io is proud to launch a new partnership with Microsoft that enables Azure customers to directly integrate with Logz.io’s platform from within the Azure Console. This integration importantly allows Azure developers to begin monitoring their workloads faster than ever before, using the open-source technologies that their teams love. Check out this video for a demonstration of how it works.

Developer's Dilemma: When Is the Right Time to Invest in Log Management

Development cycles are complicated. If you’re on a development team, whether you’re building out a custom application, maintaining and iterating on a growing microservice, or breaking ground on a new platform for a startup, you have your hands full. Log management, though seldom celebrated outside hardcore DevOps and IT circles, is still a well-known instrument among seasoned developers. It is insight into the internal workings of your processes as they are used.

JavaScript Logging Basic Tips

In the past few years, JavaScript has evolved in several ways and has come a long way. With the evolving technology, machines are becoming more powerful, and browsers are getting more robust and compatible. In addition, Node.js’s recent development for JavaScript’s execution on servers, JavaScript has been getting more and more popular than ever before.

5 Key Considerations When Choosing a Log Management Solution

Purchase decisions often begin with a price check. Log management is no different. Evaluate your budget and narrow down the options that fit to choose the tool that gives you the most for what you pay. As always, cheaper is better as long as the platform doesn’t cut any corners. But with log management, there is a catch – not all tools are transparent with their pricing model.

The Benefits of Centralized Log Management and Analysis

Log centralization is kind of like brushing your teeth: everyone tells you to do it. But until you step back and think about it, you might not appreciate why doing it is so important. If you’ve ever wondered why, exactly, teams benefit from centralized logging and analysis, keep reading. This article walks through five key advantages of log centralization for IT teams and the businesses they support.

How to Notify Your Team of Errors: Email vs. Slack vs. PagerDuty

Site Reliability Engineering (SRE) and Operations (Ops) teams heavily rely on notifications. We use them to know what’s going on with application workloads and how applications are performing. Notifications are critical to ensuring SREs and Ops teams can resolve errors and reduce downtime. They’re also crucial when monitoring environments — not only when running in production but also during the dev-test or staging phase.

Get Started with Splunk for Security: Splunk Security Essentials

Continuing to ride the waves of Summer of Security and the launch of Splunk Security Cloud, Splunk Security Essentials is now part of the Splunk security portfolio and fully supported with an active Splunk Cloud or Splunk Enterprise license. No matter how you choose to deploy Splunk, you can apply prescriptive guidance and deploy pre-built detections from Splunk Security Essentials to Splunk Enterprise, Splunk Cloud Platform, Splunk SIEM and Splunk SOAR solutions.

Analyzing Office 365 GCC Data With Sumo Logic

Many of our customers today leverage Office 365 GCC High, including organizations looking to meet evolving requirements for working with the United States Department of Defense. Sumo Logic enables customers to leverage our out-of-the-box monitoring and analytics capabilities to analyze Office 365 GCC High data to offer security engineers and security analysts stronger situational awareness of internal employee data.

Introduction to Custom Metrics in Python with the Logz.io RemoteWrite SDK

We just announced the creation of a new RemoteWrite SDK to support custom metrics from applications using several different languages. This tutorial will give a quick rundown of how to use the Python SDK. Using these integrations, Prometheus users can send metrics directly to Logz.io using the RemoteWrite protocol without sending them to Prometheus first. Each SDK, while for a separate language, is each capable of working with frameworks like Thanos, Cortex, and of course M3DB.

Announcing the RemoteWrite SDK for Custom Metrics in Python, Go & More

We’re proud to announce the creation of a new RemoteWrite SDK to support custom metrics from applications using Golang (Go), Python, and Java, with many more on the way. Each SDK will have automatic, continuous deployment of updates. Using these integrations, Prometheus users can send metrics directly to Logz.io using the RemoteWrite protocol without sending them to Prometheus first.

Prioritize and resolve performance defects with Splunk Web Optimization

Find, fix and prevent web performance issues with an intelligent optimization engine. From Google's Lighthouse scores to core web vitals and 50+ modern performance metrics, learn to benchmark and improve page performance and user-experience with Splunk Web Optimization. Get a free trial as part of Splunk Synthetic Monitoring today.

Optimize Value of Cloudtrail Logs With Infrequent Tier

A common scenario for log analytics is that many log events are high value for real time analytics, but there are also events that are low value for analytics, but account for a very large percentage of overall log volume. Often these same low value logs are used only for ad-hoc investigations from time to time or need to be retained for audit purposes.

Understanding IIS Log Files: Operating Instructions

Commonly, your website or app functions perfectly until you release it. During testing, you might seem to have control over everything. But, sooner or later, you will face some challenges. In fact, it is totally normal when something goes wrong. The most important thing is how you settle these problems. In most cases, issues with availability alerts and users’ complaints can be addressed by the means of IIS logs. IIS logging will provide you with the necessary data to deal with a breakdown.

Apache Monitoring: Best Tools and Key Metrics to Track Web Server Performance

The Apache HTTP Server (httpd) is a widely used, open-source web server application. Because you can easily customize it through modules, it has become the go-to choice of both individuals powering their personal blogs and enterprises running high-traffic websites and web apps. It’s a well-known fact that with high traffic, the performance of Apache web servers can take a hit, experiencing bottlenecks as your traffic scales up, which will lead to delayed responses.

How to mitigate DevOps tool sprawl in enterprise organizations

There’s an insidious disease increasingly afflicting DevOps teams. It begins innocuously. A team member suggests adding a new logging tool. The senior dev decides to upgrade the tooling. Then it bites. You’re spending more time navigating between windows than writing code. You’re scared to make an upgrade because it might break the toolchain. The disease is tool sprawl.

Dissecting DevOps - Measuring quality in a SaaS world: SLA, SLI, SLO

Now that software is delivered over the web and not in a box, how developers guarantee quality to their users has radically changed. Users do not care about version numbers or floppy disks. They just want access to a service that just works. In the microservices world, the quality of your service both to your internal users and external is measured by SLAs, SLIs, and SLOs. And how you decide what those metrics are is a key strategy.

The Ops Agent is now GA and it leverages OpenTelemetry

Running and troubleshooting production services requires deep visibility into your applications and infrastructure. While basic logs and metrics are available out of the box with Google Cloud Compute Engine (GCE), capturing advanced data used to require the installation of both a metrics agent and a logging agent.

Finding Unexpected Development Solutions Through Log Management

This is a personal story from before I worked at observIQ. I am not a technical person in any professional sense. I have no direct training and my coding experience is limited to front-end web design and some indie game development. Before observIQ, all I knew about log management was that it has something to do with tracking computer performance and behavior, and I associated it mostly with DevOps and the cloud. I never imagined it would play any valuable role in my professional endeavors.

The Secret to a Successful Hybrid Application Migration

Planning a hybrid application migration? There’s plenty to deal with already, and now your manager wants to know—how are you going to make sure that the migration is a success? The secret is to take a subjective judgment and turn it into an objective one. As you probably know, there is no way that you can guarantee a problem-free migration. Don’t leave it up solely to how your boss or anyone else feels about the migration.

The Secret to a Successful Hybrid Application Migration

Planning a hybrid application migration? There’s plenty to deal with already, and now your manager wants to know—how are you going to make sure that the migration is a success? The secret is to take a subjective judgment and turn it into an objective one. As you probably know, there is no way that you can guarantee a problem-free migration. Don’t leave it up solely to how your boss or anyone else feels about the migration.

How versatile is the Elastic Stack? Ask Walmart, NASA, or Airbus.

What do an airline, the world’s largest retailer, the French government, Adobe, and NASA’s JPL have in common? They use the Elastic Stack to empower customers, communities, and, even, interplanetary exploration. With the Elastic Stack’s ability to take data from any source and in any format, and then search, analyze, and visualize it in real time, organizations can act quickly to improve customer experience and power critical systems.

Taking Inventory of Your Google Cloud

Splunk Cloud Architect Paul Davies recently authored and released the GCP Application Template, a blueprint of visualizations, reports, and searches focused on Google Cloud use cases. Many of the reports included in his application require Google Cloud asset inventory data to be periodically generated and sent into Splunk. But HOW exactly do you craft that inventory generation pipeline so you can "light-up" Paul's application dashboards and reports?

A Guide to Monitoring AWS Lambda Metrics with Prometheus & Logz.io

In this post we will discuss some key considerations and strategies to monitor your AWS Lambda functions. This will include: which Lambda metrics you’ll want to monitor, how to collect AWS Lambda metrics with Prometheus and Logz.io, how to create a monitoring dashboard with alerts, and how to search and visualize your metrics.

Graylog Illuminate: Getting Started with Sysmon

The Windows System Monitor (Sysmon) is one of the chattiest tools. With all the information coming in, it can be difficult and expensive to use it efficiently. However, the Graylog Illuminate package gives you a way to fine-tune it so that you can get better data and manage your ingestion rate better. Sysmon gives you awareness of what’s going on in your endpoints.

Create alerts from your logs, available now in Preview

Being alerted to an issue with your application before your customers experience undue interruption is a goal of every development and operations team. While methods for identifying problems exist in many forms, including uptime checks and application tracing, alerts on logs is a prominent method for issue detection. Previously, Cloud Logging only supported alerts on error logs and log-based metrics, but that was not robust enough for most application teams.

Monitoring Apache Kafka Clusters with Sumo Logic

Apache Kafka® is one of the most popular streaming and messaging platforms, commonly used in a pub-sub (publish-subscribe) model, where consumer software applications send data via messages that producer software applications can consume. Teams use Kafka for a variety of use cases, including monitoring user activity, sending notifications, and concurrently processing streams of incoming data such as financial transactions.

The Business Case for Switching from the ELK Stack

Last year we published a popular paper on how to calculate the true cost of an Elasticsearch, or ELK (for Elasticsearch, Logstash, Kibana) stack environment. The paper helps readers calculate their overall annual cost of ownership for their ELK environment, and reveals how the cost burden of ELK is much higher than anticipated for most customers. That paper clearly hit a nerve — it’s been, by far, our most downloaded piece of content.

Intro to AIOps: Leveraging AI and Machine Learning in DevOps

AIOps is a DevOps strategy that brings the power of machine learning to bear on observability and system management. It’s not surprising that an increasing number of companies are now adopting this approach. AIOps first came onto the scene in 2015 (coincidentally the same year as Coralogix) and has been gaining momentum for the past half-decade. In this post, we’ll talk about what AIOps is, and why a business might want to use it for their log analytics.

Monitoring IT Just Got Easier: Introducing the New Splunk App for Content Packs

We’re thrilled to announce the release of the Splunk App for Content Packs, an app that acts as a one-stop shop for prepackaged content and out-of-the-box searches and dashboards for common IT infrastructure monitoring sources, making it easy to get up and running with Splunk for IT use cases. In the past, you may have had to install and manage individual apps like Splunk App for VMWare and Splunk App for Windows Infrastructure.

Accelerating Dev Workflows: Terminal-driven Debugging

The pursuit of Digital Transformation and DevOps practices has led to several benefits such as increased deployment rates and better collaboration across teams. However, it has also led to endless abstraction, an increase in responsibilities, and many new tools (Kubernetes, hybrid-clouds and all their services, etc.). This increase in complexity has turned observability into an essential component of all ecosystems.

PostgreSQL Monitoring: The Best Tools and Key Metrics to Help Improve Database Performance

PostgreSQL is a popular open-source, object-relational database. As with any other data storage solution, capturing metrics is crucial for making sure your database is reliable, available, and performing optimally. This will help you dig deeper into database performance problems, do performance tuning, optimize queries and indexes, and make partitioning decisions. But that’s not all. You’ll also be able to set up alerts and plan for failures or upgrades.

How to Move Kubernetes Logs to S3 with Logstash

Sometimes, the data you want to analyze lives in AWS S3 buckets by default. If that’s the case for the data you need to work with, good on you: You can easily ingest it into an analytics tool that integrates with S3. But what if you have a data source — such as logs generated by applications running in a Kubernetes cluster — that isn’t stored natively in S3? Can you manage and analyze that data in a cost-efficient, scalable way? The answer is yes, you can.

Correlate CrowdStrike Data with Logz.io Cloud SIEM

Crowdstrike is an innovator in the endpoint protection market with innovative approaches for the last decade. They specialize in depth of data collection and have uncovered many forensic mysteries in security over the last 10 years. We have many mutual customers with CrowdStrike, which is why we began working with them on a solution to analyze and correlate their data within Logz.io.

How to Monitor Logs Guide With Recommended Automated Tools

Log monitoring is a practice used by IT administrators to organize, analyze, and understand a network’s performance. All network devices, including applications and hardware, create logs as they perform operations. Logs are like a device’s diary—they record every event and its critical information like user IP address, date and time, request time, and more.

OpenSearch Tutorial: Getting Started with Install and Configuration

OpenSearch is a community response to the recent relicensing of Elasticsearch as a non-Open Source platform. AWS, Logz.io, and a number of partners have been working for months not only to make this merely compatible with Elasticsearch as a functional replacement, but also seeking to create an independent project roadmap.

Secure your deployments on Elastic Cloud with Azure Private Link

We are pleased to announce the general availability of the Azure Private Link integration with Elastic Cloud. Azure Private Link provides private connectivity between your VNET (Virtual Network) and other Azure resources. Private Link simplifies your cloud network architecture and eliminates data exposure to the public internet by routing your data to private Azure service endpoints.

Announcing WP Activity Log Integration

With over 40% of websites powered by WordPress, there’s a good chance you or someone in your company is using it to update content or manage websites. This is why we’re excited to announce an integration with WP Activity Log—a comprehensive WordPress activity log plug-in—and SolarWinds® Papertrail™.

Dashboards on Cloud Monitoring made easier with samples

Setting up Cloud Monitoring dashboards for your team can be time consuming because every team's needs are different. Picking the right metrics, using the right visualizations to represent these metrics, deciding what metrics can go on the same chart, and determining the right pre-processing steps for metrics requires background and experience that may not yet exist among your development and operations teams.