Operations | Monitoring | ITSM | DevOps | Cloud

February 2022

Latest Release of Our Network Monitoring Software Delivers AI-Driven Log Analytics

If you manage a network, every network device generates a large volume of logs. These logs are extremely important and narrate a story about both events and the sequencing of those events within your network. This capability is critical for any network monitoring software, helping you easily understand network activities, user actions, security breaches, and much more.

Webinar Recap: Streamline Connections with LogStream QuickConnect

Feature Highlights is a new addition to our ongoing series of webinars. As the name suggests, it’ll focus on specific product features with anonymized customer use cases taking center stage. In other words, how Cribl customers actually use the features to get the job done, sometimes in unintended ways. QuickConnect was the first act with a session “Streamline Connections w/ LogStream QuickConnect”.

Fantastic Cribl Packs and How to Export Them

In LogStream 3.0, we introduced a framework that provides a way for LogStream customers to build, reuse, and share configuration modules – including pipelines, lookups, data samples, and knowledge objects – called Packs. While each Pack has its own “context” containing custom pipelines, routes, lookups, variables, etc., it still retains access to built-in LogStream configuration that is shipped with the product.

The AppScope Origin Story

Since we introduced AppScope in 2021, we’ve been relentlessly working towards the production-ready milestone. Last week we released AppScope 1.0. It’s been a long haul getting to this point. Not really sure if it took this long because we solved difficult problems, or if we’re just that slow. Someone told me that what we are doing would go a lot faster if we use a modern high-level language. Maybe … Can you imagine doing this in TypeScript? Yeah, me either.

Using Lambda Extensions to Streamline Observability

Lambda is a top-rated compute service available on the AWS cloud service network. Its popularity largely derives from its ease of use, allowing users to run Lambda functions reliably without provisioning or managing servers. Lambda can be triggered manually or by any linked events in the AWS network, including DynamoDB streams, SQS, Kinesis, and more.

Deep Dive into the App Start Experience

Our customers rely on Splunk’s mobile apps when they are on-call and troubleshooting in high-stress situations. Splunk’s customer base includes 96 of the Fortune 100 , many of whom rely directly on Splunk’s mobile app to help them solve outages or large scale performance problems. Therefore, they need a reliable quality of experience they have with our products and services. My team and I work on two mobile apps at Splunk: 1.

How to monitor ActiveMQ logs and metrics

ActiveMQ is a message-oriented middleware, which means that it is a piece of software that handles messages across applications. It acts as a broker that can help facilitate asynchronous communication patterns like publish-subscribe and message queues. The main goal of those servers is to create a scalable and reliable message bus that different components can use to communicate with each other.

Logging Blindspots: Top 7 Mistakes that are Hindering Your Log Management Strategy

Today, virtually everyone who manages infrastructure or applications relies on logging to understand what is happening within their environments. But some teams do logging better than others. Although there is no one right – or wrong – approach to log management, there are a variety of logging mistakes that engineers commonly make when deciding what to log, how to log it, and how to work with their log data.

Use Log Analytics to gain application performance, security, and business insights

Whether you’re investigating an issue or simply exploring your data, the ability to perform advanced log analytics is key to uncovering patterns and insights. Datadog Log Management makes it easy to centralize your log data, which you can then manipulate and analyze to answer complex questions.

APM vs. Logging: Do I Need Both?

The final stage of the popular Software Development Lifecycle after planning, analysis, design, and implementation is maintenance. This is where a full-fledged application running in production is constantly looked after and taken care of. Bugs, bottlenecks, slow database queries, security loopholes, and other issues are discovered and fixed before deploying the updated code. Log records and Application Performance Monitoring (APM) tools play a crucial role in software development maintenance.

IoT Security: How Important are Logs for System?

IoT has rapidly moved from a fringe technology to a mainstream collection of techniques, protocols, and applications that better enable you to support and monitor a highly distributed, complex system. One of the most critical challenges to overcome is processing an ever-growing stream of analytics data, from IoT security data to business insights, coming from each device. Many protocols have been implemented for this, but could logs provide a powerful option for IoT data and IoT monitoring?

Debugging Node.js Memory Leaks: How to Detect, Solve or Avoid Them in Applications

In this article, you’ll learn how to understand and debug the memory usage of a Node.js application and use monitoring tools to get a complete insight into what is happening with the heap memory and garbage collection. Here’s what you’ll get by the end of this tutorial. Memory leaks often go unnoticed. This is why I suggest using a tool to keep track of historical data of garbage collection cycles and to notify you if the heap memory usage starts spiking uncontrollably.

Ship software faster by removing bottlenecks and keep work flowing

We know customers and users today demand new features to be frequently released to their favorite apps. Plus they expect any bugs or issues hindering a great user experience to be fixed—and fast. Here we're going to cover new capabilities built to help you keep up with the business by measuring how well your team works in small batches and identifying previously invisible cross-team dependencies in your development and delivery processes.

Logging Practices: Know What to Log

Logging is an essential component of many applications. Every application has a different logging technique. You may prefer certain logging implementations, but you must also consider what to log, when to log, how much to log, and how to control logging. System administrators and developers, particularly the support team, benefit greatly from a well-designed logging system. For both the support team and the developers, logs save a lot of time.

How to Handle Java Lang OutOfMemoryError Exceptions

All the applications that you’re trying to execute require memory. It doesn’t matter if the application was developed using assembly language. Or if you used a low-level programming language like C or a language compiled to a bytecode like Java. Running the application requires memory for the code itself, the variables, and the data that the code processes. Depending on your usage, the memory requirements will vary.

Cyber Security in 2021 - What Happened?

2021 was quite a year. Some things changed, and some things very much stayed the same. The world of cyber security was not immune to this zeitgeist, with some aspects of the threat landscape persisting and some rapidly changing and evolving. This piece will examine the key trends in the cybersecurity threat landscape that we saw over the last year.

How Cribl LogStream Doctors QRadar

We know the old adage: All data is security-relevant. But at what cost? Many organizations are still trying to get their arms around existing data flows and tooling to say nothing of new apps and data sources coming into play as we continue to migrate to the cloud. Working to get a complete picture of their security environments, many CISOs are forced to make painful decisions between staying within budget and getting complete security event visibility.

Coralogix - On-Demand Webinar: Achieving Scale and Compliance During a Global Expansion

Armis is the first agentless, enterprise-class security platform to address the new threat landscape of unmanaged and IoT devices. With a hybrid environment of both single and multi-tenant infrastructures generating massive amounts of data, the team needed a powerful solution to centralize and manage their log data. In this session, Armis’s Head of DevInfra Roi Amitay discusses how his team leverages Coralogix’s unique capabilities together with custom-built dev tools to streamline the development and debugging of microservices on multiple EKS clusters.

Coralogix - On-Demand Webinar: Decoupling Streaming Data Pipelines at Scale

In this session, Harel Ben-Attia, Chief Architect at Coralogix shares the model we have implemented in order to create a resilient and scalable streaming data pipeline and how we had to rethink our entire approach to message processing from the ground up in order to achieve our goals.

IT Service Intelligence (ITSI) Comes to Splunk Mobile and TV

Why should only Dashboard Studio users get all the fun new features on Splunk Mobile and Splunk TV? To spread the cheer this new year, we brought the latest and greatest Mobile and TV features to IT Service Intelligence (ITSI) Glass Tables, so that you can view your ITSI data anywhere at any time!

Optimized Traffic Mirroring Examples - Part 2

In a previous post, we looked at an example of a fictional bookstore company and recommended mirroring strategies for that specific scenario. In this post, we’ll be looking at a fictional bank and recommended mirroring strategies for their network traffic. For a list of the most commonly used strategies, check out our traffic mirroring tutorial.

Minimize the Risk of Logging Over the Internet: How LogStream Cloud Can Be Paired With Cloudflare

With the proliferation of security SaaS platforms, such as Cloudflare, Proofpoint, and PingOne, enterprises must figure out how to integrate third-party data shipped over the internet into their analytics and SIEM platforms. This requirement to integrate third-party data raises a host of security, infrastructure, and data quality questions. Enterprises can lower risk, and complete projects faster, by using Cribl LogStream Cloud to solve their challenges in managing third-party SaaS platform data.

DevOps State of Mind Episode 8: What do DevSecOps and Formula 1 have in common?

Josh Minthorne is the co-founder and global technology director of Axcelinno, an IT technology consultancy and professional services company that helps organizations define and implement their DevSecOps adoption and cloud migration. Today, we're talking about why the security landscape has made companies hesitant to move to the cloud and what they can do to migrate with confidence.

Broadcom Software Launches Cloud-Based Log Analytics Service for Data-Driven Network Visibility

Human operators utilizing traditional network monitoring software with methods like SNMP, ping, or flow tracking are still limited to diagnosis and triage issues within the four walls of the on-premise data center. But with increased adoption of cloud, SD-WAN and “work from anywhere,” application workloads are getting more distributed and creating network monitoring visibility gaps.

Minimize downtime, and improve performance for Verizon 5G Edge applications with Sumo Logic

It is safe to say that customers and enterprises have come to expect their digital experiences to be near instantaneous. Fifty three percent of consumers will wait no more than three seconds for a web page to render before abandoning the site. But new technologies, like connected vehicles, AR/VR, and industrial automation, are pushing the limits of what traditional architecture can handle when it comes to delivering ultra-low latency.

Can your AIOps platform do Log Noise Reduction in addition to Alert Noise Reduction? If not, it is time to re-evaluate your AIOps

One of the core value propositions of AIOps platforms is to increase IT efficiency & productivity by applying AI & ML techniques to perform Alert Noise Reduction. This in turn translates to direct cost reduction due to savings in IT man-hours. In this approach, the AIOps platform kind of becomes like a gatekeeper for all the IT alerts/events, and it can help effectively, reduce and correlate such events, so as to send meaningful incidents to NOC or Service Desk.

Logstash: Path to ECS for 8.0

The Elastic Common Schema is a community-driven effort to provide consistent semantic meaning to datasets so that data from disparate sources can be meaningfully used together. In Logstash 8.0, ECS compatibility is on-by-default — this is a pretty major change to how many plugins operate. In this talk, we outline the rationale behind the transition and also highlight how to opt-OUT of the transition with a simple pipeline setting.

Webinar Recap: Force Multiply Your Security Operations Teams with Cribl LogStream

We hosted a webinar a few weeks back on using Cribl LogStream to make your security operations more scalable, efficient, and cost-effective. The turnout was fantastic and, while we answered most of the audience’s questions live, we couldn’t get to all of them. So I’ll go through the questions we couldn’t get to and offer some answers. Along the way, I’ll also share the results of two polling questions we asked during the webinar.

Best Splunk Alternatives [2023]

Every business from large enterprises through to small startups needs some level of log management in their day to day operations. For large-scale enterprises, Splunk has quickly become one of the most popular log management solutions globally. Splunk was developed for enterprise-level log analysis and Security Incident and Event Management (SIEM). The tool can also be used by medium-size enterprises as long as your organisation generates large volumes of machine data and log files.

Making a More Accessible navigation

I’m Tim, a Product Design Manager at LogDNA. My team is responsible for creating a beautiful and easy-to-navigate user interface so that you can easily access, and gain value from, your logs. We’ve been working on making our product’s navigation more accessible and are rolling out a mixture of subtle and more noticeable changes.

NEW: Splunk Synthetic Monitoring Adds Single Sign-On (SSO) and Security Improvements

Splunk customers are security conscious organizations demanding enterprise-grade features for their global workforce. Today, we are excited to announce several Splunk Synthetic Monitoring updates, including: support for Single Sign-On (SSO) via SAML 2.0, Concealed Global Variables, and an updated synthetic browser version (Chrome 97).

The Observability Lake: Total Recall of an Organization's Observability and Security Data

Enterprises are dealing with a deluge of observability data for both IT and security. Worldwide, data is increasing at a 23% CAGR, per IDC. In 5 years, organizations will be dealing with nearly three times the amount of data they have today. There is a fundamental tension between enterprise budgets, growing significantly less than 23% a year, and the staggering growth of data.

A Beginner's Guide for Grafana Loki (Open-source Log Aggregation by Prometheus)

Many logging solutions are available on the market to deal with log data, each focusing on a different part of the logging issue including log aggregation. These solutions are open-source and proprietary software and tools incorporated into cloud provider platforms, as well as a variety of capabilities to fulfill your requirements. Grafana Loki is a new industry solution, so let's take a closer look at what it is, where it originated from, and whether it can suit your logging requirements.

Going off-label with Grafana Loki: How to set up a low-cost Twitter analysis

The term “off-label” is used to describe when a product is being used successfully for something other than its intended purpose. It’s a quite common occurrence in the pharmaceutical industry, but it can also happen in the world of software. Grafana Loki was written as — and is marketed as — a simple, Prometheus-friendly logging backend with a very low total cost of ownership.

Getting Started with Google Cloud Logging Python v3.0.0

We’re excited to announce the release of a major update to the Google Cloud Python logging library. v3.0.0 makes it even easier for Python developers to send and read logs from Google Cloud, providing real-time insights into what is happening in your application. If you’re a Python developer working with Google Cloud, now is a great time to try out Cloud Logging! If you're unfamiliar with the `google-cloud-logging` library, getting started is simple.

How to monitor Amazon Kinesis

We live in a world that becomes more connected with each passing day. Public cloud hosts like Amazon Web Services (AWS) provide platforms with a wide array of capabilities that quickly scale based on demand. As a result, we’ve seen an explosion of new applications and services that continue to change our daily lives for the better. Data is a critical component of all of these systems. They can ingest vast amounts of data, process or transform it, and then pass it on.

A look at how the U.S. Department of Defense deploys the Grafana stack

In September 2021, the U.S. Department of Defense’s Iron Bank formally authorized Grafana, Grafana Enterprise, and Grafana Loki, allowing the 100,000 employees and contractors who work on DoD software, both classified and unclassified, to easily select and immediately deploy Grafana Labs software without additional approvals and security certifications. In our first-ever government session at ObservabilityCon 2021, former U.S.

Integrating Log Analytics in Serverless360

Recently we launched features to provide support for Log Analytics in Serverless360. Log Analytics workspaces are used by a lot of different features within the Azure Monitor stack and by providing the ability to link a Log Analytics Workspace to a Business Application in Serverless360 we see that it provides a way you can allow a support user the ability to view and run queries against your log data without needing to be an Azure Expert.

Optimized Security Traffic Mirroring Examples - Part 1

You have to capture everything to investigate security issues thoroughly, right? More often than not, data that at one time was labeled irrelevant and thrown away is found to be the missing piece of the puzzle when investigating a malicious attacker or the source of an information leak. So, you need to capture every network packet.

What Challenges Does a "Single Pane of Glass" Bring to Enterprise Data?

If I had a penny for each time someone asked for a single pane of glass view across my 20 years in the application monitoring (now observability) space, and I would be retired instead of writing this blog. But, on the other hand, I’d be in big trouble if I paid out each time we failed we finished that ask.

How to Get Started with ChaosSearch

ChaosSearch activates your cloud object storage for analytics at scale via multi-API access, with no data movement, no sharding nor re-indexing, and no data retention trade-offs. To help engineers and IT leaders experience the power of ChaosSearch for themselves, we’ve made it easier than ever to get started with our free trial experience.

10 tips for log shipping using Fluentd

Fluentd is an open-source data collector that unifies data collection and consumption. It has different types of plugins that retrieve logs from external sources, parse them, and send them to log management tools like Site24x7 AppLogs. tail, forward, udp, tcp, http, syslog, exec, and windows_eventlog are common input plugins.

Tutorial: Auto-instrumentation of a Java app by OpenTelemetry for K8s Environment

This tutorial demonstrates how to auto-instrument a Java app by OpenTelemetry for Kuberenetes easily with the help of a sample Java app. It also shows how to connect it to the hosted collector, and trace the transactions in Sumo Logic. Learn the prerequisites and the detailed step-by-step auto-instrumentation process in this tutorial. Reference Links: Links to refer to or download useful material to try the steps independently.

Data Lakes and Beyond: Complementing the New AWS CloudTrail Lake Service With LogStream

AWS announced CloudTrail Lake on January 5th, 2022, as a fully-managed solution for storing and querying CloudTrail logs. At first glance, it is straightforward to set up, can be enabled for all your organization’s accounts with a radio button, and keeps data for up to seven years by default! It’s a huge time saver and headache eliminator for many, as getting CloudTrail from all organization accounts to a SIEM can be tedious and time-consuming. But all this comes with a cost.

Living Your Stream: Build Your Observability Data Pipeline with Cribl LogStream Free

Our mission at Cribl is to unlock the value of all your observability and telemetry data, regardless of source or destination. We aim to give you choice and control over your data—because we know data has different value to different stakeholders at different times in the data lifecycle. Users are just scratching the surface in terms of the ways they are finding value from Cribl LogStream.