Logs are an invaluable source of information, as they provide insights into the severity and possible root causes of problems in your system. But it can be hard to get the right level of visibility from your logs while keeping costs to a minimum. Systems that process large volumes of logs consume more resources and therefore make up a higher percentage of your overall monitoring budget. Further, log throughput can be highly variable, creating unexpected resource usage and financial costs.

We’ve heard from our customers that you need visibility into metrics and logs from Google Cloud, other clouds, and on-prem in one place. Google Cloud has partnered with Blue Medora to bring you a single solution to save time and money in managing your logs in a single place. Google Cloud’s operations management suite gives you the same scalable core platform that powers all internal and Google Cloud observability.

What I love about our free and open Elastic SIEM is how easy it is to add new data sources. I’ve learned how to do this firsthand, and thought it’d be helpful to share my experience getting started. Last October, I joined Elastic Security when Elastic and Endgame combined forces. Working with our awesome security community, I’ve had the opportunity to add new data sources for our users to complement our growing catalog of integrations.

AWS Lambda is the leading serverless computing solution and is one of AWS’ most successful products, to date. Its popularity is in large part because of the way it makes development easier and faster. Lambda completely abstracts away the maintenance of underlying infrastructure including compute, storage, memory, and networking. Developers simply upload their code in the form of Lambda functions and the service fully handles the execution of these functions.

Monitoring all DNS requests in your network, including those that were blocked by (e.g., by a firewall) is a great way to increase visibility, enforce compliance and detect threats. A common problem with collecting DNS logs is that DNS server logs are notoriously hard to parse. Also, parsing only the logs of your DNS servers leaves a blind spot when it comes to usage of, or the attempt to use, an external DNS server like Google's 8.8.8.8.

If you're reading this, you're probably wondering how to get data from various Microsoft Azure services into Splunk. With the growing list of Azure services and various data access methods, it can be a little cloudy (pun intended) on what data is available and how to get all that data into Splunk. In this blog post, I'm going go over how Microsoft makes Azure data available, how to access the data, and out-of-the-box Splunk Add-Ons that can consume this data. So let's dive right in.

Monitoring began by using software agents to capture data from infrastructure, operating systems, and applications. These agents would collect metrics and events from these systems to understand the health of the underlying system and the applications. This is what infrastructure monitoring is today.

In sync with the upcoming release of Splunk’s Machine Learning Toolkit 5.2, we have launched a new release of the Deep Learning Toolkit for Splunk (DLTK) along with a brand new “golden” container image. This includes a few new and exciting algorithm examples which I will cover in part 2 of this blog post series.

In part 1 of this release blog series we introduced the latest version of the Deep Learning Toolkit 3.1 which enables you to connect to Kubernetes and OpenShift. On top of that a brand new “golden image” is available on docker hub to support even more interesting algorithms from the world of machine learning and deep learning! Over the past few months, our customers’ data scientists have asked for various new algorithms and use cases they wanted to tackle with DLTK.

You may already be using Splunk to ingest data and generate alerts and dashboards so you can take quick action on problems, but did you know you can quickly start a VictorOps trial and in three easy steps, have great Splunk alerts escalated to the right teams and people with a mobile app notification, SMS message or a live phone call?