As you build more complicated Splunk apps, you might wonder, “What is the best way to make the features in my app more usable?” If you’re adding new SPL commands or creating ways to input new data sources, the answer is straightforward. But imagine you’re trying to address one of the following scenarios: For cases like these, consider extending the Splunk REST API with custom endpoints.

With open source in our roots, we’re always excited about integrations with tools like OpenVAS, a popular open source vulnerability scanner that Greenbone Networks has maintained since 2009. If you’re not currently using OpenVAS, you can find the project here. OpenVAS contains more than 50,000 vulnerability tests with a community constantly updating its feed to adapt to the ever-evolving security landscape.

Here at Graylog, we have recently had an increase in conversations with security teams from leading companies. We want to share our key findings with the Graylog community. The good thing is that cybercriminals use a methodical approach when planning an attack. By understanding their process and knowing your network, you will be better prepared and able to stay one step ahead.

As all Papertrail fans know, sending logs to Papertrail using syslog is quick and easy. Generating and transmitting syslog packets usually involves just 2 – 4 lines of code, and you can see your logs flowing into Papertrail in minutes. There are times, however, when you just can’t use syslog or install a remote_syslog2 daemon. This is where the new support for sending logs via HTTP comes in. And the best news is, it’s just as quick and easy to set up.

Isn’t all logging pretty much the same? Logs appear by default, like magic, without any further intervention by teams other than simply starting a system… right? While logging may seem like simple magic, there’s a lot to consider. Logs don’t just automatically appear for all levels of your architecture, and any logs that do automatically appear probably don’t have all of the details that you need to successfully understand what a system is doing.

In this tutorial, we will be using Heroku to deploy our Node.js application through CircleCI using Docker. We will set up Heroku Continuous Integration and Deployment (CI/CD) pipelines using Git as a single source of truth. Containerization allows developers to create and deploy applications faster with a wide range of other benefits like increased security, efficiency, agility to integrate with DevOps pipelines, portability, and scalability.

We’re excited to announce the first version release of our new dashboard framework: Dashboard (New). Built on top of a scalable, flexible, and extensible charting system, the new dashboards provide customers with deep control over their visuals, enable metadata rich workflows, and create dashboards in a dashboard first GUI.

There are two ways you can view the current mappings on your Logit ELK Stacks. One way is to use dev tools in Kibana. You can access Kibana from any of your dashboards by choosing from your dashboard Stack settings > Access Kibana. You can also search for a specific mapping of an Index name. For example if we wanted to see the mappings for the a Filebeat index name we can run the following to return only the desired mappings.

Welcome to our series on cost management and optimization in Elasticsearch Service. With the increased functionality in Elastic Cloud, it is now easier than ever to utilise many of the free and open features of the Elastic Stack to optimise your cloud deployment. This blog is a great resource for reviewing your existing high availability and data management strategies when it comes to cost management.