These days, “SIEM” (Security Information and Event Management) is all over the place. SIEM tools work by collecting data from multiple systems and noticing patterns in the data. This adds immediate value to the business by providing insights, security recommendations, and actionable intelligence. Despite being helpful tools for many companies, SIEM tools do have their drawbacks. This article will describe the four main ones and offer suggestions for how they might be overcome.

Google Cloud Platform (GCP) is a suite of cloud computing services for deploying, managing, and monitoring applications. A critical part of deploying reliable applications is securing your infrastructure. Google Cloud Audit Logs record the who, where, and when for activity within your environment, providing a breadcrumb trail that administrators can use to monitor access and detect potential threats across your resources (e.g., storage buckets, databases, service accounts, virtual machines).

So I've only been at Splunk for 8 months, and in the short amount of time I've been here, one of the most common questions I've been asked is “How do I get an alert when Splunk is not receiving logs?". As a matter of fact, if I had $0.05 each time I was asked this question, I would have $0.25! Surprisingly, with this being such an often-asked question, I haven't been able to find much documentation on how to accomplish this using the native features of Splunk.

Editor’s note: This is a follow up to a recent post on how to use Cloud Logging with containerized applications running in Google Kubernetes Engine. In this post, we’ll focus on how DevOps teams can use Cloud Monitoring and Logging to find issues quickly. Running containerized apps on Google Kubernetes Engine (GKE) is a way for a DevOps team to focus on developing apps, rather than on the operational tasks required to run a secure, scalable and highly available Kubernetes cluster.

DevOps is an approach to software development and delivery that emphasizes collaboration between different stakeholders. DevOps also places priority on automation and the integration of different tools in a single, well-oiled pipeline. Ultimately, DevOps boils down to cultural values and goals. When it comes to tooling and processes, there is no one right way to “do” DevOps; a variety of different approaches are possible.

Is it the middle of Spring already? (And Fall, for our Southern Hemisphere readers!) A lot has happened at Splunk since our last developer updates at .conf19. In case you missed any of the great developer sessions there, grab some time to watch what you missed!

In May 2019, Bloomberg Government reported that Federal agencies planned to move 272 information technology programs to the cloud in FY2020. Fast forward to April 2020 — they reported that there are more than 1,800 federal IT programs that are either migrating or considering migrating to the cloud in fiscal 2021, signifying a rapid increase in cloud adoption in the federal government. How might COVID-19 affect this explosive increase in cloud interest?

The large volumes of logs, metrics, and traces generated by scaling cloud environments can be overwhelming, but they must be collected to identify and respond to production issues or other signals showing business or application issues. To collect, monitor, and analyze this data, many teams choose between open source or proprietary observability solutions.

This post is the first in a three-part series on how to effectively monitor the hosts and systems in your ecosystem, and we're starting with the one you use most: your personal computer. Metrics are a key part of observability, providing insight into the usage of your systems, allowing you to optimize for efficiency and plan for growth. Let's take a look at the different metrics you should be monitoring.