Today, we are facing an unprecedented situation. The COVID-19 pandemic is affecting everything we know -- our families, our businesses, our communities, and our way of life. In these tough times, many organizations have resorted to mandatory remote working for employees so they can still be productive and safe. Saas productivity tools like Zoom, Slack, G-Suite and Office 365 became seemingly mandatory in this new distributed workplace.

Alcide recently introduced Alcide kAudit, an automatic tool for analyzing Kubernetes Audit logs. This tool focuses on detecting non-compliant and anomalous behavior of users, automated service accounts and suspicious administration operations. Alcide’s recent integration with Sumo Logic enables users to gain full access to insights and real-time alerts from Alcide kAudit.

In part one, we introduced the duality of observability, controllability. As a reminder, observability is the ability to infer the internal state of a "machine” from externally exposed signals. Controllability is the ability to control input to direct the internal state to the desired outcome. So observability is a loop problem. And we need to stop treating it as the end state of our challenge in delivering performant, quality experiences to our users and customers.

The waves of change are certainly upon us and businesses are being forced to adapt at a record pace. Current world events have caused a jarring shift in all aspects of our lives, accelerating major changes in how we live and work. An unprecedented number of people are now working from home. Those of us working in IT Operations are no exception. Many companies are implementing a Distributed IT Operations Center (D-NOC) approach to address this new reality.

Docker is an essential bridge in modern DevOps. Despite Kubernetes overtaking Docker on orchestrating containers, the Docker container itself remains the standard and likely will for the foreseeable future. We developed the Docker Metrics collector to operate as its own container that will run Metricbeat using the modules you are running in real time. Now, in addition to the Docker module, we are now releasing an AWS module for operations in the cloud.

Graylog Enterprise v3.2 is out in the world, customers are using it and loving it, and we want to share with you what we've learned from them. Like most departments, IT is buried with day-to-day activities. Proverbial system and user fires that need extinguishing get in the way of that list of projects gathering dust because nobody has time to get to them. To ease this burden and give you back much needed time to tackle it all, Graylog focused the v3.2 release on usability and productivity.

The Extract and Aggregate fields feature allows users to custom parse historical logs (post ingestion) and get an aggregated count on those newly parsed fields. Enterprise SREs work with large systems that consist of internally built components and external products. Debugging with logs from external products can be extremely challenging.

A unified cloud infrastructure data model is fundamental for enterprises using multiple cloud vendors. Enterprise customers prefer to use multiple cloud vendors as a way to prevent being locked in and dependent on specific platforms. According to Gartner the top vendors for cloud infrastructure as a service in the years 2017-2018, are Amazon 49.4%, Azure 12.7% and Google with 3.3%.