In our recent article, we outlined the benefits of Security Information and Event Management (SIEM) systems, and why it is a must-have for every organization that operates in today’s cyberspace. It remains the best solution that proactively targets proliferating security threats, though SIEM also brings a number of risks and challenges. In this blog, we address these challenges and explain how they can be overcome by opting for SIEM-as-a-Service instead of on-premises or other options.

Traditional databases suffer a problem when ingesting data. They operate on a schema-on-write approach where data indexed must have a predefined schema as you ingest your data into the database. This schema-on-write model means that you need to take time in advance to dive into your data and understand what is there, and then process your data in advance to fit the defined schema.

Identities are easy to fake, but not actions. Closely monitoring the behavior of a person can reveal a lot about their true intentions. Similarly, keeping a close watch on a machine’s activities can expose potential security problems. Blending security information and event management (SIEM) with user and entity behavior analytics (UEBA) can bring numerous users and devices belonging to an enterprise under surveillance.

Today we are releasing the first Release Candidate of Graylog v3.1. This release brings a whole new alerting and event system that provides more flexible alert conditions and event correlation based on the new search APIs that also power the views. In addition, some extended search capabilities introduced in Graylog Enterprise v3.0 are now available in the open source edition in preparation for unifying the various search features.

We are thrilled to announce that we now offer Single Sign-On (SSO) support for ALL customers on the CHAOSSEARCH platform. You can now integrate your existing identity provider with CHAOSSEACH and have your users access the platform without needing to manage a separate set of credentials.

In the world of Software Engineering, observability seems to be the talk of the town. We discuss it at conferences, read about it in blogs or articles, and see it promised to us by vendor after vendor. But what is observability? What issues have recently evolved to make it such an integral concept? What strategies are engineers employing to ensure observability? And most importantly of all, why are engineers looking to achieve it?

In the last post, we talked about the different ways to monitor Fastly CDN log and why it’s crucial to get a deeper understanding of your log data through a service like Sumo Logic. In the final post of our Fastly CDN blog series, we will discuss how to use Sumo Logic to get the most insights out of your log data — from how to collect Fastly CDN log data to the various Sumo Logic dashboards for Fastly.

Serving over 44% of the world’s websites, Apache is by far the most popular web server used today. Apache, aka Apache HTTP Server, aka Apache HTTPd, owes its popularity to its ease of use and open-source nature but also its inherent flexibility that allows engineers to extend Apache’s core functionality to suit specific needs.