Operations | Monitoring | ITSM | DevOps | Cloud

I have recently been heads-down working on a large Splunk Cloud PoV (20+ TB / day), and the customer asked if Splunk supported their forwarding technology called Vector. I had never heard of Vector, so I took a note to do further research. I couldn’t find anyone else at Splunk who had seen this technology before, so I embarked on a little research project. What I discovered surprised me—Vector is actually fairly powerful, and cool!

One question I get asked frequently is “how can I get deeper insight and audit correlation searches running inside my environment?” The first step in understanding our correlation searches, is creating a baseline of what is expected and identify what is currently enabled and running today. Content Management inside Splunk Enterprise Security is a quick way to filter on what is enabled (and it’s built into the UI and works out of the box).

We’re excited to announce the new Log Usage Dashboard designed to provide greater visibility into your log data volume consumption. This dashboard gives you in-depth visibility into your total log volume usage, so you can better manage—and optimize—your plan usage.

The stats overview page that we launched in June was very well received. We have followed up on this and developed a similar idea for downtime logs. This went live on Friday and shows downtime records for all your monitors in one place.

With more engineering teams adopting Kubernetes as their container orchestration platform, new challenges emerge in giving your entire team visibility into Kubernetes for monitoring, debugging, and deployment. We’ve heard consistent feedback from developers and infrastructure teams about the observability gaps that exist between underlying Kubernetes infrastructure and deployed services.

Things have been busy with the Loki project! Once again, we waited too long between releases, and there are so many new things I won’t be able to list them all. But that won’t stop me from trying, so let’s get to it. For a change of pace, instead of listing interesting PRs, I’m going to talk through Loki’s components and mention the changes in more of a paragraph style. Let’s see how this goes.

We have been busy adding new features to our growing list of abilities. Logz.io Cloud SIEM is no exception. Throughout 2020 we have been enriching our security incident and event management tool, refining threat intelligence, adding new dashboards, and improving the user experience to ensure there’s an eagle’s-eye view of the security challenges that organizations face. Here are a few of those updates that we have recently put to production.

It is tempting to consider logging as a simple, solved problem. We write a log, check our file and, boom, we’ve cracked it. Yet those of us who have sat up at three in the morning, trawling through log files over an unreliable SSH connection, know that this is simply not enough. As your system scales, so too must the sophistication of your tooling. Your logging best practices must be scalable and ready to support your efforts.