System Monitor, better known as Sysmon, is one of my favorite security datasets. The data is crazy detailed and offers a great way to power security detection and response since it gives cyber security teams a roadmap to understand exactly what systems or people are doing while they use any Windows operating systems. The avalanche of the data is the downside and why observability engineers need tools like Cribl Stream to manage and enrich Sysmon data to make it more useful and more cost-effective.
Nobody actually cares about the network. Provocative words coming from a network visibility company, you might be thinking. However, consider what you’re doing right now. You’re reading a blog on a website, maybe clicking around other tabs, possibly streaming some music, and likely keeping an eye on your work chat. These are all applications, and that’s what we all truly care about, not the plumbing that delivers them.
HTTP is one of the most popularly used protocols on the internet. Most user-facing applications expose HTTP APIs or apps of some form. The HTTP protocol is the basis for the World Wide Web or the tangible, visible part of the internet. However, you can also utilize this technology to test the performance and availability of your web apps.
