Home / Companies / Logz.io / Blog / May 2019

May 2019 Summaries

13 posts from Logz.io

Filter
Month: Year:
Post Summaries Back to Blog
Logstash, a key component of the ELK Stack, is essential for aggregating, processing, and routing data to various destinations like Elasticsearch. This tutorial provides an introduction to installing and configuring Logstash on an Ubuntu 16.04 machine, with a focus on its ability to pull data from diverse sources using input plugins, transform it with filter plugins, and send it to multiple outputs. Despite its versatility, Logstash can have performance issues and a heavy computing footprint, leading some users to consider alternatives like Fluentd or FluentBit. The tutorial emphasizes the importance of carefully structuring Logstash configurations, utilizing its extensive plugin ecosystem, and monitoring its performance, especially as pipelines grow more complex. Logstash's integration with lightweight data collectors called Beats has improved data pipeline setups and mitigated some performance challenges, making Logstash a robust but sometimes challenging tool in managing data flows.
May 31, 2019 2,111 words in the original blog post.
The article by Daniel Berman provides a comprehensive guide on setting up a resilient data pipeline using the ELK Stack and Apache Kafka to manage unpredictable log surges that can overwhelm logging infrastructures. It details the installation and configuration of key components including Elasticsearch, Logstash, Kibana, Filebeat, and Kafka, using a single Ubuntu 16.04 machine on AWS EC2. Kafka acts as a message broker, buffering data flow to protect Logstash and Elasticsearch from data bursts. The tutorial walks through setting up a pipeline that collects Apache access logs with Filebeat, brokers them with Kafka, processes them with Logstash, and indexes them with Elasticsearch, using Kibana for data analysis. The guide emphasizes the importance of resilient pipelines in production environments to ensure logging infrastructure reliability during critical incidents, noting that real-life deployments would involve more complex setups and scaling considerations.
May 30, 2019 1,623 words in the original blog post.
Logz.io, a company specializing in open-source log management and analytics, has secured $52 million in Series D funding led by General Catalyst, marking a significant milestone in its growth and development. This funding will be used to enhance their platform with new features, focusing on improving customer experience and expanding their security capabilities. Initially, Logz.io aimed to simplify log management for developers, but it has evolved to help them monitor, troubleshoot, and secure complex environments using open-source tools. The company has recently announced the general availability of its Security Analytics product and a time-series analytics offering, further enhancing its platform with AI and machine learning capabilities. Logz.io has also strengthened partnerships with major cloud providers like Amazon and Microsoft, launching a joint offering with Azure to integrate open-source ELK. The company serves a diverse client base, including Oracle + Dyn, Turner Media, and Capital One, and credits its success to the dedication of its 175 employees and strong community support. CEO and Co-Founder Tomer Levy expresses optimism about the company's future and commitment to delivering value to its customers.
May 29, 2019 673 words in the original blog post.
Elasticsearch, a modern search and analytics engine based on Apache Lucene, is central to the widely used ELK Stack (Elasticsearch, Logstash, and Kibana) for log analysis and search. Originally open-source, Elasticsearch transitioned to a proprietary dual license in 2021, prompting AWS to create the open-source alternative OpenSearch. This tutorial guides new users through the installation, configuration, and basic use of Elasticsearch, highlighting its NoSQL database structure which allows for flexible, schema-less data storage and powerful search capabilities through an extensive API. It also covers the creation and management of Elasticsearch clusters, a necessity for handling larger data sets and performance tuning, while acknowledging the challenges of scaling and maintaining such systems. For those preferring not to manage these complexities, services like Logz.io offer Elasticsearch-as-a-service, now rebranded as OpenSearch-as-a-service, providing additional features without the need for self-hosting.
May 28, 2019 2,664 words in the original blog post.
Cloud security is increasingly critical for modern organizations migrating to cloud environments, with expectations that by 2020, 41% of workloads would run in public clouds. The rise of credential compromises and other cyber threats, such as insider threats and distributed denial of service attacks, highlight the need for robust security measures, including behavioral monitoring systems and strong access policies. The adoption of unified cybersecurity platforms and Security Orchestration, Automation, and Response (SOAR) is becoming prevalent, providing better visibility and defense across hybrid environments. Security analytics, leveraging artificial intelligence and machine learning, is essential for detecting sophisticated threats and ensuring compliance with regulatory standards. The DevSecOps movement emphasizes integrating security early in the development process, while automated compliance controls streamline regulatory adherence, reducing manual efforts and costs. As cloud and DevOps environments evolve, organizations must harness these security trends to enhance their security posture and protect their data effectively.
May 23, 2019 1,368 words in the original blog post.
Logz.io, a company focused on customer satisfaction and handling critical data, has announced an expansion of its partnership with Amazon Web Services (AWS) to include new regions in Canada and Australia, alongside existing ones in the United States and Europe. This expansion aims to enhance availability and support for customers with data centers in multiple regions, ensuring seamless and efficient data management. As an advanced AWS technology partner, Logz.io integrates with various AWS services like ELB, Cloudtrail, and RDS, providing customers with preconfigured dashboards and visualizations for instant cloud environment monitoring. The company is committed to unlocking the potential of machine data for organizations, enhancing their ability to manage infrastructure and innovate.
May 22, 2019 473 words in the original blog post.
Logz.io has introduced a new feature called Drilldown to its Security Analytics app, enhancing user interactivity and investigation efficiency by allowing seamless navigation between Kibana dashboards. This feature addresses the challenge of switching between multiple dashboards by enabling users to map specific log fields to target dashboards, facilitating deeper investigations into specific elements like IPs. Drilldown, accessible via the Drilldown Settings page, simplifies workflows by linking visualizations to relevant dashboards, thereby providing more granular insights and making threat investigations more straightforward. Initially available to Security Analytics users, the feature is set to be rolled out to Operations users, with Logz.io encouraging feedback through their support email.
May 16, 2019 533 words in the original blog post.
Logs play a crucial role in IT by recording events and helping engineers understand when, where, and why these events occurred. However, due to the increasing volume of data and the high cost of retention, organizations face challenges in deciding what data to keep and for how long. A common solution is a hybrid retention model that includes a short "hot" period for searchable data and a longer "cold" period for archived data, often using cost-effective storage solutions like Amazon S3. Logz.io facilitates this process with its Archive/Restore feature, which allows users to archive data to S3 and later reingest it for analysis via a user-friendly interface. This feature supports cost-efficient data management by enabling users to balance the need for data accessibility with storage costs. Logz.io also offers a Data Optimizer to help manage retention by allowing aggregation of data into accounts without retention limits. The platform emphasizes ease of use and integration, encouraging user feedback to enhance its services.
May 14, 2019 834 words in the original blog post.
The ELK Stack, consisting of Elasticsearch, Logstash, Kibana, and Beats, offers a comprehensive solution for monitoring applications by providing scalable data storage, data processing, visualization, and data collection capabilities. This article details the process of installing the ELK Stack on an Azure virtual machine, starting with setting up the Azure environment and proceeding through the installation and configuration of each component. Notably, Elasticsearch and Kibana were closed-sourced by Elastic in 2021, leading AWS to introduce OpenSearch as an open-source alternative. While setting up ELK can be straightforward, scaling it to handle large cloud workloads presents challenges, such as the need for additional architectural components like a buffering layer. For organizations seeking to avoid the complexity of managing ELK themselves, Logz.io offers a managed solution with enhanced features and seamless integration with Azure.
May 12, 2019 1,342 words in the original blog post.
The blog post discusses the vulnerabilities associated with Elasticsearch, a popular open-source NoSQL database, and highlights the recurrent issue of data breaches linked to its exposed instances. Security analyst Bob Diachenko, known for his research into such breaches, notes that Elasticsearch accounts for 60% of the data breaches he has identified, attributing this to its lack of built-in security features like authentication and authorization, which require user configuration. The prevalence of these breaches is particularly notable in deployments on AWS and Microsoft Azure, with the U.S. and China having the most vulnerable instances. Diachenko emphasizes the importance of following best practices and documentation to mitigate these risks, suggesting measures such as securing IP bindings, avoiding default ports, and potentially using tools like SearchGuard or managed solutions like Logz.io for enhanced security. Despite these recommendations, Diachenko remains skeptical about significant improvements in the future due to human error and the tendency of developers to prioritize ease of use over security.
May 08, 2019 922 words in the original blog post.
Logz.io has partnered with Microsoft Azure to offer a fully managed ELK (Elasticsearch, Logstash, and Kibana) service, allowing Azure customers to deploy, run, and scale machine data analytics without managing the infrastructure themselves. This collaboration provides seamless integration with Azure services, AI-powered analytics, and pre-built dashboards to help engineering teams quickly address issues before they impact production. The initiative aligns with Microsoft's commitment to open source, as evidenced by its recent open-source endeavors and acquisition of GitHub, and it aims to enhance the developer experience by reducing the time spent on monitoring systems. The service is available across multiple Azure regions, offering engineers the ability to focus on core engineering challenges by leveraging machine data more efficiently.
May 07, 2019 517 words in the original blog post.
In 2019, the RightScale (now Flexera) State of the Cloud report revealed a significant increase in public cloud spending, which grew three times faster than private cloud spending, with a projected 25% increase in budgets for 2019. Microsoft Azure's market share was expected to grow notably, while AWS's share was anticipated to slightly decrease for the first time. The report also compared Alibaba Cloud, IBM Cloud, and Oracle Cloud, highlighting Alibaba's rapid growth and its strong presence in Asia. Each provider offers a robust suite of services across infrastructure, data management, and advanced data technologies, with unique strengths: Alibaba is highly rated for flexibility and customer service, especially in Asia; Oracle Cloud is advantageous for companies modernizing legacy Oracle applications; and IBM leads in annual revenue among the three, with a strong focus on AI and machine learning through its Watson platform.
May 02, 2019 1,640 words in the original blog post.
The General Data Protection Regulation (GDPR), implemented by the European Union on May 25, 2018, represents a significant overhaul in data privacy regulations, aiming to prevent excessive data collection and misuse by empowering individuals and imposing strict penalties on violators. This regulation applies to any entity handling EU residents' personal data, regardless of the entity's location, and has led to substantial fines, such as the €50 million penalty against Google for non-compliance. GDPR grants individuals rights such as clear consent, data access, and erasure, while requiring companies to notify authorities and affected individuals within 72 hours of a data breach. Compliance involves a risk-based approach, requiring organizations to implement privacy by design and maintain robust data governance, data loss protection (DLP), and logging and monitoring frameworks. Effective GDPR compliance enhances organizations' data protection practices, earning user trust and facilitating a more personalized user experience.
May 01, 2019 1,720 words in the original blog post.