3 min
IT Ops
How To: Send Logentries Alerts to BigPanda
Working in customer support we are usually the first to receive feature
requests, integration requests or recommendations. We would then relay this to
our product team. But we often get requests that we can tackle ourselves whether
this may be small coding tasks or account changes. So when we heard a user
wanted to be able to forward their Logentries alerts to BigPanda.io, we made
that happen.
When any issues occur, time to resolution matters. Because Logentries streams
your log data in real-
4 min
Automation and Orchestration
Nagios Series: DNS Resiliency
Synopsis:
Host operating system resolver libraries are not very good at dealing with an
unreachable nameserver. Even if you specify multiple nameservers in resolv.conf
and one of them goes down you will experience a period where connections will
not be made because resolution is not known. There are a number of resolver
tuning options but even reducing the timeout to 1 second there will result in a
delay. This affects nearly all unix-like operating systems including GNU/Linux.
In this article w
5 min
IT Ops
Raspberry Pi, Logs and IoT - Sending Pi Log and Sensor data to Logentries
In the previous blog post
[/2016/02/iot-made-real-using-ti-sensortag-data-with-logentries/] we learned how
to send IoT data from the TI CC 2650 SensorTag to Logentries using Node-Red and
directly using Linux. This Blog will show how to send data from a Raspberry Pi
device to Logentries
[https://logentries.com/centralize-log-data-automatically/?le_trial=raspberry_pi-logentries_blog-post_cta-create_trial&utm_campaign=raspberry_pi&utm_source=logentries_blog&utm_medium=post_cta&utm_content=create_
4 min
IT Ops
A Query Language for Your Logs
Application logging is the software world’s version of archeology. At runtime,
your application lives in a rich, colorful, 3-dimensional world of flowing
aqueducts, packed coliseums, and bustling streets. There’s more going on than
can possibly be captured.
When you’re trying to reproduce and correct a reported issue, you play
archeologist. The vibrant, live world is gone, and you’re left to piece reality
back together using only decorated pots, spearheads, and fragments of frescoes.
In oth
4 min
Komand
The SOC of the Future: Predictions from the Front Line
There is no perfect security operations center, and I say that having worked at
one in the past [/2016/05/03/6-lessons-i-learned-from-working-in-a-soc/] and
collaborated with many others since then. That said, as an industry, we are
always evolving and improving.
Recently, I shared 6 lessons learned while working in a SOC
[/2016/05/03/6-lessons-i-learned-from-working-in-a-soc/], and today I want to
talk about where we at Komand believe the SOC is heading in the future and why.
Here are seven pr
6 min
IT Ops
Integrating the Logentries Javascript Library With React
React.js has proven itself a powerful contender in the world of Javascript
frameworks. Arguably, it has become one of a handful of libraries that all web
developers should consider for current or upcoming projects. Understanding how
it integrates with other libraries in your technology stack is an important part
of that consideration. If you currently use, or are considering using Logentries
[https://logentries.com/centralize-log-data-automatically/?le_trial=react-logentries_blog-post_cta-crea
6 min
Automation and Orchestration
Introduction to osquery for Threat Detection and DFIR
What is osquery?
osquery is an open source tool created by Facebook
[https://github.com/facebook/osquery] for querying various information about the
state of your machines. This includes information like:
* Running processes
* Kernel modules loaded
* Active user accounts
* Active network connections
And much more!
osquery allows you to craft your system queries using SQL statements, making it
easy to use by security engineers that are already familiar with SQL.
osquery is a flexible tool
6 min
IT Ops
Queuing tasks with Redis
Overview
As stated on their official homepage [http://redis.io/], Redis is an open source
(BSD licensed), in-memory data structure store, used as database, cache and
message broker.
Little bit about what Redis can do. It supports data structures such as strings
[http://redis.io/topics/data-types-intro#strings], hashes
[http://redis.io/topics/data-types-intro#hashes], lists
[http://redis.io/topics/data-types-intro#lists], sets
[http://redis.io/topics/data-types-intro#sets], sorted sets
[http:/
12 min
IT Ops
How to Ensure Self Describing Log Data Using Log4Net
In a previous article, The Benefit of Having an Enterprise Logging Policy
[/2016/04/06/the-benefit-of-having-an-enterprise-logging-policy/], I presented
the case for always using self-describing data formats when logging information.
Using self-describing formats, such as key-value pairs and JSON, saves time and
effort in terms of indexing and subsequently querying your logs on the backend.
Also, logs that use a self-describing data format are easier to understand by
anyone, at any time.
In t
8 min
IT Ops
Using JavaScript to interact with the REST Query API
We’re very excited to announce that our REST Query API is now available
[/2016/05/now-available-rest-query-api/]. With this API, you can:
* make it easy to remotely query your log data
* easily integrate Logentries with third party solutions, external systems and
internal tools
* allow users and systems to query their log data programmatically over our
REST API
In this article, I will show how you can quickly interact with the Query API by
sending in a LEQL query [https://logentries
3 min
IT Ops
How to: Send SMS messages to Logentries in under 5 minutes (maybe 10)
The “Internet Of Things” continues to be talked about a lot with an increasing
number of devices now containing some sort of smart functionality which can be
interacted with. Here’s a great article about end-to-end IoT monitoring
[/2014/12/end-to-end-iot-monitoring-with-log-data/] by colleague David Tracey.
However, not all IoT devices can be in locations with WiFi or 3/4G coverage, so
they can not easily (or at all) send or receive data over the internet, and
instead rely on standard cellula
4 min
Komand
What Security Operations Teams Can Learn From Modern Productivity Software
Between your devices, how many apps do you have?The answer for many is
dozens, if not hundreds. And many are designed to help us be more efficient: to
keep track of growing to do lists, manage complex work tasks, or streamline
communication with teams. The trouble is, many of these apps don’t talk to each
other very neatly, efficiently, or at all.
So it’s no wonder that when the app orchestration solution IFTTT was launched,
over one million tasks
[http://blog.ifttt.com/post/22129854971/one-mil
4 min
IT Ops
How to Log from Azure Virtual Machines
You have evaluated the many IaaS providers
[http://info.logentries.com/how-to-compare-google-compute-engine-and-aws-ec2?le_tofu=LogFromAzure-leblog]
out there and you have decided on Azure Compute
[https://azure.microsoft.com/en-us/documentation/scenarios/virtual-machines/].
Great choice! Azure is an ideal provider with broad support for various
operating systems, programming languages, frameworks, tools, databases and
devices. Azure also has the unique ability to facilitate hybrid deploymen
4 min
Komand
The Dangers Of Linear Thinking and Why Security Analysts Should Defend in Graphs
One of my favorite tweets-turned-into blogs of last year was one by Microsoft
security’s John Lambert: “Defenders think in lists, attackers think in graphs.
[https://blogs.technet.microsoft.com/johnla/2015/04/26/defenders-think-in-lists-attackers-think-in-graphs-as-long-as-this-is-true-attackers-win]
” Though it certainly doesn’t entirely sum up the challenges of being a
defender, it drummed up some interesting conversation/controversy on twitter.
Plus as a nice, pithy statement, it has a good r
15 min
IT Ops
How to Compare Google Compute Engine & AWS EC2
Which Virtual Machine is Best: Google’s Compute Engine or Amazon’s EC2? It
Depends.
The Internet might seem like a Wild West of chaotic connections because it often
is. Companies like Google and Amazon have
been managing to create order out of the chaos for years by understanding the
nature of the World Wide Web. Within the last 10 years, Google and Amazon have
leveraged that understanding into a robust suite of product offerings in the
field of Infrastructure-as-a- Service, or IaaS.
The corn