3 min
IT Ops
Connected QA: Selenium + Log Analysis
Does the idea of adding Quality Assurance (QA) test runs to your log analysis
platform sound strange? It’s actually not! The value in adding QA test runs goes
beyond helping the QA team; it helps the entire development shop as they move to
a DevOps framework.
I talk a lot about the integrated development environment and going beyond
ad-hoc tool selection to a more deliberate and holistic approach. This also
means br
4 min
IT Ops
Is Server Monitoring Dead?
Once upon a time one of the first pieces of software you installed on your
infrastructure was a server monitoring tool. This was the control panel through
which you could view how effectively your infrastructure was being used, akin to
the speedometer and temperature gauges on your car, or the dashboard of dials in
an airplane’s cockpit.
Server monitoring tools usually work by capturing resource usage information
from your OS performance API or performance counters (e.g. via proc stats on
linu
6 min
IT Ops
End-to-End IoT Monitoring with Log Data
A recent blog
explored the importance of logging in general in terms of IoT devices. It also
cited predictions that a huge number (50 billion) of IoT devices are expected to
exist by 2020. While Machine to Machine(M2M) communication is a related area,
the IoT is all about extending the Internet to systems and even low power
devices.
While there is uncertainty about the exact nature of how these devices will be
networked and how th
2 min
Microsoft
Patch Tuesday - December 2014
December's advanced Patch Tuesday brings us seven advisories, three of which are
listed as Critical. Depending on how you want to count it, we see a total of 24
or 25 CVEs because one of the Internet Explorer CVEs in MS14-080 overlaps with
the VBScript CVE in MS14-084.
Of the critical issues, MS14-080 has the broadest scope, with 14 CVEs. None of
which are publically disclosed or known to be under active exploit. The shared
CVE with MS14-084 presents a patching and detection challenge becaus
3 min
Vulnerability Disclosure
POODLE Jr.: The Revenge - How to scan for CVE-2014-8730
A severe vulnerability was disclosed in the F5 implementation of TLS 1.x that
allows incorrect padding and therefore jeopardizes the protocol's ability to
secure communications in a way similar to the POODLE vulnerability
.
The Nexpose 5.11.10 update provides coverage for this vulnerability, which has
been given the identifier CVE-2014-8730
. Learn more
about CVE-2
4 min
IT Ops
Best Practices for Cloud Logging, Security, & Data Protection
When we first founded Logentries in 2010 a lot of people thought Viliam Holub
(co-founder, CTO, and the brain behind processing billions and billions of log
events in real time )
and I were crazy. The common response was:
“People are not going to send their logs to the cloud… logs might contain very
sensitive data…”
Like typical stubborn founders we persevered in spite of this, and today we
have more than 35,000 users across 100 countries
2 min
Amp Up and Defy Amplification Attacks -- Detecting Traffic Amplification Vulnerabilities with Nexpose
Approximately a year ago, the Internet saw the beginnings of what would become
the largest distributed denial of service (DDoS) attacks ever seen. Peaking at
nearly 400Gbs in early 2014, these attacks started when a previously undisclosed
vulnerability that would ultimately become CVE-2013-5211
was
discovered. While these attacks were devastating and they received plenty of
press, the style of attack was not new. In fact, it had
3 min
Metasploit
Good-bye msfpayload and msfencode
Greetings all,
On behalf of the Metasploit's development teams, I'd like to officially announce
the decision of deprecating msfpayload and msfencode. Also starting today, we no
longer support or accept patches for these two utilities. On June 8th 2015, the
elderly msfpayload and msfencode will retire from the Metasploit repository, and
replaced by their successor msfvenom. The tool msfvenom is the combination of
msfpayload and msfencode, and has been in testing for more than 3.5 years.
msfpayl
3 min
IT Ops
Community Packs for AWS: Out of the Box Dashboards, Alerts, & Queries
We recently released Logentries Community Packs
, dynamic JSON files that (when uploaded into Logentries
) automatically create Saved queries, Dashboards and Alerts.
The true power of these packs is that anyone can create, modify and share them.
We called them Community Packs because we want to offer different Communities a
“pack” of log analysis features customized for their specifi
5 min
IT Ops
Keepalived and HAProxy in AWS: An Exploratory Guide
We’re going to explore high availability and load balancing using Keepalived
and HAProxy .
Keepalived is a routing software designed to provide simple and robust
facilities for load balancing and high-availability to Linux systems and
Linux-based infrastructures.
HAProxy is an open source load balancer/reverse proxy generally used for load
balancing web services, but also has the functionality to load balance TCP
traffic.
Together, Keepali
6 min
IT Ops
ES6: Javascript in Harmony: An Overview of New Language Features
ECMAScript 6 brings powerful new capabilities and some tasty syntactical sugar
to the ubiquitous Javascript language, as it continues to grab an ever
increasing slice of developer mindshare.
Now that the ES6 feature set is frozen and just minor refinements will be
made over the coming months, much of this new functionality has already landed
in modern browsers, and will continue to roll out with each new browser update.
For the impatient, there are also now several excellent precompile / polyf
3 min
Authentication
Patch CVE-2014-6324 To Avoid A Complete Domain Rebuild When UserInsight Detects Its Exploit
On Tuesday, November 18th, Microsoft released an out-of-band security patch
affecting any Windows domain controllers that are not running in Azure. I have
not yet seen any cute graphics or buzzword names for it, so it will likely be
known as MS14-068, CVE-2014-6324, or "that Kerberos vulnerability that is being
exploited in the wild to completely take over Windows domains" because it rolls
off the tongue a little better.
There is a very informative description of the vulnerability, impact, and
5 min
Antivirus
Finding and Protecting mission-critical assets with ControlsInsight
ControlsInsight helps organizations measure how well critical security controls
are deployed and configured throughout the enterprise. Yet, as hard you may
try, it's extremely difficult to protect every asset on your network perfectly,
and it's often necessary to prioritize "misson-critical" assets that store
important or sensitive business data. Clearly, securing the laptop computer of
Sally, the chief financial officer, is much more important than securing Joe the
intern's laptop, which prob
3 min
IT Ops
How to Implement JSON Formatting of IIS for Analytics and Troubleshooting
Previously, we wrote about setting up a Windows environment
to log JSON formatted logs
using our Windows Agent or our DataHub. Now we’ll tackle IIS
.
IIS, like Windows, has a unique log format that makes it difficult to read,
parse, and garner useful information. The log is a flat file that has a
line-per-web hit; similar to Apache or Nginx. But, it’s not as easy to format
intoJSON as Apache and Nginix
4 min
IT Ops
For the Love of Code: Why We Use JSHint for Static Code Analysis
As developers, we all strive for clean, readable, and easy to refactor code;
but, unfortunately, this doesn’t always happen.
No matter how great a developer you are, or what language you’re coding in;
problems caused by bugs inevitably spring up like weeds in the grass. These
problems are exasperated by poorly organized and poorly written code. Once
quality starts to drop, even the cleanest high-quality code in your project
begins to be affected, until you’re left with a jumbled mess of (and ha