It’s been a busy couple of months at Logz.io. We’ve added new features, made critical updates, and added a slew of integrations. Those integrations run the gamut from observability and security services, to cloud tools and container orchestration. Let’s take a quick look at what’s new and what’s coming up at Logz.io.
We’ve added a lot in the department of new integrations, many of which represent only the beginning of multiple tool integrations from the same software stacks.
On the cloud integration side, we’ve brought the AWS Security Hub closer to Logz.io Cloud SIEM with a direct tie-in. You can read more about the default rules for Security Hub in the section below on security analytics. Additionally, we’ve added direct integration with logs stored in Azure Blob (and removed the event hub in the middle) which will help our customers reduce their Azure bill price. This is in addition to the direct integration Logz.io has with Azure services through the Azure Marketplace.
On top of that, you can now take advantage of new automation for “Archive and Restore Logz.io Account” for both AWS and Azure. We’ve also added support for new endpoints in our Terraform integration, specifically: MS Teams, OpsGenie and ServiceNow. Finally, we have a Fluent Bit plugin for Windows, and a new integration with the AWS CloudFormation Public Registry.
In the metrics department, we added roughly 70 new Telegraf integrations. This opens usability to Telegraf users across the spectrum, covering several Apache tools, databases (InfluxDB, CouchDB, RavenDB, etc.), servers (NGINX, HAProxy), and more.
Additionally, we’ve added dozens of integrations for Google Cloud Platform, including: Google AI Platform, Google Assistant and Smart Home, the Google App Engine, Functions, Cloud Monitoring, and many others.
For containers, we now support OpenShift logs. OpenShift is a container orchestration platform offered by Red Hat that helps develop and deploy apps across cloud infrastructure. As long as you have a working OpenShift cluster and the OpenShift CLI working, you’re ready to go. Get more info in our documentation.
Additionally, you can now ship Kubernetes traces to Logz.io from a Helm chart via the OpenTelemetry collector. For more info, check our tracing documentation.
We are always looking to keep our security rules up-to-date based on best practices and new threats. With that in mind, we’ve added new security rules to the following integrated security solutions:
- Auth0 – We’ve added two new rules covering when 1) a single user is blocked, or 2) if multiple users have been blocked.
- VPC Flow – Here, three rules cover port scanning, malicious IPs, and multiple SSH connection attempts
- OpenVPN – tracking if the central VPN server shuts down
- AWS CloudTrail – New rules detect security group creations and deletions, config changes to security groups, and whether or not security groups are suddenly exposed to the open web
- AWS Security Hub – The hub gets 2 new rules and a prefab dashboard; the rules cover critical findings and multiple failed security checks from a single point of origin
Following our previous announcement on our preinstalled Metrics Dashboards we are continuously adding more quality content for our customers to get increased value from the metrics they are sending to our platform. This month we’ve added the following technologies:
- AWS Cloudwatch – We’ve added two new dashboards from analyzing SES(Simple Email Service) and Kinesis
Coming in November
In addition to the Terraform integrations mentioned above, new support for automated SSO Groups is on the way. Our Telegraf integration list will also get longer with the addition of support for Azure Monitor (a new plugin contribution to Telegraf open source agent) as well as a newer and more improved deployment of AWS CloudWatch. And finally, we are working on new links with Kubernetes on Windows.
2021 continues to be an exciting time for the Integrations and Analytics Group at Logz.io. Stay tuned for additional details in the coming weeks.