We hope you guys managed to rest over the summer because we sure didn’t. Our engineering team has been working hard on developing new features and enhancements, some of which may have flown under your radar. To help you catch up, here’s a short recap of the latest and greatest from Logz.io with relevant referrals to read up more about the different items.
Before we start, and just as a reminder, the What’s New pane within the platform is a great way to stay informed of these latest developments as well. To stay up-to-date, simply open the pane from the Settings menu in the top-right corner of the page:
Enabling our users to optimize their logging pipelines has always been an important goal for us. Features like the Data Optimizer, Archive/Restore (see below) and Volume Analysis were first steps in allowing our users to log in a more cost-efficient way.
Drop Filters takes this one step further by facilitating what we call “On-Demand Logging” and giving you the ability to decide what specific logs you don’t want to be stored and indexed by Logz.io. You can keep your existing logging pipelines up and running. The logs simply won’t be stored and therefore will not be held against your overall logging quota.
You can learn more about Drop Filters here.
The ability to take a live snapshot of a Kibana dashboard and share it is one of the most popular features we’ve added on top of Kibana. Reports is an enhancement of this capability, allowing you to automate the process and create a report on a regular schedule covering a time range of your choice. This way you can generate reports while offline or send regular status reports to your manager or other stakeholders in the business.
You can learn more about Reports here.
Logz.io’s Archive/Restore helps you easily ship your data into long-term storage on S3 for subsequent retrieval and historical log analysis when required. This functionality has always been available in Logz.io but we recently revamped the user experience, giving users full and easy control over the process of backing up their data and restoring it via the Logz.io user interface.
IAM role authentication
S3 is an extremely common component in AWS-based logging pipelines and we have now added an additional way to authenticate users using IAM roles — a much easier and safer way to delegate access to buckets within organizations. When adding a new S3 bucket you will be asked what authentication method to use. To configure the new IAM role authentication you will need to use the role ARN available:
You can still use the previous method, but we recommend the new method as a more secure best practice. More information on setting up IAM role authentication for S3 buckets in Logz.io is available here.
Since announcing Logz.io Security Analytics last year, we’ve been steadily adding support for various security monitoring tools, including new integrations, correlation rules and built-in dashboards for OSSEC, GuardDuty and Azure Active Directory, and we recently added support for Zeek as well.
Zeek is a popular open-source network analysis tool and the log files it generates contain a wealth of information on network activity which can be used to identify malicious activity. The new support for Zeek in Logz.io Security Analytics includes easy integration, new correlation rules and a pre-packaged monitoring dashboard.
You can learn more about Zeek support in Logz.io Security Analytics here.
We want your feedback!
Our roadmap is packed with new features, including some new machine learning capabilities as well as new integrations with popular open-source monitoring tools to support additional use cases. We expect most of this product goodness to be introduced over the next couple of months so stay tuned for news.
In the meantime, and as always, we’d love to get your feedback about this latest added functionality in the platform as well as existing features. Feel free to reach out to us either via our community or by dropping a note to: firstname.lastname@example.org.
As in previous years, we will be at AWS re:invent and would love to meet you face to face. Be sure to drop by our booth to say hello!