Posts by Rapid7

How to Ensure Self Describing Log Data Using Log4Net

In a previous article, The Benefit of Having an Enterprise Logging Policy [/2016/04/06/the-benefit-of-having-an-enterprise-logging-policy/], I presented the case for always using self-describing data formats when logging information. Using self-describing formats, such as key-value pairs and JSON, saves time and effort in terms of indexing and subsequently querying your logs on the backend. Also, logs that use a self-describing data format are easier to understand by anyone, at any time. In t

8 min IT Ops

Using JavaScript to interact with the REST Query API

We’re very excited to announce that our REST Query API is now available [/2016/05/now-available-rest-query-api/]. With this API, you can: * make it easy to remotely query your log data * easily integrate Logentries with third party solutions, external systems and internal tools * allow users and systems to query their log data programmatically over our REST API In this article, I will show how you can quickly interact with the Query API by sending in a LEQL query [https://logentries

3 min IT Ops

How to: Send SMS messages to Logentries in under 5 minutes (maybe 10)

The “Internet Of Things” continues to be talked about a lot with an increasing number of devices now containing some sort of smart functionality which can be interacted with. Here’s a great article about end-to-end IoT monitoring [/2014/12/end-to-end-iot-monitoring-with-log-data/] by colleague David Tracey. However, not all IoT devices can be in locations with WiFi or 3/4G coverage, so they can not easily (or at all) send or receive data over the internet, and instead rely on standard cellula

4 min Komand

What Security Operations Teams Can Learn From Modern Productivity Software

Between your devices, how many apps do you have?The answer for many is dozens, if not hundreds. And many are designed to help us be more efficient: to keep track of growing to do lists, manage complex work tasks, or streamline communication with teams. The trouble is, many of these apps don’t talk to each other very neatly, efficiently, or at all. So it’s no wonder that when the app orchestration solution IFTTT was launched, over one million tasks [http://blog.ifttt.com/post/22129854971/one-mil

4 min IT Ops

How to Log from Azure Virtual Machines

You have evaluated the many IaaS providers [http://info.logentries.com/how-to-compare-google-compute-engine-and-aws-ec2?le_tofu=LogFromAzure-leblog] out there and you have decided on Azure Compute [https://azure.microsoft.com/en-us/documentation/scenarios/virtual-machines/]. Great choice! Azure is an ideal provider with broad support for various operating systems, programming languages, frameworks, tools, databases and devices. Azure also has the unique ability to facilitate hybrid deploymen

4 min Komand

The Dangers Of Linear Thinking and Why Security Analysts Should Defend in Graphs

One of my favorite tweets-turned-into blogs of last year was one by Microsoft security’s John Lambert: “Defenders think in lists, attackers think in graphs. [https://blogs.technet.microsoft.com/johnla/2015/04/26/defenders-think-in-lists-attackers-think-in-graphs-as-long-as-this-is-true-attackers-win] ” Though it certainly doesn’t entirely sum up the challenges of being a defender, it drummed up some interesting conversation/controversy on twitter. Plus as a nice, pithy statement, it has a good r

15 min IT Ops

How to Compare Google Compute Engine & AWS EC2

Which Virtual Machine is Best: Google’s Compute Engine or Amazon’s EC2? It Depends. The Internet might seem like a Wild West of chaotic connections because it often is. Companies like Google and Amazon have been managing to create order out of the chaos for years by understanding the nature of the World Wide Web. Within the last 10 years, Google and Amazon have leveraged that understanding into a robust suite of product offerings in the field of Infrastructure-as-a- Service, or IaaS. The corn

3 min Automation and Orchestration

What is Security Orchestration?

The best security operation centers (SOCs) [https://www.rapid7.com/fundamentals/security-operations-center/] are built on efficiency and speed-to-response. But if you’ve ever worked in a SOC or on a security team, you know it’s tough to get your security systems, tools and teams to integrate in a way that streamlines detection, response, and remediation. One of the most tedious tasks of all is cobbling together alert details to assess if a security event is a real threat, along with correlating

5 min Javascript

Client Side Logging In Javascript

Developers are writing Javascript applications of increasing complexity designed to run in web browsers, on desktops, and on servers. Javascript applications have reached a level of maturity that means they are running important business operations. They must be more maintainable and supportable now that they have achieved this level of responsibility in the enterprise. Javascript applications should be expected to provide the same information for support and maintenance as any other applic

1 min IT Ops

Infographic: What scares IT Professionals most about IT Infrastructure

Download Now [http://info.logentries.com/logentries-download-infographic-it-infrastructure] Logentries surveyed IT Professionals identifying themselves as members of Information Technology Teams, Operations Teams, and Development Teams Asking them: “What scares you the most about your IT infrastructure?” The answers highlighted Security concerns, System Failure, Operational costs, and the complexities of SDN (Software Defined Networking). We saw many responses reinforcing the need to conti

6 min IT Ops

Do You Still Email Yourself from Your Code? How to Stop the Madness

A few years back now, I took on an assignment to help a company modernize a series of legacy .NET applications. One of these did some back office processing. A vendor would stick some files on a shared drive, and a windows scheduled task would invoke this bit of code to parse the file, apply a whole slew of business rules to its contents, and then update the appropriate internal systems. The details are both proprietary and uninteresting, so I will spare you those. The author of this appli

13 min IT Ops

The 4 Steps for Creating a Log Enabled Marketing Campaign

Typically, most logging activity in the online world is concerned with collecting information about an enterprise’s digital infrastructure. Machine logs, application logs, network logs, database logs, access logs are a few examples of such activity. However, as marketing campaigns become more integrated into application activity, using log data to monitor and to measure the effectiveness of a campaign is a viable extension of an enterprise’s current logging activity. But, we need to beware.

5 min IT Ops

Brics Vs RE2/J

By Benoit Gaudin and Mark Lacomber Regular Expressions When it comes to searching unstructured data, regular expressions are a very useful and powerful tool. The power provided by popular regular expression libraries does come with a significant performance cost in some cases though, both when compiling regular expressions into automata (state explosion problem when determinising automata) and when using these automata to match input. These constraints are usually acceptable for individuals ne

5 min IT Ops

A point of @Contention- cache coherence on the JVM

Java 8’s major changes- lexical closures, the stream API, e.t.c have overshadowed a slew of little gems, one of which I only discovered the other day- the @Contended annotation. False Sharing Chances are you’re reading this on a device with more than one CPU. There’s therefore also quite a good chance the you have more than one thread of execution running at the exact same time. There’s an equally good chance that some of your fancy multiprocessor CPU’s on-die memory (aka L2/3 cache) is share