3 min
Logentries
R7-2017-18: Logentries Windows Agent uses vulnerable OpenSSL (FIXED)
Summary
The Logentries Windows Agent before version 2.6.0.1 shipped with a version of
OpenSSL that is susceptible to several public vulnerabilities described below.
While we have no indication that any Logentries customers have been compromised
due to these older versions of OpenSSL, we strongly encourage Logentries
customers to update Agents deployed to Windows systems using the steps outlined
under “Remediation” below.
Since the previously shipped version of OpenSSL was susceptible to severa
3 min
IT Ops
Network Administrator’s Guide to Surviving an Audit: During the Audit
Last time
[/2017/03/31/network-administrators-guide-to-surviving-an-audit-preparation/] we
talked about how to prepare for an audit. In this installment we’ll cover what
to do once the audit begins. Let’s assume that you’re pretty well prepared.
You’ve done your homework and know pretty much what to expect. So, everything’s
good, right? Well, even though you’ve taken the time to prepare, you could be in
for some surprises. The keys to surviving an IT audit are pretty simple:
* Be truthful
*
7 min
IT Ops
Logging in a Software Defined Network
Background
This blog will give an overview of Software Defined Networks (SDN), present some
suggestions for logging in an SDN and finally present an overview of some
research work we are doing on SDN logging.
If we consider a Software Defined Network (SDN) paradigm is a racetrack, SDN
controllers are race cars. Networking vendors especially those in the
telecommunication area such as Deutsche Telecom, Orange, Vodafone use their own
SDN controllers to manage the orchestration of their own equi
5 min
IT Ops
Habits that Pay Off for Programmers
I would like to clarify something immediately with this post. Its title does
not contain the number 7, nor does it talk about effectiveness. That was
intentional. I have no interest in trying to piggy-back on Stephen Covey’s book
title to earn clicks, which would make this post a dime a dozen.
In fact, agoogle search of “good habits for programmers”
[https://www.google.com/#q=good+habits+for+programmers]yields just such an
appropriation, and it also yields exactly the sorts of articles and
3 min
IT Ops
Legacy apps in the data center, today's apps in the cloud
Have you found that your organization is developing new applications that are
cloud-based, but unable to move away from some established legacy systems? You
aren’t alone. This legacy/cloud hybrid environment is far more common than you
would expect. And when you look at the history behind these apps it does make
sense. Any organization that has been around for more than a few years probably
has some investment in at least one legacy application. Organizations that have
been around longer may h
4 min
IT Ops
Network Administrator’s Guide to Surviving an Audit: Preparation
Sooner or later, your organization will likely be the subject of an IT audit.
But as ominous as that sounds, it doesn’t have to be something to dread. If
you’re a network administrator, you’ll have a specific role in an audit. Since
audits are rarely small projects, you’ll likely be working with others
throughout the process. The best way to fulfill your specific role well is to be
prepared for an audit before it happens. Simply put, an audit is an examination
to determine if controls are suff
4 min
IT Ops
Log Analysis for System Troubleshooting
Systems of all kinds create log data constantly and voluminously. In searching
out the most compelling reasons to dig into and analyze such data, we compiled a
list of seven reasons that usually drive such activity. In this blog post we
tackle the first of those 7, which include:
1. System troubleshooting
2. Security incident response
3. Security troubleshooting
4. Performance troubleshooting
5. Understanding user behavior or activities
6. Compliance with security policies
7. Complianc
5 min
IT Ops
Logging for Fun: Things You'd Never Thought to Log
I work as a consultant in the software industry. This work affords me the
opportunity to see and interact with many different teams and thus to observe
prevailing trends. Among these teams, the attitude toward logging tends to be
one of resigned diligence.
That is, many developers view application logging the way they view flossing
their teeth: a necessary, dull maintenance activity that will pay dividends
later. Today, however, I’d like to encourage readers to consider a different
side of
8 min
IT Ops
Roots and Culture: Logging and the Telephone Bill
Telephone systems were the Internet before there was an Internet.
Think about it.
By 1920 millions of people were exchanging data on a worldwide network using a
device that connected on demand. Sounds like the Internet to me.
But unlike the current day Internet, the telephone system cost money to use.
Alexander Graham Bell’s investors wanted it that way. That’s why they gave him
the money. Thus, people who used the telephone system had to pay for it. So
going as far back as 1877, every mont
3 min
IT Ops
Never type a search query again!
Introducing Visual Search
In our never-ending effort to help you wrangle your infrastructure, we are
constantly improving and adding new functionality to Logentries. In that
spirit, today we are happy to announce Visual Search. Visual Search is truly a
one of a kind feature, it makes the whole process of an investigation shorter
and simpler. By automatically visualizing top trends appearing in your data,
Visual Search allows you to simply click to drill in and out of datasets to
identify tren
3 min
Awards
Finalists in FIVE categories at the Network Computing Awards!
Ring Ring! You're in the Final!
It's always nice to get a phone call letting us know that we've been shortlisted
for awards – but when it's five awards, we like those calls even more! Two of
our products, and our company have reached the final stages for the Network
Computing Awards, and of course we'd love it if you took a moment to vote for us
please.
La La Land may have racked up the Oscar noms, but at the Network Computing
Awards it's looking good for LE LE Land!
OK, so we might not quite
6 min
IT Ops
5 Rules of Pair Programming Etiquette
I like Pair Programming [https://en.wikipedia.org/wiki/Pair_programming]. I’ve
been doing it episodically for about 10 years. Whenever I’ve pair programmed, at
the end of a session, I’ve always walked away a better developer than when I
started.
However, the practice can be expensive when the pair doing the programming
are not efficient. When a lot of friction exists between the two coders
involved, costs can exceed double that of a single programmer trying to hash
things out on his or her ow
5 min
IT Ops
3 Predictions for Development in the Age of Serverless Computing
Probably the biggest change that has happened in my lifetime of programming is
the transformation from creating code that is meant to run on known, tangible
hardware to making code that runs on the Cloud. We’ve gone from server based
computing to the serverless environment. The transformation has brought us the
practice of DevOps. Also, the transformation has forced us to rethink the whole
way design our code. Increasingly modern programming is about stitching together
cloud based resources t
2 min
IT Ops
Java 8 - Lazy argument evaluation
Overview
“I will always choose a lazy person to do a difficult job. Because he will find
an easy way to do it” – Bill Gates
Lazy evaluation is an evaluation strategy
[https://en.wikipedia.org/wiki/Evaluation_strategy] which delays the evaluation
of an expression until its value is needed. The opposite of this is eager
evaluation, where an expression is evaluated as soon as it is bound to a
variable.[wikipedia [https://en.wikipedia.org/wiki/Lazy_evaluation]]
Like most imperative programming l
3 min
Haxmas
12 Days of HaXmas: The Gift of Endpoint Visibility and Log Analytics
Merry HaXmas to you! Each year we mark the 12 Days of HaXmas [/tag/haxmas/] with
12 blog posts on hacking-related topics and roundups from the year. This year,
we're highlighting some of the “gifts” we want to give back to the community.
And while these gifts may not come wrapped with a bow, we hope you enjoy them.
Machine generated log data is probably the simplest and one of the most used
data source for everyday use cases such as troubleshooting, monitoring, security
investigations … the lis