Welcome!

@DevOpsSummit Authors: Elizabeth White, Zakia Bouachraoui, Liz McMillan, Pat Romanski, Roger Strukhoff

Related Topics: @DevOpsSummit, @CloudExpo, @DXWorldExpo

@DevOpsSummit: Blog Post

Community Packs for AWS By @TrevParsons | @DevOpsSummit [#DevOps]

Out of the Box Dashboards, Alerts, and Queries

This article originally appeared on the Logentries Blog.

We recently released Logentries Community Packs, dynamic JSON files that (when uploaded into Logentries) automatically create Saved queries, Dashboards and Alerts.

The true power of these packs is that anyone can create, modify and share them.

We called them Community Packs because we want to offer different Communities a "pack" of log analysis features customized for their specific needs. We also looked across our Community of more than 35,000 users to identify the most popular use cases and requirements to determine how to build packs that best suit their needs. The Packs can be easily downloaded and modified - so if you have an open source, or paid-for Rails application, deployed by thousands of different users, you can create your own Pack that specifically suits that application. Your Pack can include saved queries, alerts and tags, as well as dashboards.

Logentries community packs for AWS

Let's assume you have a Rails Shopping application that you sell, or is open source. By having this application log important information for you, such as errors, 404s, customers' IPs, shopping basket events, stock levels etc, you can use our Community packs to instantly define and build dashboards for the application. This allows users to gain insight into important information; such as current customer numbers, stock levels, baskets sizes and top selling products with the ability to drill back into the log event and the actual customer details.

You can also create alerts so your users are notified if a large basket is not processed, if inventory levels are low, etc. The possibilities are endless by leveraging the power of Logentries instead of building all this technology into your product.

With a large number of companies moving their infrastructure to run on Amazons AWS, we developed a pack specifically to support one of the most commonly used logging systems, the AWS CloudTrail service.

AWS CloudTrail is a web service that records AWS API calls for your account and delivers log files to you, which we collect and make available on Logentries. The recorded information includes the identity of the API caller, time of the API call, the source IP address of the API caller, the request parameters, and the response elements returned by the AWS service.

With CloudTrail you can get a history of AWS API calls for your account, including API calls made via the AWS Management Console, AWS SDKs, command line tools, and higher-level AWS services (such as AWS CloudFormation). The AWS API call history produced by CloudTrail enables security analysis, resource change tracking, and compliance auditing.

Community Packs for CloudTrail and CloudWatch

For AWS CloudTrail users, which monitors all your AWS API calls, we included Queries, Alerts and Dashboards for the most popular activities in our AWS Community including:

Alerts for:

  • AWS Security Group Actions
  • AWS EC2 Instance Actions
  • AWS Policy Actions
  • AWS User Actions
  • AWS Group Actions
  • AWS Password Update

Dashboard items for:

  • Event Type Breakdown over your AWS environment
  • Event Type Breakdown By IAMUser
  • Event Count Breakdown By IAMUser
  • Number of Instance Stops
  • Number of Instance Starts

This pack is available for easy download here.

To upload the pack you will need a Logentries Account. Then, simply click the community button and upload pack.

VisPack

A small sample pack below highlights how simple and editable the JSON files are.

{
   "tags": [
       {
           "type": "Alert",
           "name": "AWS Security Group Actions",
           "description": "AWS Security Group Actions",
           "labels": [
               {
                   "name": "AWS Security",
                   "color": "c90707"
               }
           ],
           "patterns": [
               "CreateSecurityGroup",
               "DeleteSecurityGroup"
            ],
           "action": {
               "type": "Alert",
               "min_matches_count": 1,
               "min_report_count": 1,
               "min_matches_period": "Hour",
               "min_report_period": "Hour"
           }
       }
   ],
   "searches": [
       {
           "name": "startinstances",
           "query": "StartInstances calculate(COUNT)"
       }
   ],
   "widgets": [
       {
           "name": "Event Type Breakdown",
           "search_name": "event_type_breakdown",
           "type": "BarChart"
       }
   ]

}

The documentation on this is available at https://logentries.com/doc/community-packs-create/.

So go ahead and create pack and share it with your Community? We'd love to hear what you think!

More Stories By Trevor Parsons

Trevor Parsons is Chief Scientist and Co-founder of Logentries. Trevor has over 10 years experience in enterprise software and, in particular, has specialized in developing enterprise monitoring and performance tools for distributed systems. He is also a research fellow at the Performance Engineering Lab Research Group and was formerly a Scientist at the IBM Center for Advanced Studies. Trevor holds a PhD from University College Dublin, Ireland.

@DevOpsSummit Stories
The platform combines the strengths of Singtel's extensive, intelligent network capabilities with Microsoft's cloud expertise to create a unique solution that sets new standards for IoT applications," said Mr Diomedes Kastanis, Head of IoT at Singtel. "Our solution provides speed, transparency and flexibility, paving the way for a more pervasive use of IoT to accelerate enterprises' digitalisation efforts. AI-powered intelligent connectivity over Microsoft Azure will be the fastest connected path for IoT innovators to scale globally, and the smartest path to cross-device synergy in an instrumented, connected world.
There are many examples of disruption in consumer space – Uber disrupting the cab industry, Airbnb disrupting the hospitality industry and so on; but have you wondered who is disrupting support and operations? AISERA helps make businesses and customers successful by offering consumer-like user experience for support and operations. We have built the world’s first AI-driven IT / HR / Cloud / Customer Support and Operations solution.
ScaleMP is presenting at CloudEXPO 2019, held June 24-26 in Santa Clara, and we’d love to see you there. At the conference, we’ll demonstrate how ScaleMP is solving one of the most vexing challenges for cloud — memory cost and limit of scale — and how our innovative vSMP MemoryONE solution provides affordable larger server memory for the private and public cloud. Please visit us at Booth No. 519 to connect with our experts and learn more about vSMP MemoryONE and how it is already serving some of the world’s largest data centers. Click here to schedule a meeting with our experts and executives.
Codete accelerates their clients growth through technological expertise and experience. Codite team works with organizations to meet the challenges that digitalization presents. Their clients include digital start-ups as well as established enterprises in the IT industry. To stay competitive in a highly innovative IT industry, strong R&D departments and bold spin-off initiatives is a must. Codete Data Science and Software Architects teams help corporate clients to stay up to date with the modern business digitalization solutions. Achieve up to 50% early-stage technological process development cost cutdown with science and R&D-driven investment strategy with Codete's support.
As you know, enterprise IT conversation over the past year have often centered upon the open-source Kubernetes container orchestration system. In fact, Kubernetes has emerged as the key technology -- and even primary platform -- of cloud migrations for a wide variety of organizations. Kubernetes is critical to forward-looking enterprises that continue to push their IT infrastructures toward maximum functionality, scalability, and flexibility. As they do so, IT professionals are also embracing the reality of Serverless architectures, which are critical to developing and operating real-time applications and services. Serverless is particularly important as enterprises of all sizes develop and deploy Internet of Things (IoT) initiatives.