@DevOpsSummit Authors: Liz McMillan, Mehdi Daoudi, Elizabeth White, Jason Bloomberg, Pat Romanski

Related Topics: @DevOpsSummit, @CloudExpo, @DXWorldExpo

@DevOpsSummit: Blog Post

Community Packs for AWS By @TrevParsons | @DevOpsSummit [#DevOps]

Out of the Box Dashboards, Alerts, and Queries

This article originally appeared on the Logentries Blog.

We recently released Logentries Community Packs, dynamic JSON files that (when uploaded into Logentries) automatically create Saved queries, Dashboards and Alerts.

The true power of these packs is that anyone can create, modify and share them.

We called them Community Packs because we want to offer different Communities a "pack" of log analysis features customized for their specific needs. We also looked across our Community of more than 35,000 users to identify the most popular use cases and requirements to determine how to build packs that best suit their needs. The Packs can be easily downloaded and modified - so if you have an open source, or paid-for Rails application, deployed by thousands of different users, you can create your own Pack that specifically suits that application. Your Pack can include saved queries, alerts and tags, as well as dashboards.

Logentries community packs for AWS

Let's assume you have a Rails Shopping application that you sell, or is open source. By having this application log important information for you, such as errors, 404s, customers' IPs, shopping basket events, stock levels etc, you can use our Community packs to instantly define and build dashboards for the application. This allows users to gain insight into important information; such as current customer numbers, stock levels, baskets sizes and top selling products with the ability to drill back into the log event and the actual customer details.

You can also create alerts so your users are notified if a large basket is not processed, if inventory levels are low, etc. The possibilities are endless by leveraging the power of Logentries instead of building all this technology into your product.

With a large number of companies moving their infrastructure to run on Amazons AWS, we developed a pack specifically to support one of the most commonly used logging systems, the AWS CloudTrail service.

AWS CloudTrail is a web service that records AWS API calls for your account and delivers log files to you, which we collect and make available on Logentries. The recorded information includes the identity of the API caller, time of the API call, the source IP address of the API caller, the request parameters, and the response elements returned by the AWS service.

With CloudTrail you can get a history of AWS API calls for your account, including API calls made via the AWS Management Console, AWS SDKs, command line tools, and higher-level AWS services (such as AWS CloudFormation). The AWS API call history produced by CloudTrail enables security analysis, resource change tracking, and compliance auditing.

Community Packs for CloudTrail and CloudWatch

For AWS CloudTrail users, which monitors all your AWS API calls, we included Queries, Alerts and Dashboards for the most popular activities in our AWS Community including:

Alerts for:

  • AWS Security Group Actions
  • AWS EC2 Instance Actions
  • AWS Policy Actions
  • AWS User Actions
  • AWS Group Actions
  • AWS Password Update

Dashboard items for:

  • Event Type Breakdown over your AWS environment
  • Event Type Breakdown By IAMUser
  • Event Count Breakdown By IAMUser
  • Number of Instance Stops
  • Number of Instance Starts

This pack is available for easy download here.

To upload the pack you will need a Logentries Account. Then, simply click the community button and upload pack.


A small sample pack below highlights how simple and editable the JSON files are.

   "tags": [
           "type": "Alert",
           "name": "AWS Security Group Actions",
           "description": "AWS Security Group Actions",
           "labels": [
                   "name": "AWS Security",
                   "color": "c90707"
           "patterns": [
           "action": {
               "type": "Alert",
               "min_matches_count": 1,
               "min_report_count": 1,
               "min_matches_period": "Hour",
               "min_report_period": "Hour"
   "searches": [
           "name": "startinstances",
           "query": "StartInstances calculate(COUNT)"
   "widgets": [
           "name": "Event Type Breakdown",
           "search_name": "event_type_breakdown",
           "type": "BarChart"


The documentation on this is available at https://logentries.com/doc/community-packs-create/.

So go ahead and create pack and share it with your Community? We'd love to hear what you think!

More Stories By Trevor Parsons

Trevor Parsons is Chief Scientist and Co-founder of Logentries. Trevor has over 10 years experience in enterprise software and, in particular, has specialized in developing enterprise monitoring and performance tools for distributed systems. He is also a research fellow at the Performance Engineering Lab Research Group and was formerly a Scientist at the IBM Center for Advanced Studies. Trevor holds a PhD from University College Dublin, Ireland.

@DevOpsSummit Stories
In today's always-on world, customer expectations have changed. Competitive differentiation is delivered through rapid software innovations, the ability to respond to issues quickly and by releasing high-quality code with minimal interruptions. DevOps isn't some far off goal; it's methodologies and practices are a response to this demand. The demand to go faster. The demand for more uptime. The demand to innovate. In this keynote, we will cover the Nutanix Developer Stack. Built from the foundation of software-defined infrastructure, Nutanix has rapidly expanded into full application lifecycle management across any infrastructure or cloud .Join us as we delve into how the Nutanix Developer Stack makes it easy to build hybrid cloud applications by weaving DBaaS, micro segmentation, event driven lifecycle operations, and both financial and cloud governance together into a single unified st...
The Software Defined Data Center (SDDC), which enables organizations to seamlessly run in a hybrid cloud model (public + private cloud), is here to stay. IDC estimates that the software-defined networking market will be valued at $3.7 billion by 2016. Security is a key component and benefit of the SDDC, and offers an opportunity to build security 'from the ground up' and weave it into the environment from day one. In his session at 16th Cloud Expo, Reuven Harrison, CTO and Co-Founder of Tufin, will discuss the main security considerations enterprises face when rolling out SDDCs and how they can harness key functionality of a virtual environment to achieve more granular security controls across hybrid environments.
In his keynote at 18th Cloud Expo, Andrew Keys, Co-Founder of ConsenSys Enterprise, provided an overview of the evolution of the Internet and the Database and the future of their combination – the Blockchain. Andrew Keys is Co-Founder of ConsenSys Enterprise. He comes to ConsenSys Enterprise with capital markets, technology and entrepreneurial experience. Previously, he worked for UBS investment bank in equities analysis. Later, he was responsible for the creation and distribution of life settlement products to hedge funds and investment banks. After, he co-founded a revenue cycle management company where he learned about Bitcoin and eventually Ethereum.
DevOps is often described as a combination of technology and culture. Without both, DevOps isn't complete. However, applying the culture to outdated technology is a recipe for disaster; as response times grow and connections between teams are delayed by technology, the culture will die. A Nutanix Enterprise Cloud has many benefits that provide the needed base for a true DevOps paradigm. In their Day 3 Keynote at 20th Cloud Expo, Chris Brown, a Solutions Marketing Manager at Nutanix, and Mark Lavi, a Nutanix DevOps Solution Architect, explored the ways that Nutanix technologies empower teams to react faster than ever before and connect teams in ways that were either too complex or simply impossible with traditional infrastructures.
@CloudEXPO and @ExpoDX, two of the most influential technology events in the world, have hosted hundreds of sponsors and exhibitors since our launch 10 years ago. @CloudEXPO and @ExpoDX New York and Silicon Valley provide a full year of face-to-face marketing opportunities for your company. Each sponsorship and exhibit package comes with pre and post-show marketing programs. By sponsoring and exhibiting in New York and Silicon Valley, you reach a full complement of decision makers and buyers in multiple vertical markets. Our delegate profiles can be located in our show prospectus.