Posted on

Apache Kafka in Cybersecurity for Threat Intelligence

Apache Kafka became the de facto standard for processing data in motion across enterprises and industries. Cybersecurity is a key success factor across all use cases. Kafka is not just used as a backbone and source of truth for data. It also monitors, correlates, and proactively acts on events from various real-time and batch data sources to detect anomalies and respond to incidents. This blog series explores use cases and architectures for Kafka in the cybersecurity space, including situational awareness, threat intelligence, forensics, air-gapped and zero trust environments, and SIEM/SOAR modernization. This post is part three: Cyber Threat Intelligence.

Blog Series: Apache Kafka for Cybersecurity

This blog series explores why security features such as RBAC, encryption, and audit logs are only the foundation of a secure event streaming infrastructure. Learn about use cases,  architectures, and reference deployments for Kafka in the cybersecurity space:

Posted on

Pushing Mule Application Logs to Splunk

Introduction

Logging is an essential part of monitoring and troubleshooting issues and any production errors or visualizing the data. Logging must be consistent and reliable so we can use that information for discovering relevant data. Some external logging tools, including ELK and Splunk
MuleSoft, provide its logging mechanism for storing application logs. Although CloudHub has a limitation of 100 MB of logs or 30 days of logs. The blog typically talks MuleSoft Splunk Integration.

For a robust logging mechanism, it is essential to have an external log analytic tool to further monitor the application. Today we will be using Splunk as an external logging tool and integrating it with MuleSoft using Log4j2 HTTP appender to send mule application logs to Splunk. Logging to Splunk can be enabled on Cloud Hub and On-Premise.

Posted on

API-First Product Managers’ Popular API Tools and API Metrics

We interviewed the product managers at a number of the larger API-first companies that are based in San Francisco. The companies are all publicly traded, have TTM revenue of more than $100M and are in the fields of billing, security, communications and workflow automation.

The PMs were asked what were their favorite tools and what API metrics they cared most about. Where possible we identified tools and metrics that were common across all market segments, excluding the (many) edge cases that you’d expect when your customer base numbered in the 1,000s.

Posted on

Splunk Logging in Lambda Using Low Code Approach

A centralized logging management solution like Splunk, Datadog, Sumologic, etc. enables organizations to collect, analyze, and display logs through a single pane of glass.

In this article, we will see how application logs can be sent to Splunk from lambda using the Kumologica Splunk node.

Posted on

How to Implement Splunk Enterprise On-Premise for a MuleSoft App

What Is Splunk?

Splunk is a tool used for logging, analyzing, reporting, visualizing, monitoring, or searching the machine data in real time.

Machine data is information that is generated by a computer process, application, device, or any other mechanism without any active intervention from humans. Machine data is everywhere, and it can be generated automatically from various sources like computer processes, elevators, cars, smartphones, etc., and generally, such data is generated in forms of events in an unstructured form.

Posted on

Java Applications Log Message Analytics Using Splunk

Splunk is the most-used server for collecting data from different sources, indexing that collected data, analyzing the index data, and preparing reports based on the indexed data. The source of data may be from any environment. The source may be in a structured format or an unstructured format. Splunk provides some intelligent algorithms to understand the indexed data that are used in security, IoT machine logs, and application logs and to provide data analytics.

Splunk Data Sources

Splunk provides a wide range of plugins to support various resources. For example, to understand Windows event logs, it provides one plugin. For understanding Ubuntu machines logs, it provides different plugins. Based on the analysis of logs, Splunk will generate the number of times that the operating system is loaded, the average CPU load in each session, and how many different users logged into the system. It will generate the reports and it can also generate dashboard for live data streaming.