New Blog --> Crushing False Positives: Supercharging SOC Efficiency with Smarter Threat Intel
New Blog --> Crushing False Positives: Supercharging SOC Efficiency with Smarter Threat Intel
Start Free Trial

ChaosSearch Blog

3 MIN READ

All Roads Lead to S3

I started using Amazon S3 in 2006 to store CD images (iso’s) as it was an easy to use, cost-effective way to make CD images publicly available for download. In 2006, the cost of object storage was high — S3 was disruptive right out of the gate. Since those days, S3 has become the bedrock of storage for the cloud as we know it. S3 is used to store everything from static web content, application log and event data, AWS logs, backups, images, movies, metadata about these things, satellite data, IoT and mobile data, essentially, everything.

Reading CHAOSSEARCH founder Thomas Hazel’s post Data is Cheap, Information is Expensive – Part 2, two things jump out. First, CHAOSSEARCH “could disrupt the analytics space and go a long way to solving the cost and complexity dilemma of big data.” Second, S3 is the perfect storage platform on which CHAOSSEARCH can prove that you can “Store everything. Ask anything.”

To illustrate how perfect the marriage of CHAOSSEARCH and S3 is and how quickly you can unlock value from data in S3, below are the steps along with a video walkthrough I shared with a new customer. The customer is in the video advertising space whose platform is based on Microsoft technologies running in AWS and needed assistance getting their platform logs to S3 for the IIS and .NET servers.

  1. Install Java (Logstash being Java-based can run anywhere)
  2. Download and install Logstash
  3. Configure Logstash to watch IIS/.NET directories for logs and to push logs to an S3 bucket
  4. Index the bucket with CHAOSSEARCH
  5. Start asking questions


 

If your data is already in S3, great — we’d love the opportunity to help you unlock value from it. If not, as you can see from the Logstash example, it is very easy to do. There are a wide variety of ways to get your data into S3 from the AWS CLI, Fluentd, to AWS Kinesis, to the Filebeat use Patrick Flaherty of CHAOSSEARCH describes, to S3 export features built-in to products that I describe in #6 of my recent blog post. Once you have your data in S3, it’s incredibly easy and exciting to see how quickly you can extract value with CHAOSSEARCH.

Request Free Trial

About the Author, Dave Armlin

Dave Armlin is the VP Customer Success of ChaosSearch. In this role, he works closely with new customers to ensure successful deployments, as well as with established customers to help streamline integrating new workloads into the ChaosSearch platform. Dave has extensive experience in big data and customer success from prior roles at Hubspot, Deep Information Sciences, Verizon, and more. Dave loves technology and balances his addiction to coffee with quality time with his wife, daughter, and son as they attack whatever sport is in season. He holds a Bachelor of Science in Computer Science from Northeastern University. More posts by Dave Armlin