New Blog --> Crushing False Positives: Supercharging SOC Efficiency with Smarter Threat Intel
New Blog --> Crushing False Positives: Supercharging SOC Efficiency with Smarter Threat Intel
Start Free Trial

Frequently Asked Questions

Why ChaosSearch for Log Analytics?

Log Analytics architectures are broken. Most are based on one or both of these technologies, Elasticsearch database and/or Lucene index, which are expensive to scale and manage, and cause data retention costs to be prohibitive. ChaosSearch is a new approach to Log Analysis based on a new indexing technology and a highly scalable cloud architecture. Developers and Engineers rely on ChaosSearch to gain timely insights into their applications, infrastructure, and security.

 

What makes ChaosSearch different?

ChaosSearch is a cloud-native, log analysis service that turns your Amazon S3 and Google Cloud Storage (GCS) into an intelligent search and analytic database. You don’t need to move your data into ChaosSearch. You simply dump data into Amazon S3 or GCS, our service indexes it, and start running search and analytics. ChaosSearch is an ideal fit for businesses grappling with the cost and complexity of rapidly growing data. 

 

Is ChaosSearch fully compatible with Elasticsearch?

No, ChaosSearch is not a direct replacement for Elasticsearch. ChaosSearch is an ELK Stack compatible log analysis service with integrated Kibana. Companies use ChaosSearch as a highly scalable, performant and more cost-effective log analytics service, particularly when dealing with large scale log data.

 

What is ElasticSearch UltraWarm?

In 2019, Amazon introduced a new Elasticsearch instance type called UltraWarm to their already existing Elasticsearch services. While UltraWarm is less expensive than their existing Elasticsearch services, it also introduces additional complexities, which should be carefully considered.  Learn more here.

 

Who owns the data with ChaosSearch?

All data is 100% owned by the customer. ChaosSearch never holds your data at rest, rather it always resides in your Amazon S3 cloud object storage or Google Cloud Storage (GCS). ChaosSearch is a data fabric and abstraction layer on top of Amazon S3 and GCS. When configuring ChaosSearch, simply create an AWS IAM Role that gives the service “read-only” access to your raw log data. As part of this Role, specify the location that ChaosSearch can write its index (analytic metadata). You always own your data, as well as, data about your data (metadata).

 

How much does ChaosSearch cost?

ChaosSearch is a SaaS offering on AWS and GCS. Starting at just 30¢ per indexed GB, with significant discounts at scale, ChaosSearch is up to 80% less expensive than comparable solutions in the market. For pricing details and competitive comparisons, please see our pricing page.

 

Is ChaosSearch secure?

Yes. ChaosSearch is a service on AWS and GCP that uses Amazon S3 and Google Cloud Storage (GCS) as a backing store, making your data highly available, scalable, durable, and secure. Amazon S3 and GCS provide an infrastructure to store data and are designed for durability of 99.999999999% of objects. In addition, ChaosSearch is SOC2 Type 2 and HIPAA compliant. For more details, please see our security page.

 

What AWS and GCP regions does ChaosSearch support?

ChaosSearch supports all AWS and GCP regions. 

 

How will ChaosSearch provision my compute environment?

ChaosSearch will provision and manage your compute environment in the same data center that your Amazon S3 or Google Cloud Storage resides. We do this to limit data movement, increase the security of your data and reduce latency. For our larger customers that have a specific security or compliance (PCI or HIPAA) reason, ChaosSearch will provision a “dedicated” AWS or GCS Virtual Private Cloud (VPC) environment which isolates them from other customers.

 

What is the impact on my monthly AWS S3 or GCS spend?

The ChaosSearch service is backed by a new and powerful indexing technology, Chaos Index®. Chaos Index® is an index file format that provides both relational queries and text search in one representation. This format significantly compresses data compared to existing index technologies. Chaos Index® is uniquely designed to exploit the cost efficiency of object storage such as Amazon S3 and Google Cloud Storage (GCS), while still providing high performance and elastic scale capabilities. For example, 10TB of raw source data indexed by ChaosSearch would typically result in a compressed data footprint of around 2TB. And with Amazon S3 and GCS pricing, ChaosSearch enables cost-disruptive historical log and event analysis.

 

Is ChaosSearch multi-tenant?

ChaosSearch eliminates the administration and management demands of traditional log analytic solutions. ChaosSearch is a secure, scalable, log analysis platform available either as a multi-tenant or dedicated SaaS environment using your Amazon S3 or Google Cloud Storage (GCS) as the hot data store. There’s no software or hardware to deploy, configure or maintain, which means ChaosSearch can be up and running in minutes.

 

Can any AWS or GCP region be selected for Amazon S3 or GCS storage?

ChaosSearch has revolutionized deployments by separating storage from compute. Any region may be selected for a customer's Amazon S3 or GCS storage. ChaosSearch will provision and manage compute on AWS or GCP on behalf of the customer in the same region or data center.

 

Does the subscription price include Amazon S3 or Google Cloud Storage costs?

The pricing for ChaosSearch does not include the costs associated with Amazon S3 or Google Cloud Storage. 

 

Does the subscription price include data transfer costs?

Because ChaosSearch is deployed within the same AWS or GCP region as your Amazon S3 or GCS, there are no ingress or egress fees. 

 

After indexing is the source data still available?

Yes, your source data is available for use with other native tools. ChaosSearch does not delete any data.

 

Do you provide support?

Yes. The standard ChaosSearch service includes Basic support, which gives you direct access to the core ChaosSearch team.

 

How can I cancel my subscription or close my account?

Simply email support@ChaosSearch.com from an email address registered as an admin on your account. We require at least 7 days notice for monthly billing customers. Notice period for Annually billed customers will be in your Service Order or can be provided by your Account Executive.