Slide 1

Slide 1 text

Prelert: Elastic StackΛར༻ͨ͠ҟৗݕ஌ February 16th, Developers Summit 2017 େྠ ߂ৄ | Kosho Owa Solutions Architect, Elastic

Slide 2

Slide 2 text

2 Elastic Stack 100% open source No enterprise edition All new versions with 5.0

Slide 3

Slide 3 text

3 Elasticsearch Heart of the Elastic Stack Distributed, Scalable High-availability Multi-tenancy Developer Friendly Real-time, Full-text Search Aggregations

Slide 4

Slide 4 text

4 Kibana Window into the Elastic Stack Visualize and analyze Geospatial Customize and Share Reports Graph Exploration UX to secure and manage the Elastic Stack Build Custom Apps

Slide 5

Slide 5 text

5

Slide 6

Slide 6 text

6

Slide 7

Slide 7 text

7 Beats Lightweight data shippers Ship data from the source Ship and centralize in Elasticsearch Ship to Logstash for transformation and parsing Ship to Elastic Cloud Libbeat: API framework to build custom beats 30+ community Beats

Slide 8

Slide 8 text

8 FILEBEAT Log Files METRICBEAT Metrics PACKETBEAT Network Data WINGLOGBEAT Window Events More than 30 community Beats and growing … Apachebeat, dockbeat, httpbeat, mysqlbeat, nginxbeat, redis beats, twitterbeat, and more

Slide 9

Slide 9 text

9 Logstash Data processing pipeline Ingest data of all shapes, sizes, and sources Parse and dynamically transform data Transport data to any output Secure and encrypt data inputs Build your own pipeline More than 200+ plugins

Slide 10

Slide 10 text

10 X-Pack Extensions for the Elastic Stack Security Alerting Monitoring Reporting Graph Analytics Single Install, included in Elastic Subscription

Slide 11

Slide 11 text

11 X-Pack Security • Username and password • Integrate with authentication systems • Create a custom realm to authenticate users AUTHENTICATION • Manage users and roles • Assign permissions and privileges AUTHORITIZATION • SSL/TLS encryption • IP filtering • Field and document level security • Audit logging ADDITIONAL CONTROLS

Slide 12

Slide 12 text

12 X-Pack Alerting • Create Watches to detect changes in your data • Trigger automatic notifications • Setup nested alerts • Store and track alert history SETUP ALERTS NOTIFY AND INTEGRATE • Email • Slack • Pagerduty • Hipchat or JIRA • Other monitoring systems

Slide 13

Slide 13 text

13 X-Pack Monitoring • Prebuilt Kibana dashboards to monitor the performance of the Elastic Stack • Get vital statistics at various levels -- cluster, node, and indices MONITOR CLUSTER HEALTH OPTIMIZE CLUSTER PERFORMANCE • Multicluster support to compare health and performance of multiple clusters • Analyze historical or real-time data for root cause analyses • Utilize analyses to proactively optimize and improve cluster performance • Configure data retention policy

Slide 14

Slide 14 text

14 X-Pack Reporting • Email recurring status updates daily, weekly, monthly, etc. • Combine reporting with X-Pack alerting capabilities to trigger conditional reports AUTOMATE SCHEDULING SHARE AND COLLABORATE • Export any Kibana visualization or dashboard • Print-optimized and PDF formatted • Download and share past reports

Slide 15

Slide 15 text

15 X-Pack Graph • Uses relevance capabilities of Elasticsearch • Discover linkages and connections • Leverage API and UI-drive tool A NEW WAY TO EXPLORE DATA EXTEND TO NEW USE CASES • Fraud discovery • Recommendations • Cyber security • Behavioral analyses

Slide 16

Slide 16 text

16

Slide 17

Slide 17 text

σʔλ͔Β༗ҙٛͳ৘ใΛݟ͚ͭΔํ๏ 17 Search Aggregations Visualization Prelert Machine Learning

Slide 18

Slide 18 text

18 Prelert Behavioral analytics and unsupervised machine learning • Automatically detect anomalies • Advanced correlation and categorization • Identify root cause(s) • Expose early warning signs UNSUPERVISED MACHINE LEARNING ENABLE NEW USE CASES • Analyze time series data • Expand security, IT Ops, fraud, finance, and many more use cases • Currently beta; building a more native integration into the Elastic Stack

Slide 19

Slide 19 text

*5ΦϖϨʔγϣϯ • ࣗ෼ͷγεςϜ͸ਖ਼ৗʹՔಇ͍ͯ͠Δ? • ͲͷΑ͏ʹᮢ஋Λ൑அ͢Δ? • ໰୊͕ൃੜͨ࣌͠ʹɺͲͷΑ͏ʹݪҼΛݟ͚ͭΔ? 19

Slide 20

Slide 20 text

*5ηΩϡϦςΟ • Ϛϧ΢ΣΞʹ৵ೖ͞Ε͍ͯΔγεςϜ͸ແ͍͔? • Ϛϧ΢ΣΞ͕ͲͷΑ͏ʹײછΛ޿͔͛ͨ? • જࡏతʹڴҖͱͳΔ૊৫಺෦ͷϢʔβʔ͸୭͔? 20

Slide 21

Slide 21 text

ͦͷଞ • ͲͷΑ͏ʹɺଟ͘ͷछྨͷ࣌ܥྻσʔλͱ޲͖߹͏͔? • ޻৔͸ਖ਼ৗʹՔಇ͍ͯ͠Δ? • Ͳͷަ௨ࣄނ͕࠷΋ौ଺ΛҾ͖ى͍ͯ͜͠Δ͔? 21

Slide 22

Slide 22 text

Demo IT Operation, Security

Slide 23

Slide 23 text

No content

Slide 24

Slide 24 text

No content

Slide 25

Slide 25 text

No content

Slide 26

Slide 26 text

No content

Slide 27

Slide 27 text

No content

Slide 28

Slide 28 text

No content

Slide 29

Slide 29 text

No content

Slide 30

Slide 30 text

No content

Slide 31

Slide 31 text

No content

Slide 32

Slide 32 text

No content

Slide 33

Slide 33 text

&MBTUJDͷ.BDIJOF-FBSOJOHςΫϊϩδʔ 33 σʔλʹજΉߦಈϞσϧΛ
 ࣗಈతʹڭࢣͳֶ͠श ݱࡏͷߦಈ͕༧ଌϞσϧͱ
 ݦஶʹҟͳΔ৔߹ʹ௨஌

Slide 34

Slide 34 text

ϩʔυϚοϓ • ϕʔλ൛Λఏڙத (prelert.com) • Elastic StackͱͷΠϯςάϨʔγϣϯ͕ਐߦத • 2017೥্൒ظͷϦϦʔεΛ໨ඪ 34