 |
VOOZH | about |
|
VOOZH | about |
We’re so glad you’re here. You can expect all the best TNS content to arrive Monday through Friday to keep you on top of the news and at the top of your game.
Check your inbox for a confirmation email where you can adjust your preferences and even join additional groups.
Follow TNS on your favorite social media networks.
Become a TNS follower on LinkedIn.
Check out the latest featured and trending stories while you wait for your first TNS newsletter.
Discarding or sampling data is like throwing out 500 pieces of a 1,000-piece puzzle. You can get an idea of the image in the puzzle, but you can’t see the full picture. You need that full picture to truly take advantage of observability data to predict potential incidents before they happen, and ensure your applications and infrastructure are operating as they should. Otherwise, you risk dangerous consequences.
To predict when end users will experience poor performance, especially when it comes to streaming video and web applications, companies may use AI for anomaly detection. However, to train those models, they need data. The models need historical data to identify patterns, what’s normal and abnormal, and fine-tune those models so that they can detect performance issues based on past behavioral indicators. For example, companies need to be able to predict when a performance issue will occur, so they can reroute traffic, for example, to a different content delivery network (CDN). Without data that shows the warning signs, they can’t make those predictions.
To detect and shut down low and slow attacks, like advanced persistent threats (APT), investigators must look back many months or even years to understand what happened, what the root cause was, who was affected, where it started and so on.
But when data is discarded, it increases the chances of not having all those details. It’s like throwing out the needle with the haystack. Important information may go down the drain, leaving gaps in the attack chain that can’t be filled. That means investigators may not find and shut down the root cause, increasing the risk of the attack persisting — or it may take more time to connect the dots, leaving an open window for more attacks.
Compliance regulations include mandates to store log data for security, auditing and legal purposes. For example, the Sarbanes-Oxley Act (SOX) requires companies to maintain detailed logs for auditing and financial reporting. The Gramm-Leach-Bliley Act (GLBA) requires financial institutions to secure customer data, which involves log storage to monitor access and changes. The Payment Card Industry Data Security Standard (PCI DSS) requires storing logs for at least one year. The Health Insurance Portability and Accountability Act (HIPAA) requires health-care organizations to log and monitor access to electronic protected health information.
If companies do not meet the data retention requirements, they could face steep fines, among other penalties.
What if you are using 1,000 servers but you only need 750? How would you know? By analyzing log data from cloud services, you can see where you need to scale up resources and how well those servers are performing. Without visibility into how your services are performing, you may be running services on containers that are overprovisioned.
Or, you may miss an issue with a service, such as a bug that is causing timeouts and repeated retries, resulting in excessive compute charges. You need access to log data to understand why failures are occurring and know where you may need more or fewer resources. In other words, you can’t spot the problem child without watching all the children.
Avoid these consequences by keeping all your data (without breaking your budget).
Ingesting, retaining and analyzing all of your data is key for maintaining a healthy, functional and secure infrastructure. Managed observability service Hydrolix for AWS — which recently launched on the AWS Marketplace and is part of AWS CloudFront Service Ready program — makes that doable.
