Logging Challenges and Logging in the Cloud - PodCast
I was invited as a guest to the CloudChaser podcast with Matt Grant.
We talked about a number of interesting topics related to logging, cloud, and security.
Log Management Challenges
We discussed a number of log management challenges from log generation to security in the cloud. Here is a brief list of topics we talked about:
- We first touched upon some issues with log file generation. I am discussing the lack of logging guidelines and the problems that brings with it.
- How are logs analyzed? One of the problems it that it should really be the application owners that look at their logs. From a security point of view, security analysts should look at the overall picture. But they should not be the only ones looking at those logs. It’s impossible for them to understand all the logs on n intimate level.
- Yet another problem is understanding the logs. Visualization is an interesting way of addressing that issue. Especially for reporting and exploration or discovery.
- Large-scale log storage seems to be a problem. Is it? Make sure you setup use-case driven retention policies!
We touched upon a number of other topics. Here is a short list:
- It seems that users are moving more and more into the application layer to collect logs. It’s not just the infrastructure layer anymore!
- Availability, performance, etc. can be a great way of selling your log management budget instead of using security as a selling point.
- Obviously we talked about Logging as a Service and Loggly in specific. A lot of logs are in the cloud or are being moved into the cloud ;)
- Security and regulatory concerns for logging in the cloud are always a fun topic. We discuss this briefly. The upshot is that it often isn’t a show stopper!
But hey, listen yourself!