Unleash the power of Amazon Kinesis Data Firehose and Elastic for enhanced observability

May 26, 2023 by iHash Leave a Comment

As more organizations leverage the Amazon Web Services (AWS) cloud platform and services to drive operational efficiency and bring products to market, managing logs becomes a critical component of maintaining visibility and safeguarding multi-account AWS environments. Traditionally, logs are stored in Amazon Simple Storage Service (Amazon S3) and then shipped to an external monitoring and analysis solution for further processing.

To simplify this process and reduce management overhead, AWS users can now leverage the new Amazon Kinesis Firehose Delivery Stream to ingest logs into Elastic Cloud in AWS in real time and view them in the Elastic Stack alongside other logs for centralized analytics. This eliminates the necessity for time-consuming and expensive procedures such as VM provisioning or data shipper operations.

Elastic Observability unifies logs, metrics, and application performance monitoring (APM) traces for a full contextual view across your hybrid AWS environments alongside their on-premises data sets. Elastic Observability enables you to track and monitor performance across a broad range of AWS services, including AWS Lambda, Amazon Elastic Compute Cloud (EC2), Amazon Elastic Container Service (ECS), Amazon Elastic Kubernetes Service (EKS), Amazon Simple Storage Service (S3), Amazon Cloudtrail, Amazon Network Firewall, and more.

In this blog, we will walk you through how to use the Amazon Kinesis Data Firehose integration — Elastic is listed in the Amazon Kinesis Firehose drop-down list — to simplify your architecture and send logs to Elastic, so you can monitor and safeguard your multi-account AWS environments.

Announcing the Kinesis Firehose method

Elastic currently provides both agent-based and serverless mechanisms, and we are pleased to announce the addition of the Kinesis Firehose method. This new method enables customers to directly ingest logs from AWS into Elastic, supplementing our existing options.

Elastic Agent pulls metrics and logs from CloudWatch and S3 where logs are generally pushed from a service (for example, EC2, ELB, WAF, Route53) and ingests them into Elastic Cloud.
Elastic’s Serverless Forwarder (runs Lambda and available in AWS SAR) sends logs from Kinesis Data Stream, Amazon S3, and AWS Cloudwatch log groups into Elastic. To learn more about this topic, please see this blog post.
Amazon Kinesis Firehose directly ingests logs from AWS into Elastic (specifically, if you are running the Elastic Cloud on AWS).

In this blog, we will cover the last option since we have recently released the Amazon Kinesis Data Firehose integration. Specifically, we’ll review:

A general overview of the Amazon Kinesis Data Firehose integration and how it works with AWS

Step-by-step instructions to set up the Amazon Kinesis Data Firehose integration on AWS and on Elastic Cloud

By the end of this blog, you’ll be equipped with the knowledge and tools to simplify your AWS log management with Elastic Observability and Amazon Kinesis Data Firehose.

Prerequisites and configurations

If you intend to follow the steps outlined in this blog post, there are a few prerequisites and configurations that you should have in place beforehand.

You will need an account on Elastic Cloud and a deployed stack on AWS. Instructions for deploying a stack on AWS can be found here. This is necessary for AWS Firehose Log ingestion.

You will also need an AWS account with the necessary permissions to pull data from AWS. Details on the required permissions can be found in our documentation.

Finally, be sure to turn on VPC Flow Logs for the VPC where your application is deployed and send them to AWS Firehose.

Elastic’s Amazon Kinesis Data Firehose integration

Elastic has collaborated with AWS to offer a seamless integration of Amazon Kinesis Data Firehose with Elastic, enabling direct ingestion of data from Amazon Kinesis Data Firehose into Elastic without the need for Agents or Beats. All you need to do is configure the Amazon Kinesis Data Firehose delivery stream to send its data to Elastic’s endpoint. In this configuration, we will demonstrate how to ingest VPC Flow logs and Firewall logs into Elastic. You can follow a similar process to ingest other logs from your AWS environment into Elastic.

There are three distinct configurations available for ingesting VPC Flow and Network firewall logs into Elastic. One configuration involves sending logs through CloudWatch, and another uses S3 and Kinesis Firehose; each has its own unique setup. With Cloudwatch and S3 you can store and forward but with Kinesis Firehose you will have to ingest immediately. However, in this blog post, we will focus on this new configuration that involves sending VPC Flow logs and Network Firewall logs directly to Elastic.

Source link

Share this:
Facebook
Twitter
Pinterest
LinkedIn

Leave a ReplyCancel reply

This site uses Akismet to reduce spam. Learn how your comment data is processed.

More to See

Billie Eilish is Apple Music’s Artist of the Year for 2024
Nov 22, 2024 By iHash
Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign
Nov 21, 2024 By iHash

Tags

* Apple attack attacks Cisco cloud computer security Critical cyber attacks cyber news cybersecurity Cyber Security cyber security news cyber security news today cyber security updates cyber updates data data breach Elastic google hacker hacker news Hackers hacking hacking news how to hack incident response information security iOS 7 iOS 8 iPhone Malware microsoft network security ransomware ransomware malware risk management Secure security security vulnerabilities software vulnerability the hacker news Threat update video

Latest

Strengthen SMB Security with Seamless Mobile Protection
Small and medium-sized businesses (SMBs) face many of the same cybersecurity threats as large enterprises but often lack the resources to maintain robust security across all devices. As SMBs rely on a growing number of smartphones and tablets, they must defend against a range of mobile-focused cyberattacks. The need for comprehensive security has never […]

How Real-Time Data Analytics and AI Are Transforming Heavy Equipment Operations
The demand for streamlined equipment operations is more apparent as industrial processes have become more complex and diversified. Data analysis and AI are transforming how all industries operate, promoting productivity and enhancing performance. These technological advances automate operations and allow businesses to allocate more resources to service improvement, customer service and innovations. Real-time data analysis […]

Shazam hits 100 billion song recognitions
Shazam has now officially surpassed over 100 billion song recognitions since it launched. To help put that into perspective: That’s equivalent to 12 songs identified for every person on Earth. A person would need to use Shazam to identify a song every second for 3,168 years to reach 100 billion. That’s more than 2,200x the […]

Apple shares the most popular podcasts of 2024
Today, Apple shared the most popular podcasts of 2024, with year-end charts localized for listeners in nearly 100 countries and regions. The 2024 charts are available in the Browse tab through the end of the year, and include the top podcasts overall, the top new shows that debuted this year, the most followed shows, the […]

Unveiling LIMINAL PANDA – Threats to Telecom Sector
On Tuesday, November 19, 2024, Adam Meyers, CrowdStrike Senior Vice President of Counter Adversary Operations, will testify in front of the U.S. Senate Judiciary Subcommittee on Privacy, Technology, and the Law on Chinese cyber threats to critical infrastructure. Within his testimony, Adam will speak publicly for the first time about a China-nexus state-sponsored actor that […]

Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices
The malware known as Ngioweb has been used to fuel a notorious residential proxy service called NSOCKS, as well as by other services such as VN5Socks and Shopsocks5, new findings from Lumen Technologies reveal. “At least 80% of NSOCKS bots in our telemetry originate from the Ngioweb botnet, mainly utilizing small office/home office (SOHO) routers […]

Jailbreak

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.2.0
Pangu has updated its jailbreak utility for iOS 9.0 to 9.0.2 with a fix for the manage storage bug and the latest version of Cydia. Change log V1.2.0 (2015-10-27) 1. Bundle latest Cydia with new Patcyh which fixed failure to open url scheme in MobileSafari 2. Fixed the bug that “preferences -> Storage&iCloud Usage -> […]

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1
Apple has blocked exploits used by the Pangu Jailbreak with the release of iOS 9.1. Pangu was able to jailbreak iOS 9.0 to 9.0.2; however, in Apple’s document on the security content of iOS 9.1, PanguTeam is credited with discovering two vulnerabilities that have been patched.

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.1.0
Pangu has released an update to its jailbreak utility for iOS 9 that improves its reliability and success rate. Change log V1.1.0 (2015-10-21) 1. Improve the success rate and reliability of jailbreak program for 64bit devices 2. Optimize backup process and improve jailbreak speed, and fix an issue that leads to fail to […]

Activator 1.9.6 Released With Support for iOS 9, 3D Touch
Ryan Petrich has released Activator 1.9.6, an update to the centralized gesture, button, and shortcut manager, that brings support for iOS 9 and 3D Touch.

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54

Unleash the power of Amazon Kinesis Data Firehose and Elastic for enhanced observability

Announcing the Kinesis Firehose method

Prerequisites and configurations

Elastic’s Amazon Kinesis Data Firehose integration

JBL Flip 6 Portable Bluetooth Speaker (Open Box) for $74

Navee V25 300W Foldable e-Scooter for $299

Smart Tracker Includes Key Ring – Works with Apple Find My App (2-Pack) for $34

Harmony Premium Plan Lifetime Subscription for $99

Lenovo 11.6" 100e Chromebook 2nd Gen (2019) MediaTek MT8173C 4GB RAM 16GB eMMC (Refurbished) for $54

Leave a ReplyCancel reply

Billie Eilish is Apple Music’s Artist of the Year for 2024

Over 2,000 Palo Alto Networks Devices Hacked in Ongoing Attack Campaign

Strengthen SMB Security with Seamless Mobile Protection

How Real-Time Data Analytics and AI Are Transforming Heavy Equipment Operations

Shazam hits 100 billion song recognitions

Apple shares the most popular podcasts of 2024

Unveiling LIMINAL PANDA – Threats to Telecom Sector

Ngioweb Botnet Fuels NSOCKS Residential Proxy Network Exploiting IoT Devices

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.2.0

Apple Blocks Pangu Jailbreak Exploits With Release of iOS 9.1

Pangu Releases Updated Jailbreak of iOS 9 Pangu9 v1.1.0

Activator 1.9.6 Released With Support for iOS 9, 3D Touch

Announcing the Kinesis Firehose method

Prerequisites and configurations

Elastic’s Amazon Kinesis Data Firehose integration

Share this:

Reader Interactions

Leave a ReplyCancel reply