May
29
2019
--

Logz.io lands $52M to keep growing open source-based logging tools

Logz.io announced a $52 million Series D investment today. The round was led by General Catalyst.

Other investors participating in the round included OpenView Ventures, 83North, Giza Venture Capital, Vintage Investment Partners, Greenspring Associates and Next47. Today’s investment brings the total raised to nearly $100 million, according to Crunchbase data.

Logz.io is a company built on top of the open-source tools Elasticsearch, Logstash and Kibana (collectively known by the acronym ELK) and Grafana. It’s taking those tools in a typical open-source business approach, packaging them up and offering them as a service. This approach enables large organizations to take advantage of these tools without having to deal with the raw open-source projects.

The company’s solutions intelligently scan logs looking for anomalies. When it finds them, it surfaces the problem and informs IT or security, depending on the scenario, using a tool like PagerDuty. This area of the market has been dominated in recent years by vendors like Splunk and Sumo Logic, but company founder and CEO Tomer Levy saw a chance to disrupt that space by packaging a set of open-source logging tools that were rapidly increasing in popularity. They believed they could build on that growing popularity, while solving a pain point the founders had actually experienced in previous positions, which is always a good starting point for a startup idea.

Screenshot: Logz.io

“We saw that the majority of the market is actually using open source. So we said, we want to solve this problem, a problem we have faced in the past and didn’t have a solution. What we’re going to do is we’re going to provide you with an easy-to-use cloud service that is offering an open-source compatible solution,” Levy explained. In other words, they wanted to build on that open-source idea, but offer it in a form that was easier to consume.

Larry Bohn, who is leading the investment for General Catalyst, says that his firm liked the idea of a company building on top of open source because it provides a built-in community of developers to drive the startup’s growth — and it appears to be working. “The numbers here were staggering in terms of how quickly people were adopting this and how quickly it was growing. It was very clear to us that the company was enjoying great success without much of a commercial orientation,” Bohn explained.

In fact, Logz.io already has 700 customers, including large names like Schneider Electric, The Economist and British Airways. The company has 175 employees today, but Levy says they expect to grow that by 250 by the end of this year, as they use this money to accelerate their overall growth.

May
29
2019
--

Logz.io lands $52M to keep growing open source-based logging tools

Logz.io announced a $52 million Series D investment today. The round was led by General Catalyst.

Other investors participating in the round included OpenView Ventures, 83North, Giza Venture Capital, Vintage Investment Partners, Greenspring Associates and Next47. Today’s investment brings the total raised to nearly $100 million, according to Crunchbase data.

Logz.io is a company built on top of the open-source tools Elasticsearch, Logstash and Kibana (collectively known by the acronym ELK) and Grafana. It’s taking those tools in a typical open-source business approach, packaging them up and offering them as a service. This approach enables large organizations to take advantage of these tools without having to deal with the raw open-source projects.

The company’s solutions intelligently scan logs looking for anomalies. When it finds them, it surfaces the problem and informs IT or security, depending on the scenario, using a tool like PagerDuty. This area of the market has been dominated in recent years by vendors like Splunk and Sumo Logic, but company founder and CEO Tomer Levy saw a chance to disrupt that space by packaging a set of open-source logging tools that were rapidly increasing in popularity. They believed they could build on that growing popularity, while solving a pain point the founders had actually experienced in previous positions, which is always a good starting point for a startup idea.

Screenshot: Logz.io

“We saw that the majority of the market is actually using open source. So we said, we want to solve this problem, a problem we have faced in the past and didn’t have a solution. What we’re going to do is we’re going to provide you with an easy-to-use cloud service that is offering an open-source compatible solution,” Levy explained. In other words, they wanted to build on that open-source idea, but offer it in a form that was easier to consume.

Larry Bohn, who is leading the investment for General Catalyst, says that his firm liked the idea of a company building on top of open source because it provides a built-in community of developers to drive the startup’s growth — and it appears to be working. “The numbers here were staggering in terms of how quickly people were adopting this and how quickly it was growing. It was very clear to us that the company was enjoying great success without much of a commercial orientation,” Bohn explained.

In fact, Logz.io already has 700 customers, including large names like Schneider Electric, The Economist and British Airways. The company has 175 employees today, but Levy says they expect to grow that by 250 by the end of this year, as they use this money to accelerate their overall growth.

Mar
28
2019
--

Vizion.ai launches its managed Elasticsearch service

Setting up Elasticsearch, the open-source system that many companies large and small use to power their distributed search and analytics engines, isn’t the hardest thing. What is very hard, though, is to provision the right amount of resources to run the service, especially when your users’ demand comes in spikes, without overpaying for unused capacity. Vizion.ai’s new Elasticsearch Service does away with all of this by essentially offering Elasticsearch as a service and only charging its customers for the infrastructure they use.

Vizion.ai’s service automatically scales up and down as needed. It’s a managed service and delivered as a SaaS platform that can support deployments on both private and public clouds, with full API compatibility with the standard Elastic stack that typically includes tools like Kibana for visualizing data, Beats for sending data to the service and Logstash for transforming the incoming data and setting up data pipelines. Users can easily create several stacks for testing and development, too, for example.

Vizion.ai GM and VP Geoff Tudor

“When you go into the AWS Elasticsearch service, you’re going to be looking at dozens or hundreds of permutations for trying to build your own cluster,” Vision.ai’s VP and GM Geoff Tudor told me. “Which instance size? How many instances? Do I want geographical redundancy? What’s my networking? What’s my security? And if you choose wrong, then that’s going to impact the overall performance. […] We do balancing dynamically behind that infrastructure layer.” To do this, the service looks at the utilization patterns of a given user and then allocates resources to optimize for the specific use case.

What VVizion.ai hasdone here is take some of the work from its parent company Panzura, a multi-cloud storage service for enterprises that has plenty of patents around data caching, and applied it to this new Elasticsearch service.

There are obviously other companies that offer commercial Elasticsearch platforms already. Tudor acknowledges this, but argues that his company’s platform is different. With other products, he argues, you have to decide on the size of your block storage for your metadata upfront, for example, and you typically want SSDs for better performance, which can quickly get expensive. Thanks to Panzura’s IP, Vizion.ai is able to bring down the cost by caching recent data on SSDs and keeping the rest in cheaper object storage pools.

He also noted that the company is positioning the overall Vizion.ai service, with the Elasticsearch service as one of the earliest components, as a platform for running AI and ML workloads. Support for TensorFlow, PredictionIO (which plays nicely with Elasticsearch) and other tools is also in the works. “We want to make this an easy serverless ML/AI consumption in a multi-cloud fashion, where not only can you leverage the compute, but you can also have your storage of record at a very cost-effective price point.”

Jan
18
2017
--

Elasticsearch Ransomware: Open Source Database Security Part 2

Elasticsearch Ransomware

Elasticsearch RansomwareIn this blog post, we’ll look at a new Elasticsearch ransomware outbreak and what you can do to prevent it happening to you.

Mere weeks after reports of MongoDB servers getting hacked and infected with ransomware, Elasticsearch clusters are experiencing the same difficulties. David Murphy’s blog discussed the situation and the solution for MongoDB servers. In this blog post, we look at how you can prevent ransomware attacks on your Elasticsearch clusters.

First off, what is Elasticsearch? Elasticsearch is an open source distributed index based on Apache Lucene. It provides a full-text search with an HTTP API, using schemaless JSON documents. By its nature, it is also distributed and redundant. Companies use Elasticsearch with logging via the ELK stack and data-gathering software, to assist with data analytics and visualizations. It is also used to back search functionality in a number of popular apps and web services.

In this new scenario, the ransomware completed wiped away the cluster data, and replaced it with the following warning index:

“SEND 0.2 BTC TO THIS WALLET: 1DAsGY4Kt1a4LCTPMH5vm5PqX32eZmot4r IF YOU WANT RECOVER YOUR DATABASE! SEND TO THIS EMAIL YOUR SERVER IP AFTER SENDING THE BITCOINS.”

As with the MongoDB situation, this isn’t a flaw in the Elasticsearch software. This vulnerability stems from not correctly using the security settings provided by Elasticsearch. As the PCWorld article sums up:

According to experts, there is no reason to expose Elasticsearch clusters to the internet. In response to these recent attacks, search technologies and distributed systems architect Itamar Syn-Hershko has published a blog post with recommendations for securing Elasticsearch deployments.

The blog post they reference has excellent advice and examples of how to protect your Elasticsearch installations from exploitation. To summarize its advice (from the post itself):

Whatever you do, never expose your cluster nodes to the web directly.

So how do you prevent hackers from getting into your Elasticsearch cluster? Using the advice from Syn-Hershko’s blog, here are some bullet points for shoring up your Elasticsearch security:

  • HTTP-enabled nodes should only listen to private IPs. You can configure what IPs Elasticsearch listens to: localhost, private IPs, public IPs or several of these options.
    network.bind_host

     and 

    network.host

     control the IP types (manual). Never set Elasticsearch to listen to a public IP or a publicly accessible DNS name.

  • Use proxies to communicate with clients. You should pass any application queries to Elasticsearch through some sort of software that can filter requests, perform audit-logging and password-protect the data. Your client-side javascript shouldn’t talk to Elastic directly, and should only communicate with your server-side software. That software can translate all client-side requests to Elasticsearch DSL, execute the query, and then send the response in a format the clients expect.
  • Don’t use default ports. Once again for clarity: DON’T USE DEFAULT PORTS. You can easily change Elasticsearch’s default ports by modifying the .YML file. The relevant parameters are
    http.port

     and

    transport.tcp.port

     (manual).

  • Disable HTTP if you don’t need it. Only Elasticsearch client nodes should enable HTTP, and your private network applications should be the only ones with access to them. You can completely disable the HTTP module by setting
    http.enabled

     to

    false

     (manual).

  • Secure publicly available client nodes. You should protect your Elasticsearch client and any UI it communicates with (such as Kibana and Kopf) behind a VPN. If you choose to allow some nodes access to the public network, use HTTPS and don’t transmit data and credentials as plain-text. You can use plugins like Elastic’s Shield or SearchGuard to secure your cluster.
  • Disable scripting (pre-5.x). Malicious scripts can hack clusters via the Search API. Earlier versions of Elasticscript allowed unsecured scripts to access the software. If you are using an older version (pre-5.x), upgrade to a newer version or disable dynamic scripting completely.

Go to Syn-Hershko’s blog for more details.

This should get you started on correctly protecting yourself against Elasticsearch ransomware (and other security threats). If you want to have someone review your security, please contact us.

Oct
02
2016
--

Percona Live Europe featured talk with Philipp Krenn — Elasticsearch for SQL Users

Percona Live EuropeWelcome to another Percona Live Europe featured talk with Percona Live Europe 2016: Amsterdam speakers! In this series of blogs, we’ll highlight some of the speakers that will be at this year’s conference. We’ll also discuss the technologies and outlooks of the speakers themselves. Make sure to read to the end to get a special Percona Live Europe registration bonus!

In this Percona Live Europe featured talk, we’ll meet Philipp Krenn, Infrastructure | Developer Advocate at Elastic. His talk will be on Elasticsearch for SQL Users. Elasticsearch is a document store with its own query DSL. In his talk, he will look at several well-understood concepts and SQL queries from the relational paradigm and map these to their Elasticsearch equivalents.

I had a chance to speak with Philipp and learn a bit more about SQL searches:

Give me a brief history of yourself: how you got into database development, where you work, what you love about it.

I have switched between development and operations a few times and have been focusing on cloud and databases lately. This includes relational and non-relational databases, and how to find the right mix of solutions for projects. Since I started participating in more and more meetups and events, I was lucky to join the great team at Elastic. I now get to spread the good word and work on the infrastructure team. Now I can be found at lots of events, and I absolutely love to get out to the community and talk about all things search, database, metrics, operations and tech in general.

Percona: Your talk is called “Elasticsearch for SQL Users.” What is Elasticsearch? How can businesses use it to improve their database environment?

Philipp: Elasticsearch started off as a full-text search engine, providing the distribution, REST interface and Query DSL around the well-known Apache Lucene library. By now it covers logging, metrics, analytics, security and many more uses cases – but we’ll focus on search.

Many businesses have the need for a search that just works. While this sounds very simple, it can be challenging to implement, and many databases are just not for this task. That’s why Elasticsearch is a fantastic tool that you can add when you need a powerful search.

Percona: Why is bridging the worlds of relational and NoSQL databases important?

Philipp: Both sides are around to stay. I feel that the relational and the NoSQL worlds are growing closer together. Relational systems are getting better at scaling and replicating, as well as adding more flexible data types. Whereas NoSQL systems are adding more features, such as SQL-like interfaces, and slowly improving their tooling. Bridging these two worlds seems to be very fruitful to both, so anybody using both databases can only profit.

Percona: Where do you see MySQL and NoSQL heading in order to deal with some of the database trends that keep you awake at night?

Philipp: It’s a very dynamic landscape, so picking the right tools is not getting easier. And neither of the two systems will replace the other one anytime soon. I imagine a healthy competition for the future, which will hopefully allow all of us to have fewer sleepless nights, because I don’t consider being awake at night a feature!

Percona: What are looking forward to the most at Percona Live Europe this year?

Philipp: Lively discussions and arguments. Building products is just the start. Spreading the word, getting feedback, seeing how you can integrate with other solutions: these are all reasons why conferences are so valuable.

You can read more about Philipp and his thoughts on searches at his website and Twitter handle.

Want to find out more about Philipp, Elasticsearch and database searches? Register for Percona Live Europe 2016, and come see his talk Elasticsearch for SQL Users.

Use the code FeaturedTalk and receive €25 off the current registration price!

Percona Live Europe 2016: Amsterdam is the premier event for the diverse and active open source database community. The conferences have a technical focus with an emphasis on the core topics of MySQL, MongoDB, and other open source databases. Percona live tackles subjects such as analytics, architecture and design, security, operations, scalability and performance. It also provides in-depth discussions for your high-availability, IoT, cloud, big data and other changing business needs. This conference is an opportunity to network with peers and technology professionals by bringing together accomplished DBA’s, system architects and developers from around the world to share their knowledge and experience. All of these people help you learn how to tackle your open source database challenges in a whole new way.

This conference has something for everyone!

Percona Live Europe 2016: Amsterdam is October 3-5 at the Mövenpick Hotel Amsterdam City Centre.

Amsterdam eWeek

Percona Live Europe 2016 is part of Amsterdam eWeek. Amsterdam eWeek provides a platform for national and international companies that focus on online marketing, media and technology and for business managers and entrepreneurs who use them, whether it comes to retail, healthcare, finance, game industry or media. Check it out!

Jun
05
2014
--

ElasticSearch Scores $70M In Series C To Fund Growth Spurt

Man working in front of computer. ElasticSearch announced $70M in Series C funding today just 18 months after forming the company. Company executives say they will use the money to continue to drive their phenomenal growth. This round is being led by New Enterprise Associates (NEA). Additional funders include Benchmark Capital and Index Ventures. It brings total funding to date to $104M. It’s said when a child… Read More

Powered by WordPress | Theme: Aeros 2.0 by TheBuckmaker.com