JVM GC Monitor Service Overhead: Root Cause and Recommendations
Problem Description: The JvmGcMonitorService overhead warnings indicate that the Java Virtual Machine (JVM) is performing Old Generation Garbage Collection (GC).…
Threats
UAC-0099 Attack Detection: Cyber-Espionage Activity Against Ukrainian State Agencies Using WinRAR Exploit and LONEPAGE Malware
The UAC-0099 hacking collective, which has been launching targeted cyber-espionage attacks against Ukraine since the second half of 2022, resurfaces…
How to Deal with the Warning: “No ‘Basic Authorization’ header, send 401 and ‘WWW-Authenticate Basic’”
If you’ve worked with OpenSearch or Elasticsearch and encountered "No 'Basic Authorization' header, send 401 and 'WWW-Authenticate Basic'" warning in…
Fluentd: How to Make Nested Hash from Dot-Separated Keys
When a log record has keys like test.test, you can use two methods record_transformer and explode plugin, to process these…
Essential Dev Tools Commands for Elasticsearch & OpenSearch Administrators
As an Elasticsearch administrator, using the Dev Tools Console in Kibana can significantly simplify cluster management and troubleshooting. Below is…
How to Increase index.max_regex_length in OpenSearch
The error index.max.regex_length in OpenSearch is related to the maximum length of regular expressions that can be used in index…
Secret Blizzard Attack Detection: The russia-Linked APT Group Targets Ukraine via Amadey Malware to Deploy the Updated Kazuar Backdoor Version
Hot on the heels of russia-linked BlueAlpha’s exploitation of Cloudflare Tunneling services to spread GammaDrop malware, another russia-backed state-sponsored APT…
Fluentd: How to Change Tags During Log Processing.
I have a case where I need to drop unnecessary logs. I found a plugin that helps do that.The rewrite_tag_filter…
IBM QRadar: How to Create a Rule for Log Source Monitoring
Create a Custom RuleYou can create a custom rule to generate an offense or send notifications when logs stop coming…
Using Roles and Users for Data Access in Elasticsearch
Elasticsearch uses a security model to control access to data through roles and users. This allows only authorized users to…