How to Allow Verified Bots Using AWS WAF Bot Control
AWS WAF Bot Control helps you manage bot traffic effectively by allowing you to distinguish between verified bots, like those…
Threats
How to Convert Arrays of Hashes Into a Structured Key-Value Format During Log Processing
In some log formats, fields can be arrays of hashes, requiring conversion into a structured key-value format. Fluentd supports this…
New Cyber-Espionage Campaign Detection: Suspected China-Backed Actors Target High-Profile Organizations in Southeast Asia
Defenders observe increasing numbers of cyber-attacks linked to China-backed APT groups, primarily focused on intelligence gathering. In September 2024, a…
Designing Index Structure for Large Volumes of Data in Elasticsearch
Elasticsearch, a powerful distributed search and analytics engine, requires careful index structure design for optimal performance with large datasets, avoiding…
How to prevent BufferOverflowError
In this guide, I will tell you how to prevent BufferOverflowError when you get logs from Kafka/in_tail, and your output…
Adaptive Replica Selection in OpenSearch
Adaptive replica selection is a mechanism designed to improve query response times and alleviate strain on overloaded OpenSearch nodes. It…
How to Enable and Manage AWS WAF Logging with CloudWatch Logs
AWS WAF allows you to log traffic of your web ACLs, providing detailed insights such as the request details, matched…
Optimizing Elasticsearch Master Node for Cluster Stability
The master node is responsible for lightweight cluster-wide actions such as creating or deleting an index, tracking which nodes are…
Standard Logstash Template for Event Processing (Gold Template)
This standard template for configuring Logstash pipelines, commonly referred to as a “gold template,” ensures consistent metadata enrichment for events…
Configuring Disk Allocation Thresholds in Elasticsearch and OpenSearch
When running an Elasticsearch or OpenSearch cluster, efficient disk space management is essential for ensuring stability and performance. These platforms…