How much of your IT environment are you monitoring today? Are you regularly collecting and storing log data for review? If not, you’re likely leaving your organization open to unnecessary risk. Proactively monitoring your IT environment and implementing proper log management policies are fundamental to IT best practices, yet the sheer volume of data generated can often make proactive IT monitoring and troubleshooting an insurmountable challenge.
In any modern IT environment, log data is constantly being generated by servers, applications, virtual machines, cloud infrastructure, containers, and network devices. While collecting data from across these distributed sources can be challenging enough, centralizing the data into a singular location for immediate analysis can present further complications. And log data is often just the beginning. An issue’s root cause can often stem from a single employee workstation, from which you might not typically collect log data.
To meet the challenges faced by modern IT Operations and DevOps teams, Rapid7, an industry leader in IT and security solutions, recently added a new product to its platform: InsightOps. InsightOps introduces an innovative approach to IT monitoring and troubleshooting by combining advanced log management with simple IT asset search, giving users the ability to simply “ask questions” of their IT assets for immediate answers. As a cloud based solution, InsightOps automatically scales with any IT environment, freeing the end user from the responsibility of managing any underlying infrastructure.
Centralize your data with ease
Centralizing IT data from across the entire IT environment is at the core of what makes InsightOps so powerful. To start, InsightOps accepts log data in any format and from any source- no reformatting required. Unlike alternative log management solutions, users don’t have to write their own indexes. InsightOps automatically normalizes and indexes most known log formats automatically. Even custom logs can be collected without extra configuration.
Built with a pre-processing engine, InsightOps collects log streams in near-real-time, making the data available and searchable as soon as events are generated- not minutes later, as is often the case with alternative solutions. Once collected, it’s easy to organize logs into sets and search a single log, groups of logs or all logs just with a few clicks.
InsightOps offers a variety of options for sending data, including standard syslog protocols, application libraries, plugins, a REST API and Rapid7’s universal Insight Agent. The same agent used to collect data for other solutions available on the Rapid7 Insight Platform, the Insight Agent both collects logs and makes each IT asset in your environment visible in one comprehensive, centralized list for easy review. In just one solution, users now have access to all logs and IT assets from across their entire environment.
For users looking to streamline their workflows, InsightOps comes with a well-documented REST API and Command Line Interface to automate reports, alerts, user management, and more. The InsightOps REST API can be used to seamlessly add logging to any automated delivery pipeline and allows for seamless integrations with 3rd party tools.
Monitor Systems and Applications
With data centralized and easily accessible, InsightOps gives IT and DevOps professionals the ability to both proactively and passively monitor that data and troubleshoot issues in real time. InsightOps offers the ability to generate alerts when key events appear in your data and when expected events do not happen when they should. And with advanced anomaly detection, InsightOps can alert you when trends in your data exceed expected thresholds, empowering you to respond proactively, before issues occur. Best yet, InsightOps comes with out-of-the-box integrations with popular workflow tools like PagerDuty and Slack, along with standard webhooks, making it easy to incorporate InsightOps into your existing IT stack.
Sometimes, it is easiest to understand what’s happening in your environment through visualizations. InsightOps takes data visualizations to the next level with Liveboards – dashboards that receive live updates every 5 minutes, so you’re always looking at up-to-date information. And with InsightOps’ advanced query functions, users can produce histograms, time-series charts, calculate percentiles, standard deviations and more.
Need to share reports on user activity, resource utilization, or anything else from your IT environment? InsightOps provides the ability to schedule reports that run automatically and are saved to a reports archive for easy access. The next time a team member, manager or auditor has a question about something that took place in your environment, you will have immediate access to the reports you need.
Ask Questions and Get Answers
Most IT investigations start with a question. Where is the problem stemming from? How widespread is the issue? In many cases, it’s not obvious where to start searching for answers. In urgent scenarios, you don’t always have time to search through logs for answers. That’s why InsightOps introduced the Endpoint Interrogator. With an ever-growing list of pre-written questions, asking questions of your data is as simple as clicking the “ask” button. With the InsightOps Endpoint Interrogator, you can ask questions like “What’s the disk usage across all of my IT assets” or “how many instances of Microsoft Office are being used on employee workstations? The Endpoint Interrogator makes it easy to track system metrics, identify out-of-compliance machines, spot unauthorized software, identify logged-in users and more. Better yet, all answers generated by the Endpoint Interrogator are stored in a separate log file that can be easily searched, visualized, and alerted on.
Easy to Setup. Easy to Use.
Join Live Webcast: National Exposure Index 2017 on June 27th
Tuesday, June 27th 2PM ET/11AM PT
What’s all this exposure mean? Join Rapid7 research experts Bob Rudis and Tod Beardsley for a conversation on how and why they released the second annual National Exposure Index.
Why are we doing this? Leveraging the data collected from Rapid7’s Project Sonar – Tod and Bob are tracking the evolving internet with a goal of encouraging the wide-scale deployment of more modern, secure services and helping regional authorities understand their existing and legacy exposure.