Event Monitoring Using AWS CloudTrail

Amazon Web Services - Wikipedia

Introduction

If you are using cloud based services, it is evident and paramount to track events that have happened. Isn’t it?

Monitoring events in the cloud is important.

If you are using AWS, let’s assume you find that one autoscaling group in your AWS account is deleted. What will be your response?

How will you know who did it?

Continue reading “Event Monitoring Using AWS CloudTrail”

Integration of Prometheus with Cortex

As we promised in our previous blog Prometheus as Scale – Part 1 that in our next blog we will be writing about the implementation part of Cortex with Prometheus, so here we are with our promise. But before going to the implementation part, we would suggest you guys go through our first blog to know the need for it.

Previously we talked that Prometheus is becoming a go-to option for people who want to implement event-based monitoring and alerting. The implementation and management of Prometheus are quite easy. But when we have a large infrastructure to monitor or the infrastructure has started to grow you require to scale monitoring solution as well.

Continue reading “Integration of Prometheus with Cortex”

Postgres – CIS Benchmark

PostgreSQL Database Security Audit - 2ndQuadrant | PostgreSQL

We have seen many security incidents. Any breach in security cause concern among enterprises. To be honest it not only concern them, it also gives birth to their nightmare, distrust and scepticism as organisation. The root cause of this distrust is improper implementation and configuration.

Opstree Security has started a new initiative where we rigorously analyse and implement CIS Benchmark of every tools being used today.

In this CIS series, we will discuss the CIS Benchmarks of PostgreSQL.

PostgreSQL

For those who are new to PostgreSQL . Let us give you a quick summary of it.

Continue reading “Postgres – CIS Benchmark”

DevSecOps Diary | HIPAA Compliance

HIPAA stands for Health Insurance Portability and Accountability Act. This act of 1996 is a United States federal statute enactment. It is a series of regulatory standards that outline the lawful use and disclosure of protected health information (PHI). HIPAA compliance is regulated by the Department of Health and Human Services (HHS) and enforced by the Office for Civil Rights (OCR).

But what this ACT has to do with DevOps..? Is it related to the Corona Virus..?

No alt text provided for this image

No, not at all..! Let me explain to you how I landed here.

Continue reading “DevSecOps Diary | HIPAA Compliance”

Prometheus at Scale – Part 1

Prometheus has gained a lot of popularity because of its cloud-native approach for monitoring systems. Its popularity has reached a level that people are now giving native support to it, while developing software and applications such as Kubernetes, Envoy, etc. For other applications, there are already exporters(agent) available to monitor it.

Since I have been working on Prometheus for quite a long time and recently have started doing development on it, I was confident that I can handle any kind of scenario in it. Here, in this blog, I am going to discuss a scenario that was a very good learning experience for me.

Continue reading “Prometheus at Scale – Part 1”