• Getting Started w/ Elastic & How Kenna uses Ansible with Elasticsearch

    Join us for our next Elastic meetup! Thanks to Kenna for hosting us. 📅 Agenda 6:00 pm - Doors open, food & beverage will be provided 6:30 pm - Talk #1 Getting Started with the Elastic (ELK) Stack 7:00 pm - Talk #2 How Kenna uses Ansible with Elasticsearch 8:00 pm - We'll wrap things up 🗨️Presentation 1: Getting Started with the Elastic (ELK) Stack This presentation and accompanying demo will illustrate the easiest way to get started with the Elastic Stack, and get some real time flowing metric data coming in off of your computer. Follow along for the high level introduction to use cases and features encompassed by the Elastic Stack. 🔊Speaker: My name is Matt and I am a Solutions Architect at Elastic based in Chicago, IL. I have been at Elastic for a little over a year and a half. Before my time here I spent some time at AWS where I found my passion for technology. When I am not diving into the ELK stack I enjoy watching everything Boston sports and my Cincinnati Bearcats. 🗨️Presentation 2: How Kenna uses Ansible with Elasticsearch Kenna uses data science to help enterprises combine their infrastructure and application vulnerability data with exploit intelligence to measure risk, predict attacks, and prioritize remediation. Because customers need to access to their data quickly, at the core of our platform is Elasticsearch. In addition to our application search clusters, which run across 5 different VPCs, we also have a single centralized Elasticsearch cluster used for internal logging. Managing all these different Elasticsearch clusters can be a daunting task. At Kenna, we use Ansible to automate everything. From production cluster deployments to developer VMs, backups, seed data, cluster upgrades/restarts, re-indexing and general cluster maintenance tasks, you name it, we have an Ansible playbook for it. In this talk I want to walk through some of those playbooks and cover how we use Ansible dynamic EC2 inventory to manage production VPC Elasticsearch deployments AND development setup with a single Ansible role. I will also dive into how we use Ansible to automate other Elasticsearch tasks such as backups, cluster upgrades, restarts and issuing ad-hoc commands for cluster management. 🔊Speaker: Joe Doss, Director of Engineering Operations at Kenna Security My name is Joe Doss and I am the Director of Engineering Operations at Kenna Security. I am passionate about Linux, Free Open Source Software, and automation with Ansible. I have been working at Kenna for over 3 years now and during that time have overhauled our infrastructure using Ansible which has allowed us to scale tremendously with ease. When I am not hacking on computers you can find me on the slopes snowboarding or brewing some tasty beer at home. ---------- 🎓 Elastic Trainings Learn more with paid, in-person trainings coming to Chicago on June 24-27. Enroll here: https://training.elastic.co/?courseId=0&city=CHICAGO

    3
  • Joint Meetup with Solstice Digital Innovation Meetup

    Join us for a joint meetup with The Solstice Digital Innovation Meetup. ⚠️Please RSVP on their meetup page: https://www.meetup.com/Solstice-DigitalInnovationMeetup-Series/events/259531572/ For the fourth in our series of meetups, we are pleased to present two talks on the benefits of Elasticsearch in the enterprise. 📅 AGENDA: 6:00pm - 6:30pm: Networking and Dinner 6:30pm - 6:45pm: Opening Remarks 6:45pm - 7:15pm: The Data Game (Scott Gose) 7:15pm - 7:30pm: Break 7:30pm - 8:00pm: Why Search Is Hard (Karl Hampson) --------------------------------------- The Data Game Scott Gose, Elastic (30 mins) Given the data in your environment, think of a question. A question you know that can be answered by the data. How hard is it to get the answer? Often times the level-of-effort to get the answer is prohibitive. Many of us face this scenario every day as we're swimming in data, but not answers. As we push to be more data-driven, lowering the level-of-effort to get answers is critical to our success. In this session, we'll examine a data source and then start asking questions of it. Hypothetical questions at first, but we'll bring in Elastic to turn theory into practice as we ingest the data and leverage Elastic's search & analytics capabilities. We'll explore different options and their tradeoffs during the process. You'll leave feeling confident that you can do the same with your data. Scott Gose is a Solutions Architect for Elastic. He's focused on helping companies unlock answers in their data by using Elastic. Prior to Elastic, Scott did two tours at Endeca, which was a company that helped pioneer the field of faceted search & navigation. He's also worked professionally as a software developer building iPhone applications and writing back-end services in Go. Scott has a Computer Science degree from the University of Illinois. --------------------------------------- Why Search Is Hard Karl Hampson, Solstice (30 mins) With Google continuously shaping expectations around the experience of search, consumers today expect more today than ever before. Most enterprises do not have Google-like resources to deploy on their own search deployments and it can feel virtually impossible to meet these expectations. With two decades experience in both customer and employee-facing search applications, Solstice Director of AI and Search Expert Karl Hampson will talk about how Google informs our expectations and how you can use this to your advantage. You will learn about the characteristics of the most successful search deployments and how to work with your business and IT stakeholders to best position yourself for success with yours. --------------------------------------- DATE/TIME OF SOLSTICE DIGITAL INNOVATION MEETUP SERIES: Solving Enterprise Data Overload with Elasticsearch Thursday, March 21,[masked]:00 PM to 8:00 PM A FEW KEY POINTS TO KEEP IN MIND: Please RSVP by 5 PM, Wednesday, March 20, 2019 and please keep your response up to date. Upon your arrival you will check-in in the lobby using a valid photo ID, please allow extra time for check-in. To ensure the fastest service at security, please provide your full legal name and the name(s) of any guest(s), in your RSVP prior to the event so we can provide the attendee list to the building Check in Closes at 6:45 PM, Thursday, March 21, 2019.

  • Microservice Observability with the Elastic Stack

    350 N Orleans St

    The Chicago Microservices Meetup group is hosting a meetup with Elastic speaker John Knoepfle on "Microservice Observability with the Elastic Stack." We'd love to have you join us at our office on Feb. 28. IMPORTANT ***Please head to the other user group to reserve your spot*** https://www.meetup.com/Chicago-Microservices-Meetup/events/258357718/

  • Joint meetup with the Chicago Cybersecurity Meetup

    Allstate Insurance Company

    Details Join us for a joint meetup with the Chicago Cybersecurity Meetup Please RSVP on their user group page: https://www.meetup.com/chicagosecurity/events/253557902/ Details Join us for an evening with ElasticSearch and Outpost24 and learn how they're combating cybercrime with advanced data analytics and mitigating risk exposure to cyber threats. 5:00PM - Social Hour (Food & Drinks PROVIDED) 6:00PM - Introduction from organizer and sponsors 6:05PM - Guest Speaker from Elastic Session Title: Cyber Security...a search problem Q&A + Short Break 7:00PM - Guest Speaker from Outpost24 Session Title: Full Stack Security and the Prevention of Hacker Pivot Q&A 8:00PM - Networking Speaker Bio: Neil Desai Neil has built SOC’s (Security Operations Centers), architected defensible, and monitorable infrastructures for Fortune 500 US financial institutions. He has over two decades of information security experience and is currently working for Elastic. Abstract: Analyzing terabytes of data with response times measured in seconds is something security analysts dream of. Fast search queries for large amounts of data has been commonplace in other areas of IT. By looking outside of the information security silo to other disciplines, we can learn from them to better our abilities to find threats in the sea of data. By leveraging tools geared towards search and analytics, we can gain insight into the data that we haven’t had before. By enriching the data, we can get even more insight. Speaker Bio: Bob Egner With a constant eye on the evolving threat landscape, Bob is the advocate of the customer in their terms of security, value, and experience. He has led marketing, product management, and business development functions for large and small security and e-business companies in all regions of the world. In addition to a special focus on digital marketing, Bob highlights innovative contributions as companies such as Episerver, Check Point Software, and Pointsec. Abstract: There’s a gap between the hacker’s view and the defender’s view of an attack. The defender strives to break down the complex whole to simple components that can be assessed individually while the hacker thrives on complexity and sees opportunities in the white space between assessments. In this session you will learn how to move beyond component assessment of devices, networks, applications, data, and users into full stack cyber security assessment.

  • Taking Elasticsearch from 0 to 88 mph

    Active Campaign

    Taking Elasticsearch from 0 to 88 mph Everyone wants their Elasticsearch cluster to index and search faster, but optimizing both and finding the balance between the two can be tricky. At Kenna Security, we use Elasticsearch to store over 3 billion vulnerabilities for our clients. All that data needs to be quickly accessible so clients can assess their cyber security risk. At the same time the data is constantly changing. On average, we update 200+ million documents a day which means indexing speed is also a top priority. In the early days our cluster could barely keep up. Nodes would fall over constantly, indexing queues would get backed up for days, and searches timed out about 50% of the time. Fixing all of these issues did not happen overnight. However, with a lot of testing, tweaking, and a few “OH crap!” moments we were able to build a stable, 21 node cluster that now meets all of our indexing and searching demands. In this talk I will share the insights we gained and the strategies we used to scale our cluster and hopefully that advice will save others some time and frustration as they grow their own. Molly Struve is a Sr. Site Reliability Engineer at Kenna Security. She has been working with Elasticsearch at Kenna for the past 3 years. During her time at Kenna, she helped lead the team charged with scaling Kenna’s Elasticsearch cluster. Today the cluster holds over 3 billion documents and updates over 200 million of those a day. Given her degree in Aerospace Engineering from MIT, it is no surprise that Molly thrives on optimizing code performance. When not making code run faster, she can be found fulfilling her need for speed by riding and jumping her show horses. The Data Game Given the data in your environment, think of a question. A question you know that can be answered by the data. How hard is it to get the answer? Often times the level-of-effort to get the answer is prohibitive. Many of us face this scenario every day as we're swimming in data, but not answers. As we push to be more data-driven, lowering the level-of-effort to get answers is critical to our success. In this session we'll examine a data source and then start asking questions of it. Hypothetical questions at first, but we'll bring in Elastic to turn theory into practice as we ingest the data and leverage Elastic's search & analytics capabilities. We'll explore different options and their tradeoffs during the process. You'll leave feeling confident that you can do the same with your data. Scott Gose is a Solutions Architect for Elastic. He's focused on helping companies unlock answers in their data by using Elastic. Prior to Elastic, Scott did two tours at Endeca, which was a company that helped pioneer the field of faceted search & navigation. He's also worked professionally as a software developer building iPhone applications and writing back-end services in Go. Scott has a Computer Science degree from the University of Illinois. Make sure to attend our Elastic{ON} Chicago Tour Stop on September 25th. Feel free to use the code Meetup10 for 10% off until September 25th https://www.elastic.co/elasticon/tour/2018/chicago If you’re interested in Elastic trainings [there is a fee], our team is coming to Chicago on September 26-27. You can register here: https://training.elastic.co/location/Chicago

    1
  • Elasticsearch at Discover Financial & Elastic{ON} 2018 Recap

    Discover Financial Services' 606 Office

    Join us for our first meetup of 2018! Thank you to Discover for hosting us. The agenda for the evening is: 5:30 pm: Doors open –– food and beverages will be provided! 6:00 pm: Talk #1 starts "Elasticsearch at Discover" + Q&A 6:30 pm: Talk #2 starts "Elastic{ON} 2018 Recap" + Q&A 7:30 pm: We'll wrap things up *Elastic{ON} 2018 Recap* Elastic {ON} 2018 was filled with many new and exciting announcements. In this meetup, we will highlight a few of the many: Canvas, Rollups, Machine Learning, etc. We will also talk about the evolution of the Elastic Stack into new solutions areas with the launch of new products such as APM and App Search. *Elasticsearch at Discover Financial* The Discover Financial team will cover how they are using Elasticsearch, Kafka, and NiFi to ingest logs from 1,000+ applications with peaks exceeding 40,000 tps. *Note about Security and accessing the building: - Entry off of 350 W Wolf Point Plaza will lead people directly to the security desk as they walk in. - From the CTA’s Merchandise Mart stop, walk through the Merchandise Mart, over the bridge connecting the buildings, then go Down the escalator to Security desk.

    8
  • Joint meetup with the Chicago SQL meetup

    Vivid Seats

    Join us for a joint meetup with the Chicago SQL User Group (https://www.meetup.com/Chicago-SQL/events/244350970/) on November 13. Please RSVP on their user group page: https://www.meetup.com/Chicago-SQL/events/244350970/ ----------------------------------- Logging and Analytics with the Elastic Stack The presentation and accompanying demo will illustrate how we take log data, use beats and logstash to ship, parse, and enrich the logs. Then show how Kibana can be used to visualize the data and build interactive dashboards to drill down into the data. We will then explore how we can go beyond dashboards and use the capabilities of the Elastic stack to predict future events based on historical data and visualize it with Timelion. We will then show a Graph exploration of the log data to explore attacks attempted at the website all from the same log data. Speaker: Adis Cesir, Solution Architect @ Elastic Adis Cesir is a Solutions Architect at Elastic. Prior to coming to Elastic he has spent 15 years in the Data World working with in Data Warehousing, MDM with various RDBMS, MPP systems. He has spent the last 5 years working with Big Data and various Distributed computing platforms primarily in the Open Source. Agenda: 5:45 - Doors Open, Pizza, Beverages, Networking 6:10 - Opening remarks 6:15 - Getting Started With The Elastic Stack RSVP & Arrival: Building security requires a government issued identification. • This even may be cross posted on other meetup groups. You're not required to RSVP in more than one of the groups. Our Sponsors: • Percona - Pizza, swag, speakers • Vivid Seats - Event host, food, beverages • O'Reilly - Speakers, books, discounts

  • Elastic Meetup with Wolters Kluwer

    PowerReviews, Inc

    Join us for our upcoming meetup on Tuesday, August 22nd! Thank you to PowerReviews (http://www.powerreviews.com/) for hosting us and sponsoring food & beverages. Here is our agenda for the evening: 6:00 pm - Doors open (food and beverages will be provided) 6:30 pm - Talks start 1. Elasticsearch and Linked Data by Wolters Kluwer's Quentin Reul 2. Elastic Stack - Machine Learning by Elastic's Adis Cesir 3. PowerReviews Elasticsearch Use Case by Mike Kalimuthu, Senior Software Engineer and Mario Harvey, Sr. Site Reliability Engineer 8:00-8:30 pm - time for Q&A + time to chat Elasticsearch and Linked Data Linked data is a method to expose, share and connect pieces of (structured) data, information and knowledge based on URIs and the Resource Description Framework. Traditionally, this type of data would be stored to a triplestore optimized for running semantic queries. However, triple stores generally suffer from performance issues when performing search and retrieving a large quantity of data. As such, we have investigated a range of alternative for storing data. Based on the JSON-LD serialization of RDF and on ElasticSearch, we were able to develop (performant) tools for managing change events to legal and regulatory content as well as maintaining tax return data to identify accountants’ clients impacted by these changes. Quentin Reul works as a Content Integration Manager for Wolters Kluwer. In his role, he is responsible for maintaining the Wolters Kluwer semantic model as well as the development of new solutions leveraging data expressed according to this model. For instance, he was a lead architect on the development of set of tools to identify changes in legal and regulatory content and to identify accountants’ clients impacted by these changes. Quentin has earned his Bachelor of Science in Computing Science and his Ph.D. on ontology management from the University of Aberdeen (Scotland). Over the years, he has been involved in several W3C groups including the Semantic Web Deployment Working Group that developed the Simple Knowledge Organization System (SKOS) specification and the RDF & XML interoperability community group. Elastic Stack - Machine Learning Data sets keep growing in size and complexity. Spotting infrastructure problems, cyber attacks, or business issues using only dashboards or rules become increasingly difficult as your data grows. Learn how the X-Pack Machine Learning feature can model the typical behavior of your time series data in real time to identify anomalies, streamline root cause analysis, and reduce false positives using an unsupervised approach. Adis Cesir is a Solutions Architect at Elastic. Prior to coming to Elastic he has spent 15 years in the Data World working with in Data Warehousing, MDM with various RDBMS, MPP systems. He has spent the last 5 years working with Big Data and various Distributed computing platforms primarily in the Open Source.

    5
  • Elastic Meetup at GrubHub

    GrubHub Inc.

    Join us for our upcoming meetup on Tuesday, December 13 at GrubHub's new office. Doors open at 6pm and the talks will start at 6:30pm. Elasticsearch Geospatial Capabilities at GrubHub At GrubHub, our delivery couriers pick up and drop off food from many different restaurants operating in cities across the country. In order to be able to do this efficiently, and to provide accurate information to our customers, we need to know how long its going to take for them to travel from point to point. In this discussion, I'll look at how we are leveraging elasticsearch's geospatial capabilities to help us to solve this problem with scalability and performance in mind. I'll discuss the concepts of geohashes and isochrones and look at how elasticsearch uses them for indexing and querying. David Kuhn is a Software Engineer at GrubHub. Primarily a Java and JavaScript developer, he's been recently using Python data libraries (sklearn, pandas, PySpark), to provide data and estimation models for production systems. He's been working with elasticsearch closely for the past 6 months. Elastic Stack at Signal Going to step through the process of monitoring load balancers running HAProxy, from data collection to visualization using the Elastic Stack. Andy Peckys is the Ops Tech Lead, Sr. DevOps Engineer, Sr. Frost Giant at Signal Inc. Seasoned technologist focusing on dealing with data at scale and distributed computing. Worked at startups, trading, banking, insurance and currently ad-tech. Great conversation, food, and beverages will be provided –– Thank you to GrubHub for sponsoring. -------------- We are always looking for speakers and hots, please reach out to us at [masked]

    4
  • Elastic Stack: Acquisition of social media data at a greater scale

    Join us for our upcoming meetup on Thursday, July 7th in Chicago! Miroslav Mihaylov will discuss the acquisition of social media data with the Elastic Stack at a greater scale. Great conversation, food, and beverages will be provided! ---------------- Acquisition of social media data with the Elastic Stack at a greater scale. You don't truly understand some technology unless you are able to break it and fix it. In this talk I will share my experience in breaking elasticsearch while indexing massive amounts of social media data from Facebook and Twitter. We will discuss the main challenges faced and lessons learned along the way of my journey with the Elastic Stack while staying on the edge of the hardware limits. Miroslav Mihaylov is an experimental physicist turned full stack developer with 2 years of experience in elasticsearch. I have been extensively using the Elastic Stack in the past year as a part of an ongoing research effort in the field of Social Network Analysis and Text Data Mining. ---------------- Power{ON} with Elastic, June 29 in Chicago, IL. (https://info.elastic.co/power-on-chicago.html) Everything you love about Elastic is about to get even better. Join us for a half day, complimentary event to learn more about all of the recent announcements, as well as meet with our subject matter experts. Details and registration here: https://info.elastic.co/power-on-chicago.html

    1