• Playing with Elasticsearch data pipelines

    745 Atlantic Ave

    This Elastic All Star Double Header MeetUp will be lead by Edouard Buschini and Antony Farrow from Empow Cyber Security. Each of their respective topics are below. Come check it out at the WeWork South Station on the 8th Floor! AGENDA 🗨️Presentation 1:- Edouard Buschini, CISO of PreVeil: Playing with Elasticsearch data pipelines In this talk we'll go over some fun demos and use cases of how we can improve our data pipeline and workflow with two simple tools: JQ and Cryptocli. We'll learn how to push aggregations to the next level with those two tools as well as real time streaming. The goal of the presentation is mainly to share some ideas, inspire people and hopefully get some constructive feedback! Edouard worked for the last eight years as sysadmin, now doing DevOps and CISO at PreVeil, a cybersecurity startup in downtown Boston. He started using the elastic products in 2013 and developed multiple apps and tools from monitoring, to beats modules, to internal real time web analytic platform in a top e-commerce website in France. He is now implementing a central monitoring platform that has real time alerting and remediation capabilities as part of maintaining and evolving the current infrastructure. PreVeil makes encryption easy, providing end-to-end encrypted solutions like emails and file sharing for individuals as well as for organizations. https://www.preveil.com 🗨️Presentation 2: Antony Farrow, Senior Director Solutions Architecture, empow: The Cyber Data Pyramid: Getting to the Top of the Pyramid through Automation In this session we will review the process of digesting large amounts of cyber data, and the needs and challenges of classifying unstructured and dynamic data. We will also introduce automation methods that identify and prioritize real threats over “noise”. We will look at the manual processes that analysts need to go through today in order to reach the top of the data pyramid and present how empow’s i-SIEM automates a large portion of this work. The session will include a demo showing how i-SIEM actually works, using real data sets and empow’s abstract playbook models. We will include an introduction of empow’s new open-source contribution to the Elastic community. 🎓 Learn more about Elastic • Elastic Community: https://www.elastic.co/community • Monthly Community Newsletter: https://www.elastic.co/community/newsletter • Discussion Forums: https://discuss.elastic.co/ • In-person, paid Elasticsearch I & II training is coming to Boston Oct 1-2: https://training.elastic.co/?courseId=0&city=BOSTON • Elastic{ON} is coming back to Boston on Oct. 3, sign-up to be notified when registration goes live: https://www.elastic.co/elasticon/tour/boston ❤️ Code of Conduct This Meetup community adheres to the Elastic Community Code of Conduct. Attendance to events run as part of this Meetup group means you agree to be an awesome human and engage by these rules. https://www.elastic.co/community/codeofconduct

    1
  • Powering Job Search at Jobcase & What's New in Elastic Machine Learning

    We have two great talks lined up for our July 16th meetup hosted at Jobcase in Cambridge. ▪️Challenges Using Elasticsearch for Job Search with Dave Harvey Jobcase's mission is to empower the world's workers (Jobcase's users). One of the ways we do that is by providing a user a short list of the most relevant jobs for them. This includes jobs that we have already ingested into Elasticsearch along with jobs selected for them from out partners in real time. Relevance is based on geography, job type, characteristics of the user, and other factors. This requires sophisticated filtering and scoring of documents ingested in real-time as well as joining job listings with frequently changing data. We will discuss how we addressed the challenges posed by real-time ingestion, as well as why and how we join large number of documents with a smaller amount of rapidly changing data using a custom plug-in ▪️What's New in Elastic's Machine Learning with Rich Collier Rich has over 20 years experience selling and supporting software, hardware, and service-based solutions. Rich’s specialities include Big data analytics, Anomaly detection, Threat detection, Security Operations, APM, Web Applications, and Contact Center Technologies. He'll be covering recent updates and advances with Elastic's Machine Learning feature. 🎓 Learn more about Elastic • Elastic Community: https://www.elastic.co/community • Monthly Community Newsletter: https://www.elastic.co/community/newsletter • Discussion Forums: https://discuss.elastic.co/

    3
  • Cyber Threat Hunting with the Elastic Stack

    WeWork 745 Atlantic Ave

    Will you still be hungry for more security after AWS re:Inforce 2019? Join us Wednesday evening just down the road from the event at Elastic's new Boston WeWork office location for a security-focused meetup. On the agenda is Elastic's Director of Product, Security Market, Mike Paquette, who will open a discussion about log-based cyber threat hunting, and how a common schema, machine-learning anomaly detection, and a fast search platform can come together to support a modern threat hunting practice. Elastic is putting a big focus on security specific use cases, so come check out some of the exciting new stuff we're doing and how it may be applicable to what's top of mind for you! Paid parking is available in the building's parking garage located on South Street, or there is metered street parking. If taking public transportation, the WeWork is located directly across the street from South Station.

    2
  • Wayfair's Elasticsearch Cloud Migration & What's New with Elastic

    Wayfair has been using the Elastic Stack as a centralized logging platform since 2014. Our infrastructure has over 2,700 instances with 500 TB SSD storage and supports over 3 billion logs a day. In this talk, we will go over how we migrated the on-prem platform to the cloud. We will cover: * How Wayfair is using terraform, consul and puppet to automate the deployment and configuration of Elasticsearch Clusters in GCP * How we designed the clusters to be cost-effective. * Will go over shard awareness, index settings, instance types, and storage types * How we leverage local SSDs for high throughput and yet overcome the trade-offs in availability, durability, and flexibility * How we are using hot and cold architecture to improve our query performance Elastic's Solution Architect team will also cover "What's new with Elastic?" We will provide updates to our most recent releases and a look into our roadmap. About the speakers: Zubin Rupani is a DevOps engineer at Wayfair. He has been a part of the Wayfair Infrastructure Engineering team for over 3 years. He is leading the project to migrate Wayfair's Elastic Stack to GCP. He is lives in greater Boston with his fiancée and dog. In his free time, he loves to read about trending distributed systems, playing video games, watching soccer and hiking. 🎓 Learn more about Elastic • Elastic Community: https://www.elastic.co/community • Monthly Community Newsletter: https://www.elastic.co/community/newsletter • Discussion Forums: https://discuss.elastic.co/ • Boston Instructor-lead (Paid) Training - June 17-20: https://training.elastic.co/?courseId=0&city=BOSTON

    5
  • Cloud-native application monitoring powered by Riverbed and Elasticsearch

    Come learn how we improved performance testing for Cloud-native applications by integrating Elasticsearch with Riverbed application performance monitoring (APM). The objective was to create realistic performance testing that was representative of real-world usage of the application. DATA QUALITY IS EVERYTHING! Elasticsearch was used for log ingestion, SNMP Traps, Syslog, and infrastructure monitoring. In this talk we'll cover: • How we developed focused Kibana dashboards and alerts that would combine data collected by AppInternals and other machine data collected by Elasticsearch. • We'll walk you through how we capture data and present this data in Kibana, this includes three types of date: - Information about objects under monitoring and their topology – such as an instance running on (which servers), and which server tags are used to groups the servers. - Metrics – monitoring objects; including specific counts of normal, slow, very slow transactions. - Alerts – generated by AppInternals via SNMP channel. RICHARD JUKNAVORIAN is a Principal at IT Squared LLC, a software and professional services firm focused on post-implementation consulting and value realization for leading APM software and solutions. Prior to that he was the SVP for Performance Management at PointRight, the leading provider of cloud based analytics for long-term and post-acute care (LTPAC). Richard is an active mentor and strategic advisor to several early stage companies and start-up accelerator programs. ALEX KOZLOV is a hands-on Technical Evangelist at Riverbed with 20 + years of experience as an enterprise architect focusing on IT Analytics, APM and Dynamic Software Architectures. Prior to Riverbed, Alex worked as a Senior IT Architect at Gartner where he was responsible for IT Analytics and APM for the portfolio of internal applications. Alex’s recent experience includes discovery, visibility and RCA for cloud- and container-based applications using an APM, NPM and IT Analytics toolset. USEFUL LINKS: • Learn more about Riverbed APM: www.riverbed.com/appinternals • Try Riverbed APM for free: www.riverbed.com/try-appinternals • Get The Essential Guide to Monitoring Containers and Microservices https://www.riverbed.com/forms/ebooks/ebook-guide-monitor-containers-microservices.html 🎓 Learn more about Elastic • Elastic Community: https://www.elastic.co/community • Monthly Community Newsletter: https://www.elastic.co/community/newsletter • Discussion Forums: https://discuss.elastic.co/ • Elastic Cloud Free Trial: https://www.elastic.co/cloud/elasticsearch-service/signup

    6
  • March Elasticsearch Meetup with Bose and Cockroach Labs

    Join us for our March meetup at Bose! 📅 Agenda 6:00 pm - Doors open, food & beverages will be provided 6:30 pm - Databases on demand with Kubernetes with q&a 7:30 pm - 🌟 We're looking for another speaker - email [masked] if you're interested + mingling time 8:00 pm - We'll wrap things up 🔊 Databases on demand with Kubernetes - Chris Chambers - Cloud Engineer @ Bose Adoption of microservices architecture has led to a sprawl of databases. Developers need to be able to quickly, repeatably spin up data stores behind their services. Come learn how Bose extended Kubernetes to allow any software development team to get easy access to Elasticsearch, CockroachDB and other popular data stores with a powerful, cost-effective, reliable solution 🚗 Parking & Transportation: There is some on-street parking, first-come first-served. There are three public parking garages in the area, with various costs. [1] You can also use public transportation to access the venue. [1]: https://bostonlandingdevelopment.com/map-directions/ 🎓 Learn more about Elastic • Elastic Community: https://www.elastic.co/community • Monthly Community Newsletter: https://www.elastic.co/community/newsletter • Discussion Forums: https://discuss.elastic.co/ • Boston Instructor-lead (Paid) Training - June 17-20: https://training.elastic.co/?courseId=0&city=BOSTON ❤️ Code of Conduct This Meetup community adheres to the Elastic Community Code of Conduct. Attendance to events run as part of this Meetup group means you agree to be an awesome human and engage by these rules. https://www.elastic.co/community/codeofconduct

  • What does it really take to scale up a large Elastic security log deployment?

    Come learn about what is NEW in the Elastic Stack release 6.5! You may have heard, we released version 6.5 of the Elastic Stack! It is packed full of new features, and true to our OpenSource roots the release is for OpenSource, Basic license, and subscription users alike. Come learn how you can now replicate indices from one Elasticsearch cluster to another, organize Kibana into independent spaces, use a new Beat type that deploys as a function in serverless platforms, leverage a new infrastructure operations UI, use open source distributed tracing as part of our APM solution, parse through logs with a new log tail UI, capture SNMP polling data with a new plugin for logstash, organize beats in central management UI, and more!” Brad Quarry is a Senior Solution Architect with Elastic. After 15 years of helping build and deploy parallel computing architectures, he is most comfortable putting himself squarely between the customer and the problem at hand. When he’s not hip deep in error logs, he enjoys playing with his two boys William (2y) and Sam (6mo), running, and geeking out watching Sci-Fi movies. From the trenches: what does it really take to scale up a large Elastic security log deployment? Elasticsearch for enterprise security log storage & management is a hot topic today. Specular gains in performance, functionality and cost are ready for harvest. But what exactly does it take to create a large Elastic log storage infrastructure? This talk will present war stories related to at 150,000 events per second Elastic log storage implementation with 2 month retention built at a large commercial client. We'll take the audience through sizing, design. staffing & cost; discuss architecture, storage density & ingestion: and share our gotchas & lessons learned. We will also talk a bit about evidentiary-quality log storage for compliance. If you are curious about what it would take for Elastic to hold your security logs, this talk will show you what to expect. George Boitano is a developer, inventor and entrepreneur with over 25 years of experience in data security for large enterprises. As a founder of Security Integration in 1990, he served as technical officer and authored U.S. patent[masked]: Apparatus and Method for Computer System Integrated Security. As President, he created OEM channel partnerships with Netegrity, Inc. and other vendors, and managed the acquisition of the company by Rocket Software in 2004. George then consulted at LogLogic, Aveksa, Verisign, Secureworks and Dell Services, where he developed an interest in SIEM technology and acquired familiarity with the Managed Security Services business model. George holds a bachelor’s degree in physics from Harvard University.

    4
  • Joint Meetup w/ Cracking the Higher Ed Cyber Security Challenge Round Table Disc

    Russell House Tavern - Harvard Square

    Joint meetup with Empow Cyber Security Please note: You must sign up on their eventbrite page to attend. https://www.eventbrite.com/e/cracking-the-higher-ed-cyber-security-challenge-round-table-discussion-registration-52900628203 How did MIT Media Lab overcome the challenges of protecting their Higher Ed. network? Start the holiday right with this meetup and roundtable discussion. Running the cyber security of a university is a daunting task - thousands of ever changing students and staff connecting from everywhere from dorms to cafeterias to remote locations, the need to maintain an open learning environment where information can flow freely while still protecting valuable (and very attractive to hackers!) information like personal information, university financials and more.... As part of the largest and most advanced university system in the world, we in Boston have a unique opportunity to share and learn from others in the same position.And exciting things are happening in the cyber sphere that can bring particular benefits to universities. One of these is the use of Elastic's open source based data lake and search capabilities. Find out how MIT Media Lab is tackling its security challenges, and discuss your use cases, in our round table event. There will be a panel table discussion with: Mike Paquette -Director of Product, Security Market, Elastic Michael Bletsas Director of Computing MIT Media Lab Avi Clesla - Founder and CEO of Empow Save your spot now - space is limited to 25!

    1
  • Using Elastic to Power a Custom, Open-source Chatbot

    Sneak peak into 6.x of the Elastic Stack There are tons of exciting features on the horizon in 6.x and we want to share them with you! These include but are not limited to: - Cross Cluster Replication for High Availability - A new data presentation and visualization layer in Kibana called Canvas - Support for creating rollup jobs and viewing rolled up data in Kibana - New infrastructure monitoring and log viewer UI's - A new multi-tenancy feature in Kibana called Spaces Alex Francoeur is a member of the Product Management team and primarily focuses on Kibana. Prior to joining Elastic, he has spent nearly the last decade in the IT Ops and APM space. Alex lives in the Boston area and is passionate about data analytics, design and user experience Using Elastic to Power a Custom, Open-source Chatbot The Technology Support Center at UnitedHealth Group serves an enterprise with 250k+ employees, fielding high contact volume and addressing a myriad of technical concerns. The technologies it supports range from applications which power the broad array of Optum’s health services, to the enterprise software used in our employees’ day-to-day job functions. The TSC maintains a knowledge base full of resolutions to any and all issues its customers may encounter, and leverages an age-old third-party solution delivery system to share that knowledge with their call center analysts. As part of a major support reinvention initiative, my team was asked to build the TSC a chatbot – powered by the documents in this knowledge base, and informed by the growing open-source Rasa platform. We took on the challenge, and turned to Elastic for all the help we could get – discovering along the way just what it takes to build a scalable, effective chatbot with the help of a robust search solution. John P DeLorenzo, is a Manager in Software Engineering for Optum’s Software Development and Support Services organization. A graduate of Boston College, John has worked at Optum for the past 4 years, gaining knowledge in healthcare tech and Big Data/Analytics in that time. Working out of Optum’s Fenway, Boston location, John currently leads a team tasked with bringing innovation and modernization to legacy systems enterprise-wide.

    3
  • A look into the future of Kibana

    Facebook Boston

    Please note: You must RSVP through this Link: https://bostonelasticsearchmeetup.splashthat.com/ By filling out this form, it will help expedite checking in at facebook. You will also need to sign an NDA upon entry. A look into the future of Kibana We'll be demonstrating new features soon to appear in Kibana as part of our standard package. These will include Spaces for managing, grouping, and controlling access to Kibana saved objects, Rollup support in dashboards and visualizations, and Index Lifecycle Management and maybe more... Jim Goodwin is the Team Lead for the Kibana/UI Team at Elastic. He has 30 years of experience in the software industry with companies including Lotus Development, IBM, Intuit, and Nokia. The products he's helped deliver span mass market desktop software to modern web services to responsive web UI's. Logging at Wayfair with Elastic stack Wayfair has been using the elastic stack as a centralized logging platform since 2014. In this talk, let's go over how our logging infrastructure has evolved over the time while integrating logs from hundreds of applications and thousands of servers. We will highlight features that allow us to operate at scale such as cluster-failover, monitoring, and high-performance rule-based traffic-shaping. Santosh Domalapalli has been a software developer and system architect for 7 years. For the past 4 years, he has helped Wayfair build state of the art distributed logging and metrics infrastructure. Originally from Hyderabad, he now resides in central Massachusetts with his wife and two dogs. Santosh occasionally enjoys riding his motorcycle and gardening while he's not working on logging. Make sure to attend our Elastic{ON} Boston Tour Stop on September 6th. Feel free to use the code Meetup15 for 15% off until August 30th. https://www.elastic.co/elasticon/tour/2018/boston If you’re interested in Elastic trainings [there is a fee], our team is coming to Boston on September 4-5. You can register here: https://training.elastic.co/location/Boston-MA

    1