Centralized Log Management

scottalanmiller

@jaredbusch said in Centralized Log Management:

@scottalanmiller said in Centralized Log Management:

should be evaluated for efficacy in the given environment."

That is how exactly zero "audits" work.

It's how ALL honest audits work. The problem is, like most MSPs who are secretly scam VARs, almost all audits, especially those hired outside of IT by incompetent managers, bring in scammers with no knowledge, qualifications, or honesty who just seek to defraud and are, themselves, a security risk.

We do audits, however, and we'd never present that way. Real auditors are out there. But people don't like to hire them because they can't produce checklists and shopping lists.

hobbit666

@scottalanmiller said in Centralized Log Management:

OpenSearch from Amazon. They took the ELK stack, made it 100% open source, and back it by Amazon. It is so good both in technical product and in licensing, that essentially it is the only game in town now.

Interesting take from ELK side
https://www.elastic.co/what-is/opensearch

Our products remain free and open, but Amazon can no longer freely use Elasticsearch and Kibana products without collaborating with us. Rather than collaborate with us and contribute back, Amazon created its own forked projects, which are less mature, not ready for production use, and provide inferior capabilities compared to Elasticsearch and Kibana.

Dashrender

@hobbit666 said in Centralized Log Management:

@scottalanmiller said in Centralized Log Management:

OpenSearch from Amazon. They took the ELK stack, made it 100% open source, and back it by Amazon. It is so good both in technical product and in licensing, that essentially it is the only game in town now.

Interesting take from ELK side
https://www.elastic.co/what-is/opensearch

Our products remain free and open, but Amazon can no longer freely use Elasticsearch and Kibana products without collaborating with us. Rather than collaborate with us and contribute back, Amazon created its own forked projects, which are less mature, not ready for production use, and provide inferior capabilities compared to Elasticsearch and Kibana.

LOL - someone sounds like they are just complaining that their toy was taken.

1337

@dashrender said in Centralized Log Management:

@hobbit666 said in Centralized Log Management:

@scottalanmiller said in Centralized Log Management:

OpenSearch from Amazon. They took the ELK stack, made it 100% open source, and back it by Amazon. It is so good both in technical product and in licensing, that essentially it is the only game in town now.

Interesting take from ELK side
https://www.elastic.co/what-is/opensearch

Our products remain free and open, but Amazon can no longer freely use Elasticsearch and Kibana products without collaborating with us. Rather than collaborate with us and contribute back, Amazon created its own forked projects, which are less mature, not ready for production use, and provide inferior capabilities compared to Elasticsearch and Kibana.

LOL - someone sounds like they are just complaining that their toy was taken.

True, but they are probably right. Amazon and other providers bastardize open source projects because the licences doesn't require them to share their changes with the open source community.

Dashrender

@pete-s said in Centralized Log Management:

@dashrender said in Centralized Log Management:

@hobbit666 said in Centralized Log Management:

@scottalanmiller said in Centralized Log Management:

OpenSearch from Amazon. They took the ELK stack, made it 100% open source, and back it by Amazon. It is so good both in technical product and in licensing, that essentially it is the only game in town now.

Interesting take from ELK side
https://www.elastic.co/what-is/opensearch

Our products remain free and open, but Amazon can no longer freely use Elasticsearch and Kibana products without collaborating with us. Rather than collaborate with us and contribute back, Amazon created its own forked projects, which are less mature, not ready for production use, and provide inferior capabilities compared to Elasticsearch and Kibana.

LOL - someone sounds like they are just complaining that their toy was taken.

True, but they are probably right. Amazon and other providers bastardize open source projects because the licences doesn't require them to share their changes with the open source community.

I guess I need to learn more about those licenses - I thought if you partook of those open source licenses - then made code changes and then made the code availalble outside of yourself - you had to give all new cold along with all the old - is that not so?

i.e. I fork ES - I update it with my own code - call it "ES of Mine" I publish ES of Mine - don't I have to give all of my new code away because I used ES as the base?

travisdh1

@dashrender said in Centralized Log Management:

@pete-s said in Centralized Log Management:

@dashrender said in Centralized Log Management:

@hobbit666 said in Centralized Log Management:

@scottalanmiller said in Centralized Log Management:

OpenSearch from Amazon. They took the ELK stack, made it 100% open source, and back it by Amazon. It is so good both in technical product and in licensing, that essentially it is the only game in town now.

Interesting take from ELK side
https://www.elastic.co/what-is/opensearch

Our products remain free and open, but Amazon can no longer freely use Elasticsearch and Kibana products without collaborating with us. Rather than collaborate with us and contribute back, Amazon created its own forked projects, which are less mature, not ready for production use, and provide inferior capabilities compared to Elasticsearch and Kibana.

LOL - someone sounds like they are just complaining that their toy was taken.

True, but they are probably right. Amazon and other providers bastardize open source projects because the licences doesn't require them to share their changes with the open source community.

I guess I need to learn more about those licenses - I thought if you partook of those open source licenses - then made code changes and then made the code availalble outside of yourself - you had to give all new cold along with all the old - is that not so?

i.e. I fork ES - I update it with my own code - call it "ES of Mine" I publish ES of Mine - don't I have to give all of my new code away because I used ES as the base?

It depends on the exact license. There are so many ways that licenses work. I'd say Elasticsearch used the wrong license originally and threw a hissy fit about it.

1337

@dashrender said in Centralized Log Management:

i.e. I fork ES - I update it with my own code - call it "ES of Mine" I publish ES of Mine - don't I have to give all of my new code away because I used ES as the base?

No, you don't when you're not providing the software. Amazon is providing the service, not the software. So they don't need to adhere to GPL and similar licenses.

That's why Richard Stallman (open source guru) calls SaaS, service as a software substitute.

scottalanmiller

@hobbit666 said in Centralized Log Management:

@scottalanmiller said in Centralized Log Management:

OpenSearch from Amazon. They took the ELK stack, made it 100% open source, and back it by Amazon. It is so good both in technical product and in licensing, that essentially it is the only game in town now.

Interesting take from ELK side
https://www.elastic.co/what-is/opensearch

Our products remain free and open, but Amazon can no longer freely use Elasticsearch and Kibana products without collaborating with us. Rather than collaborate with us and contribute back, Amazon created its own forked projects, which are less mature, not ready for production use, and provide inferior capabilities compared to Elasticsearch and Kibana.

That's BS. It's that you can't just use their products. It affects everyone, Amazon only did it because their customers needed it. Not because Amazon needed it. ELK is full of crap.

scottalanmiller

@pete-s said in Centralized Log Management:

@dashrender said in Centralized Log Management:

@hobbit666 said in Centralized Log Management:

@scottalanmiller said in Centralized Log Management:

OpenSearch from Amazon. They took the ELK stack, made it 100% open source, and back it by Amazon. It is so good both in technical product and in licensing, that essentially it is the only game in town now.

Interesting take from ELK side
https://www.elastic.co/what-is/opensearch

Our products remain free and open, but Amazon can no longer freely use Elasticsearch and Kibana products without collaborating with us. Rather than collaborate with us and contribute back, Amazon created its own forked projects, which are less mature, not ready for production use, and provide inferior capabilities compared to Elasticsearch and Kibana.

LOL - someone sounds like they are just complaining that their toy was taken.

True, but they are probably right. Amazon and other providers bastardize open source projects because the licences doesn't require them to share their changes with the open source community.

That's not what the issue was. It was that they were allowed to USE the software without paying for it. It had nothing to do with being open source, and everything to do with having been free (to use.)

scottalanmiller

@pete-s said in Centralized Log Management:

Amazon and other providers bastardize open source projects because the licences doesn't require them to share their changes with the open source community.

Almost all licenses DO require that. BSD does not, but most do. In fact, that you must give back is often considered a requirement of being open source (but not always.)

scottalanmiller

@dashrender said in Centralized Log Management:

I guess I need to learn more about those licenses - I thought if you partook of those open source licenses - then made code changes and then made the code availalble outside of yourself - you had to give all new cold along with all the old - is that not so?

That's by license. Open source is simply a giant family of licenses that aren't closed. The variety is huge and you could go make your own license right now that is different from everything else. For most people, OS only means that the right to view the code exists.

That remains with ELK. It is still open to audit and compile. but it is no longer fully open to USE.

scottalanmiller

@dashrender said in Centralized Log Management:

i.e. I fork ES - I update it with my own code - call it "ES of Mine" I publish ES of Mine - don't I have to give all of my new code away because I used ES as the base?

Nope, nothing in the OS statement implies that in any way. You are thinking of one unique license called the GPL (copyleft) that specifically does that and is famous for it. Most OS licenses do not do that.

scottalanmiller

@pete-s said in Centralized Log Management:

Amazon is providing the service, not the software. So they don't need to adhere to GPL and similar licenses.

oh they have to adhere, it's just that the license clearly states that there are no limits on use. So they were adhering perfect.

ELK was upset that they didn't like how the code was being used when run in production and wanted control of the use of their code, not the reading or modification of the code.