SlideShare a Scribd company logo

Logging at scale: doing more with less

André Fucs de Miranda
André Fucs de Miranda

The document discusses using Apache NiFi to improve logging capabilities at scale for a Security Operations Center (SOC). It provides an agenda that includes an introduction to the speaker, context on the SOC's logging needs, an overview of Apache NiFi, and a demonstration. The SOC generates terabytes of logging data per day across diverse tools and cloud services. It evaluated tools to better collect, process, enrich, and analyze logs. Apache NiFi was selected for its ability to flexibly route and transform data, integrate with existing systems, query diverse sources, scale horizontally, and provide security and data provenance.

Technology
1 of 22
Logging at scale Doing more with less Presented by Andre Fucs de Miranda
Macquarie GovernmentMacquarie Government 1. A bit about me 2. A bit of context 3. Apache NiFi and the SOC 4. Demo 5. Questions The agenda. | Logging at scale – Doing more with less 2
Macquarie Government A bit about me. | Logging at scale – Doing more with less
Macquarie Government Manager @ Macquarie’s Security Operations Center 20 years working in information cyber security Apache NiFi committer and PMC member | Logging at scale – Doing more with less https://github.com/trixpan https://twitter.com/trixpan About me
Macquarie Government A bit of context | Logging at scale – Doing more with less
Macquarie Government A bit of context About Macquarie Government • 42% of Australian Government agencies are our customers • 3+ billion events per day; Our tool stack is diverse and busy: • We generate TBs of data per day. • Since 2015 we have been using “Big Data” (i.e. Hadoop ecosystem) for reporting and analytics. • We are constantly looking for ways to offer our customers with better insights over the threats targeting them. • We also felt that relying exclusively on traditional SIEM wasn’t enough anymore. | Logging at scale – Doing more with less 6
Macquarie Government A bit of context Could we leverage “big data” solutions to improve our SOC further? • Perhaps we could rationalise the way we collect and process log messages? • Perhaps we could do enrichment against a more diverse set of sources?? • What else? | Logging at scale – Doing more with less 7
Macquarie Government So we went and evaluated lots of tools and architectures looking to map things like: • Ability to integrate with SIEM pipelines natively • Ability to consume cloud services (IaaS, PaaS and Saas) • Ability to query odd stuff • Inbuilt Security • Ability to Scale out • How easy to maintain and extend | Logging at scale – Doing more with less 8 and many more… A bit of context All Apache project logos are trademarks of the ASF and the respective projects. Logstash is a trademark of Elasticsearch BV, registered in the U.S. and in other countries. fluentd is trademark by Treasure Data
And the winner was…
Macquarie Government Sorry, there was a mistake… | Logging at scale – Doing more with less 10 All Apache project logos are trademarks of the ASF and the respective projects.
Macquarie Government Let’s talk tech. | Logging at scale – Doing more with less Apache NiFi and the SOC
Macquarie Government A bit about Apache NiFi – A brief Prologue When you are start shipping “data” seems like an “easy” task | Logging at scale – Doing more with less DC1 DB 12
Macquarie Government A bit about Apache NiFi – A brief Prologue But as the environment grows, complexity compounds… …but you keep adjusting your environment | Logging at scale – Doing more with less DC1 DB DC2 DB HQ ClientX AZ1 AZ2 13
Macquarie Government ‘til the point you suddenly realise your pipeline is missing a bit of cheese. Or worse… | Logging at scale – Doing more with less © Luca Nebuloni https://www.flickr.com/photos/nebulux/10708289086/ 14
Macquarie Government A bit about Apache NiFi – A brief Prologue | Logging at scale – Doing more with less Source: https://goo.gl/xKoavI 15
Macquarie Government “Apache NiFi supports powerful and scalable directed graphs of data routing, transformation, and system mediation logic.” Open sourced by the National Security Agency in 2014[1] and submitted to The Apache Software Foundation for on-going stewardship [1] https://goo.gl/aZxCIC | Logging at scale – Doing more with less • User friendly interface • Flexible • Data Agnostic • Inbuilt mechanisms to balance between latency and throughput • Fine grain control of delivery guarantees (e.g. discard a flowfile once it becomes too old to be relevant). • “Secure” • Data provenance (from where, to where, changed by, etc.) • Authorization Policies, TLS, Kerberos, Encryption and a handful of other features • Designed for Extension A bit about Apache NiFi16
Macquarie Government A bit about Apache NiFi NiFi allows you easily move data between A and B (and B to A) in a controlled, secure and reliable way, while still allowing you to process and granularly apply logic to the data in motion. | Logging at scale – Doing more with less 17
Macquarie Government A bit about Apache NiFi A few examples on how NiFi capabilities help a SOC: • Rationalising the flows of data into your SIEM • Do you truly need your SIEM to be ingesting all your logs? • What happens when you run more than one SIEM (because it may well happen…)? • Enrich data against a diverse range of sources • ElasticSearch, REST APIs, DNS, Redis, Whois, GeoIP, SQL, MISP (via HTTP) • (Pull|push) data (from|to) a diverse set of platforms • Object based stores such as GCS or S3, FTP, SFTP, Mainframes via WebSphere MQ, Files, SQL and Syslog of course. | Logging at scale – Doing more with less 18
Macquarie Government Let’s take a closer look. | Logging at scale – Doing more with less
Macquarie Government | Logging at scale – Doing more with less DEMO Time
Macquarie Government Let’s talk. | Logging at scale – Doing more with less Andre Fucs de Miranda Macquarie Government amiranda@macquariegovernment.com 1800 004 943
Thank you.

Recommended

Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017
Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017
Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017Big Data Spain
 
Managing the Dewey Decimal System
Managing the Dewey Decimal SystemManaging the Dewey Decimal System
Managing the Dewey Decimal SystemDataWorks Summit
 
Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...
Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...
Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...Big Data Spain
 
Elastic at KPN
Elastic at KPNElastic at KPN
Elastic at KPNElasticsearch
 
Turning Evidence into Insights: How NCIS Leverages Elastic
Turning Evidence into Insights: How NCIS Leverages Elastic Turning Evidence into Insights: How NCIS Leverages Elastic
Turning Evidence into Insights: How NCIS Leverages Elastic Elasticsearch
 
Achieving cyber mission assurance with near real-time impact
Achieving cyber mission assurance with near real-time impactAchieving cyber mission assurance with near real-time impact
Achieving cyber mission assurance with near real-time impactElasticsearch
 
Using Hadoop to Drive Down Fraud for Telcos
Using Hadoop to Drive Down Fraud for TelcosUsing Hadoop to Drive Down Fraud for Telcos
Using Hadoop to Drive Down Fraud for TelcosCloudera, Inc.
 
Security Events Logging at Bell with the Elastic Stack
Security Events Logging at Bell with the Elastic StackSecurity Events Logging at Bell with the Elastic Stack
Security Events Logging at Bell with the Elastic StackElasticsearch
 

Recommended

Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017
Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017
Big Data security: Facing the challenge by Carlos Gómez at Big Data Spain 2017Big Data Spain
 
Managing the Dewey Decimal System
Managing the Dewey Decimal SystemManaging the Dewey Decimal System
Managing the Dewey Decimal SystemDataWorks Summit
 
Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...
Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...
Keeping your Enterprise’s Big Data Secure by Owen O’Malley at Big Data Spain ...Big Data Spain
 
Elastic at KPN
Elastic at KPNElastic at KPN
Elastic at KPNElasticsearch
 
Turning Evidence into Insights: How NCIS Leverages Elastic
Turning Evidence into Insights: How NCIS Leverages Elastic Turning Evidence into Insights: How NCIS Leverages Elastic
Turning Evidence into Insights: How NCIS Leverages Elastic Elasticsearch
 
Achieving cyber mission assurance with near real-time impact
Achieving cyber mission assurance with near real-time impactAchieving cyber mission assurance with near real-time impact
Achieving cyber mission assurance with near real-time impactElasticsearch
 
Using Hadoop to Drive Down Fraud for Telcos
Using Hadoop to Drive Down Fraud for TelcosUsing Hadoop to Drive Down Fraud for Telcos
Using Hadoop to Drive Down Fraud for TelcosCloudera, Inc.
 
Security Events Logging at Bell with the Elastic Stack
Security Events Logging at Bell with the Elastic StackSecurity Events Logging at Bell with the Elastic Stack
Security Events Logging at Bell with the Elastic StackElasticsearch
 
Siscale Lightning Talk: Automated Root Cause Analysis with Elastic Stack
Siscale Lightning Talk: Automated Root Cause Analysis with Elastic StackSiscale Lightning Talk: Automated Root Cause Analysis with Elastic Stack
Siscale Lightning Talk: Automated Root Cause Analysis with Elastic StackElasticsearch
 
Liferay cloud services lnlug-6-march-2014
Liferay cloud services lnlug-6-march-2014Liferay cloud services lnlug-6-march-2014
Liferay cloud services lnlug-6-march-2014Ruud Kluivers
 
CSX: Real-time Business Discovery with the Elastic Stack
CSX: Real-time Business Discovery with the Elastic StackCSX: Real-time Business Discovery with the Elastic Stack
CSX: Real-time Business Discovery with the Elastic StackElasticsearch
 
Ran Rothschild - CloudZone
Ran Rothschild - CloudZoneRan Rothschild - CloudZone
Ran Rothschild - CloudZoneIdan Tohami
 
PLNOG 13: B. van der Sloot, S. Abdel-Hafez: Running a 2 Tbps global IP networ...
PLNOG 13: B. van der Sloot, S. Abdel-Hafez: Running a 2 Tbps global IP networ...PLNOG 13: B. van der Sloot, S. Abdel-Hafez: Running a 2 Tbps global IP networ...
PLNOG 13: B. van der Sloot, S. Abdel-Hafez: Running a 2 Tbps global IP networ...PROIDEA
 
Elastic on a Hyper-Converged Infrastructure for Operational Log Analytics
Elastic on a Hyper-Converged Infrastructure for Operational Log AnalyticsElastic on a Hyper-Converged Infrastructure for Operational Log Analytics
Elastic on a Hyper-Converged Infrastructure for Operational Log AnalyticsElasticsearch
 
Countering Threats with the Elastic Stack at CERDEC/ARL
Countering Threats with the Elastic Stack at CERDEC/ARLCountering Threats with the Elastic Stack at CERDEC/ARL
Countering Threats with the Elastic Stack at CERDEC/ARLElasticsearch
 
Keynote
KeynoteKeynote
KeynoteElasticsearch
 
Risk Management for Data: Secured and Governed
Risk Management for Data: Secured and GovernedRisk Management for Data: Secured and Governed
Risk Management for Data: Secured and GovernedCloudera, Inc.
 
Improving search at Wellcome Collection
Improving search at Wellcome CollectionImproving search at Wellcome Collection
Improving search at Wellcome CollectionElasticsearch
 
MongoDB World 2019: A MongoDB Journey: Moving From a Relational Database to M...
MongoDB World 2019: A MongoDB Journey: Moving From a Relational Database to M...MongoDB World 2019: A MongoDB Journey: Moving From a Relational Database to M...
MongoDB World 2019: A MongoDB Journey: Moving From a Relational Database to M...MongoDB
 
Blockchain and Apache NiFi
Blockchain and Apache NiFiBlockchain and Apache NiFi
Blockchain and Apache NiFiTimothy Spann
 
Strengthening critical internet infrastructure
Strengthening critical internet infrastructureStrengthening critical internet infrastructure
Strengthening critical internet infrastructureBright Boateng
 
Privacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
Privacera and Northwestern Mutual - Scaling Privacy in a Spark EcosystemPrivacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
Privacera and Northwestern Mutual - Scaling Privacy in a Spark EcosystemPrivacera
 
ProdSec: A Technical Approach
ProdSec: A Technical ApproachProdSec: A Technical Approach
ProdSec: A Technical ApproachJeremy Brown
 
Insight into Hyperconverged Infrastructure
Insight into Hyperconverged Infrastructure Insight into Hyperconverged Infrastructure
Insight into Hyperconverged Infrastructure HTS Hosting
 
Timothy Spann [StreamNative] | Using FLaNK with InfluxDB for EdgeAI IoT at Sc...
Timothy Spann [StreamNative] | Using FLaNK with InfluxDB for EdgeAI IoT at Sc...Timothy Spann [StreamNative] | Using FLaNK with InfluxDB for EdgeAI IoT at Sc...
Timothy Spann [StreamNative] | Using FLaNK with InfluxDB for EdgeAI IoT at Sc...InfluxData
 
Managing Big Data projects in a constantly changing environment - Rafał Zalew...
Managing Big Data projects in a constantly changing environment - Rafał Zalew...Managing Big Data projects in a constantly changing environment - Rafał Zalew...
Managing Big Data projects in a constantly changing environment - Rafał Zalew...GetInData
 
Data Governance and Management in Cloud pak nam
Data Governance and Management in Cloud pak namData Governance and Management in Cloud pak nam
Data Governance and Management in Cloud pak namPT Datacomm Diangraha
 
Divide & Conquer - Logging Architecture in Distributed Ecosystems with Elasti...
Divide & Conquer - Logging Architecture in Distributed Ecosystems with Elasti...Divide & Conquer - Logging Architecture in Distributed Ecosystems with Elasti...
Divide & Conquer - Logging Architecture in Distributed Ecosystems with Elasti...Elasticsearch
 
Integração de Dados com Apache NIFI - Marco Garcia Cetax
Integração de Dados com Apache NIFI - Marco Garcia CetaxIntegração de Dados com Apache NIFI - Marco Garcia Cetax
Integração de Dados com Apache NIFI - Marco Garcia CetaxMarco Garcia
 
Getting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionGetting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionSplunk
 

More Related Content

What's hot

Siscale Lightning Talk: Automated Root Cause Analysis with Elastic Stack
Siscale Lightning Talk: Automated Root Cause Analysis with Elastic StackSiscale Lightning Talk: Automated Root Cause Analysis with Elastic Stack
Siscale Lightning Talk: Automated Root Cause Analysis with Elastic StackElasticsearch
 
Liferay cloud services lnlug-6-march-2014
Liferay cloud services lnlug-6-march-2014Liferay cloud services lnlug-6-march-2014
Liferay cloud services lnlug-6-march-2014Ruud Kluivers
 
CSX: Real-time Business Discovery with the Elastic Stack
CSX: Real-time Business Discovery with the Elastic StackCSX: Real-time Business Discovery with the Elastic Stack
CSX: Real-time Business Discovery with the Elastic StackElasticsearch
 
Ran Rothschild - CloudZone
Ran Rothschild - CloudZoneRan Rothschild - CloudZone
Ran Rothschild - CloudZoneIdan Tohami
 
PLNOG 13: B. van der Sloot, S. Abdel-Hafez: Running a 2 Tbps global IP networ...
PLNOG 13: B. van der Sloot, S. Abdel-Hafez: Running a 2 Tbps global IP networ...PLNOG 13: B. van der Sloot, S. Abdel-Hafez: Running a 2 Tbps global IP networ...
PLNOG 13: B. van der Sloot, S. Abdel-Hafez: Running a 2 Tbps global IP networ...PROIDEA
 
Elastic on a Hyper-Converged Infrastructure for Operational Log Analytics
Elastic on a Hyper-Converged Infrastructure for Operational Log AnalyticsElastic on a Hyper-Converged Infrastructure for Operational Log Analytics
Elastic on a Hyper-Converged Infrastructure for Operational Log AnalyticsElasticsearch
 
Countering Threats with the Elastic Stack at CERDEC/ARL
Countering Threats with the Elastic Stack at CERDEC/ARLCountering Threats with the Elastic Stack at CERDEC/ARL
Countering Threats with the Elastic Stack at CERDEC/ARLElasticsearch
 
Risk Management for Data: Secured and Governed
Risk Management for Data: Secured and GovernedRisk Management for Data: Secured and Governed
Risk Management for Data: Secured and GovernedCloudera, Inc.
 
Improving search at Wellcome Collection
Improving search at Wellcome CollectionImproving search at Wellcome Collection
Improving search at Wellcome CollectionElasticsearch
 
MongoDB World 2019: A MongoDB Journey: Moving From a Relational Database to M...
MongoDB World 2019: A MongoDB Journey: Moving From a Relational Database to M...MongoDB World 2019: A MongoDB Journey: Moving From a Relational Database to M...
MongoDB World 2019: A MongoDB Journey: Moving From a Relational Database to M...MongoDB
 
Blockchain and Apache NiFi
Blockchain and Apache NiFiBlockchain and Apache NiFi
Blockchain and Apache NiFiTimothy Spann
 
Strengthening critical internet infrastructure
Strengthening critical internet infrastructureStrengthening critical internet infrastructure
Strengthening critical internet infrastructureBright Boateng
 
Privacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
Privacera and Northwestern Mutual - Scaling Privacy in a Spark EcosystemPrivacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
Privacera and Northwestern Mutual - Scaling Privacy in a Spark EcosystemPrivacera
 
ProdSec: A Technical Approach
ProdSec: A Technical ApproachProdSec: A Technical Approach
ProdSec: A Technical ApproachJeremy Brown
 
Insight into Hyperconverged Infrastructure
Insight into Hyperconverged Infrastructure Insight into Hyperconverged Infrastructure
Insight into Hyperconverged Infrastructure HTS Hosting
 
Timothy Spann [StreamNative] | Using FLaNK with InfluxDB for EdgeAI IoT at Sc...
Timothy Spann [StreamNative] | Using FLaNK with InfluxDB for EdgeAI IoT at Sc...Timothy Spann [StreamNative] | Using FLaNK with InfluxDB for EdgeAI IoT at Sc...
Timothy Spann [StreamNative] | Using FLaNK with InfluxDB for EdgeAI IoT at Sc...InfluxData
 
Managing Big Data projects in a constantly changing environment - Rafał Zalew...
Managing Big Data projects in a constantly changing environment - Rafał Zalew...Managing Big Data projects in a constantly changing environment - Rafał Zalew...
Managing Big Data projects in a constantly changing environment - Rafał Zalew...GetInData
 
Data Governance and Management in Cloud pak nam
Data Governance and Management in Cloud pak namData Governance and Management in Cloud pak nam
Data Governance and Management in Cloud pak namPT Datacomm Diangraha
 
Divide & Conquer - Logging Architecture in Distributed Ecosystems with Elasti...
Divide & Conquer - Logging Architecture in Distributed Ecosystems with Elasti...Divide & Conquer - Logging Architecture in Distributed Ecosystems with Elasti...
Divide & Conquer - Logging Architecture in Distributed Ecosystems with Elasti...Elasticsearch
 

What's hot (20)

Siscale Lightning Talk: Automated Root Cause Analysis with Elastic Stack
Siscale Lightning Talk: Automated Root Cause Analysis with Elastic StackSiscale Lightning Talk: Automated Root Cause Analysis with Elastic Stack
Siscale Lightning Talk: Automated Root Cause Analysis with Elastic Stack
 
Liferay cloud services lnlug-6-march-2014
Liferay cloud services lnlug-6-march-2014Liferay cloud services lnlug-6-march-2014
Liferay cloud services lnlug-6-march-2014
 
CSX: Real-time Business Discovery with the Elastic Stack
CSX: Real-time Business Discovery with the Elastic StackCSX: Real-time Business Discovery with the Elastic Stack
CSX: Real-time Business Discovery with the Elastic Stack
 
Ran Rothschild - CloudZone
Ran Rothschild - CloudZoneRan Rothschild - CloudZone
Ran Rothschild - CloudZone
 
PLNOG 13: B. van der Sloot, S. Abdel-Hafez: Running a 2 Tbps global IP networ...
PLNOG 13: B. van der Sloot, S. Abdel-Hafez: Running a 2 Tbps global IP networ...PLNOG 13: B. van der Sloot, S. Abdel-Hafez: Running a 2 Tbps global IP networ...
PLNOG 13: B. van der Sloot, S. Abdel-Hafez: Running a 2 Tbps global IP networ...
 
Elastic on a Hyper-Converged Infrastructure for Operational Log Analytics
Elastic on a Hyper-Converged Infrastructure for Operational Log AnalyticsElastic on a Hyper-Converged Infrastructure for Operational Log Analytics
Elastic on a Hyper-Converged Infrastructure for Operational Log Analytics
 
Countering Threats with the Elastic Stack at CERDEC/ARL
Countering Threats with the Elastic Stack at CERDEC/ARLCountering Threats with the Elastic Stack at CERDEC/ARL
Countering Threats with the Elastic Stack at CERDEC/ARL
 
Keynote
KeynoteKeynote
Keynote
 
Risk Management for Data: Secured and Governed
Risk Management for Data: Secured and GovernedRisk Management for Data: Secured and Governed
Risk Management for Data: Secured and Governed
 
Improving search at Wellcome Collection
Improving search at Wellcome CollectionImproving search at Wellcome Collection
Improving search at Wellcome Collection
 
MongoDB World 2019: A MongoDB Journey: Moving From a Relational Database to M...
MongoDB World 2019: A MongoDB Journey: Moving From a Relational Database to M...MongoDB World 2019: A MongoDB Journey: Moving From a Relational Database to M...
MongoDB World 2019: A MongoDB Journey: Moving From a Relational Database to M...
 
Blockchain and Apache NiFi
Blockchain and Apache NiFiBlockchain and Apache NiFi
Blockchain and Apache NiFi
 
Strengthening critical internet infrastructure
Strengthening critical internet infrastructureStrengthening critical internet infrastructure
Strengthening critical internet infrastructure
 
Privacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
Privacera and Northwestern Mutual - Scaling Privacy in a Spark EcosystemPrivacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
Privacera and Northwestern Mutual - Scaling Privacy in a Spark Ecosystem
 
ProdSec: A Technical Approach
ProdSec: A Technical ApproachProdSec: A Technical Approach
ProdSec: A Technical Approach
 
Insight into Hyperconverged Infrastructure
Insight into Hyperconverged Infrastructure Insight into Hyperconverged Infrastructure
Insight into Hyperconverged Infrastructure
 
Timothy Spann [StreamNative] | Using FLaNK with InfluxDB for EdgeAI IoT at Sc...
Timothy Spann [StreamNative] | Using FLaNK with InfluxDB for EdgeAI IoT at Sc...Timothy Spann [StreamNative] | Using FLaNK with InfluxDB for EdgeAI IoT at Sc...
Timothy Spann [StreamNative] | Using FLaNK with InfluxDB for EdgeAI IoT at Sc...
 
Managing Big Data projects in a constantly changing environment - Rafał Zalew...
Managing Big Data projects in a constantly changing environment - Rafał Zalew...Managing Big Data projects in a constantly changing environment - Rafał Zalew...
Managing Big Data projects in a constantly changing environment - Rafał Zalew...
 
Data Governance and Management in Cloud pak nam
Data Governance and Management in Cloud pak namData Governance and Management in Cloud pak nam
Data Governance and Management in Cloud pak nam
 
Divide & Conquer - Logging Architecture in Distributed Ecosystems with Elasti...
Divide & Conquer - Logging Architecture in Distributed Ecosystems with Elasti...Divide & Conquer - Logging Architecture in Distributed Ecosystems with Elasti...
Divide & Conquer - Logging Architecture in Distributed Ecosystems with Elasti...
 

Similar to Logging at scale: doing more with less

Integração de Dados com Apache NIFI - Marco Garcia Cetax
Integração de Dados com Apache NIFI - Marco Garcia CetaxIntegração de Dados com Apache NIFI - Marco Garcia Cetax
Integração de Dados com Apache NIFI - Marco Garcia CetaxMarco Garcia
 
Getting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionGetting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionSplunk
 
Getting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionGetting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionSplunk
 
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & ComplianceAmazon Web Services
 
Ankus, bigdata deployment and orchestration framework
Ankus, bigdata deployment and orchestration frameworkAnkus, bigdata deployment and orchestration framework
Ankus, bigdata deployment and orchestration frameworkAshrith Mekala
 
Building a Lightweight Discovery Interface for Chinese Patents, Presented by ...
Building a Lightweight Discovery Interface for Chinese Patents, Presented by ...Building a Lightweight Discovery Interface for Chinese Patents, Presented by ...
Building a Lightweight Discovery Interface for Chinese Patents, Presented by ...Lucidworks (Archived)
 
5 Things that Make Hadoop a Game Changer
5 Things that Make Hadoop a Game Changer5 Things that Make Hadoop a Game Changer
5 Things that Make Hadoop a Game ChangerCaserta
 
Leaving the Ivory Tower: Research in the Real World
Leaving the Ivory Tower: Research in the Real WorldLeaving the Ivory Tower: Research in the Real World
Leaving the Ivory Tower: Research in the Real WorldC4Media
 
Leaving the Ivory Tower: Research in the Real World
Leaving the Ivory Tower: Research in the Real WorldLeaving the Ivory Tower: Research in the Real World
Leaving the Ivory Tower: Research in the Real WorldArmonDadgar
 
The Great Lakes: How to Approach a Big Data Implementation
The Great Lakes: How to Approach a Big Data ImplementationThe Great Lakes: How to Approach a Big Data Implementation
The Great Lakes: How to Approach a Big Data ImplementationInside Analysis
 
Track 1 Session 6_建立安全高效的資料分析平台加速金融創新_HC+EMQ Cliff(已檢核,上下無黑邊).pptx
Track 1 Session 6_建立安全高效的資料分析平台加速金融創新_HC+EMQ Cliff(已檢核,上下無黑邊).pptxTrack 1 Session 6_建立安全高效的資料分析平台加速金融創新_HC+EMQ Cliff(已檢核,上下無黑邊).pptx
Track 1 Session 6_建立安全高效的資料分析平台加速金融創新_HC+EMQ Cliff(已檢核,上下無黑邊).pptxAmazon Web Services
 
Removing dependencies between services: Messaging and Apache Kafka
Removing dependencies between services: Messaging and Apache KafkaRemoving dependencies between services: Messaging and Apache Kafka
Removing dependencies between services: Messaging and Apache KafkaDaniel Muñoz Garrido
 
Big Data made easy in the era of the Cloud - Demi Ben-Ari
Big Data made easy in the era of the Cloud - Demi Ben-AriBig Data made easy in the era of the Cloud - Demi Ben-Ari
Big Data made easy in the era of the Cloud - Demi Ben-AriDemi Ben-Ari
 
Benchmark Showdown: Which Relational Database is the Fastest on AWS?
Benchmark Showdown: Which Relational Database is the Fastest on AWS?Benchmark Showdown: Which Relational Database is the Fastest on AWS?
Benchmark Showdown: Which Relational Database is the Fastest on AWS?Clustrix
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseSplunk
 
How to Build Continuous Ingestion for the Internet of Things
How to Build Continuous Ingestion for the Internet of ThingsHow to Build Continuous Ingestion for the Internet of Things
How to Build Continuous Ingestion for the Internet of ThingsCloudera, Inc.
 
Elastic Data Analytics Platform @Datadog
Elastic Data Analytics Platform @DatadogElastic Data Analytics Platform @Datadog
Elastic Data Analytics Platform @DatadogC4Media
 
A Big Data Lake Based on Spark for BBVA Bank-(Oscar Mendez, STRATIO)
A Big Data Lake Based on Spark for BBVA Bank-(Oscar Mendez, STRATIO)A Big Data Lake Based on Spark for BBVA Bank-(Oscar Mendez, STRATIO)
A Big Data Lake Based on Spark for BBVA Bank-(Oscar Mendez, STRATIO)Spark Summit
 
Searching Chinese Patents Presentation at Enterprise Data World
Searching Chinese Patents Presentation at Enterprise Data WorldSearching Chinese Patents Presentation at Enterprise Data World
Searching Chinese Patents Presentation at Enterprise Data WorldOpenSource Connections
 

Similar to Logging at scale: doing more with less (20)

Integração de Dados com Apache NIFI - Marco Garcia Cetax
Integração de Dados com Apache NIFI - Marco Garcia CetaxIntegração de Dados com Apache NIFI - Marco Garcia Cetax
Integração de Dados com Apache NIFI - Marco Garcia Cetax
 
Getting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionGetting Started with Splunk Breakout Session
Getting Started with Splunk Breakout Session
 
Getting Started with Splunk Breakout Session
Getting Started with Splunk Breakout SessionGetting Started with Splunk Breakout Session
Getting Started with Splunk Breakout Session
 
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
(SEC320) Leveraging the Power of AWS to Automate Security & Compliance
 
Ankus, bigdata deployment and orchestration framework
Ankus, bigdata deployment and orchestration frameworkAnkus, bigdata deployment and orchestration framework
Ankus, bigdata deployment and orchestration framework
 
Building a Lightweight Discovery Interface for Chinese Patents, Presented by ...
Building a Lightweight Discovery Interface for Chinese Patents, Presented by ...Building a Lightweight Discovery Interface for Chinese Patents, Presented by ...
Building a Lightweight Discovery Interface for Chinese Patents, Presented by ...
 
5 Things that Make Hadoop a Game Changer
5 Things that Make Hadoop a Game Changer5 Things that Make Hadoop a Game Changer
5 Things that Make Hadoop a Game Changer
 
Leaving the Ivory Tower: Research in the Real World
Leaving the Ivory Tower: Research in the Real WorldLeaving the Ivory Tower: Research in the Real World
Leaving the Ivory Tower: Research in the Real World
 
Leaving the Ivory Tower: Research in the Real World
Leaving the Ivory Tower: Research in the Real WorldLeaving the Ivory Tower: Research in the Real World
Leaving the Ivory Tower: Research in the Real World
 
The Great Lakes: How to Approach a Big Data Implementation
The Great Lakes: How to Approach a Big Data ImplementationThe Great Lakes: How to Approach a Big Data Implementation
The Great Lakes: How to Approach a Big Data Implementation
 
Track 1 Session 6_建立安全高效的資料分析平台加速金融創新_HC+EMQ Cliff(已檢核,上下無黑邊).pptx
Track 1 Session 6_建立安全高效的資料分析平台加速金融創新_HC+EMQ Cliff(已檢核,上下無黑邊).pptxTrack 1 Session 6_建立安全高效的資料分析平台加速金融創新_HC+EMQ Cliff(已檢核,上下無黑邊).pptx
Track 1 Session 6_建立安全高效的資料分析平台加速金融創新_HC+EMQ Cliff(已檢核,上下無黑邊).pptx
 
Removing dependencies between services: Messaging and Apache Kafka
Removing dependencies between services: Messaging and Apache KafkaRemoving dependencies between services: Messaging and Apache Kafka
Removing dependencies between services: Messaging and Apache Kafka
 
Big Data made easy in the era of the Cloud - Demi Ben-Ari
Big Data made easy in the era of the Cloud - Demi Ben-AriBig Data made easy in the era of the Cloud - Demi Ben-Ari
Big Data made easy in the era of the Cloud - Demi Ben-Ari
 
Benchmark Showdown: Which Relational Database is the Fastest on AWS?
Benchmark Showdown: Which Relational Database is the Fastest on AWS?Benchmark Showdown: Which Relational Database is the Fastest on AWS?
Benchmark Showdown: Which Relational Database is the Fastest on AWS?
 
Getting Started with Splunk Enterprise
Getting Started with Splunk EnterpriseGetting Started with Splunk Enterprise
Getting Started with Splunk Enterprise
 
How to Build Continuous Ingestion for the Internet of Things
How to Build Continuous Ingestion for the Internet of ThingsHow to Build Continuous Ingestion for the Internet of Things
How to Build Continuous Ingestion for the Internet of Things
 
Elastic Data Analytics Platform @Datadog
Elastic Data Analytics Platform @DatadogElastic Data Analytics Platform @Datadog
Elastic Data Analytics Platform @Datadog
 
A Big Data Lake Based on Spark for BBVA Bank-(Oscar Mendez, STRATIO)
A Big Data Lake Based on Spark for BBVA Bank-(Oscar Mendez, STRATIO)A Big Data Lake Based on Spark for BBVA Bank-(Oscar Mendez, STRATIO)
A Big Data Lake Based on Spark for BBVA Bank-(Oscar Mendez, STRATIO)
 
Searching Chinese Patents Presentation at Enterprise Data World
Searching Chinese Patents Presentation at Enterprise Data WorldSearching Chinese Patents Presentation at Enterprise Data World
Searching Chinese Patents Presentation at Enterprise Data World
 
Ask bigger questions
Ask bigger questionsAsk bigger questions
Ask bigger questions
 

Recently uploaded

AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsMemoori
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024BookNet Canada
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Alan Dix
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksSoftradix Technologies
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitecturePixlogix Infotech
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Mattias Andersson
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersThousandEyes
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):comworks
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr LapshynFwdays
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesSinan KOZAK
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Wonjun Hwang
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024The Digital Insurer
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...shyamraj55
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationSlibray Presentation
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsMark Billinghurst
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Neo4j
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubKalema Edgar
 

Recently uploaded (20)

AI as an Interface for Commercial Buildings
AI as an Interface for Commercial BuildingsAI as an Interface for Commercial Buildings
AI as an Interface for Commercial Buildings
 
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
#StandardsGoals for 2024: What’s new for BISAC - Tech Forum 2024
 
Pigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping ElbowsPigging Solutions Piggable Sweeping Elbows
Pigging Solutions Piggable Sweeping Elbows
 
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...Swan(sea) Song – personal research during my six years at Swansea ... and bey...
Swan(sea) Song – personal research during my six years at Swansea ... and bey...
 
Benefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other FrameworksBenefits Of Flutter Compared To Other Frameworks
Benefits Of Flutter Compared To Other Frameworks
 
Understanding the Laravel MVC Architecture
Understanding the Laravel MVC ArchitectureUnderstanding the Laravel MVC Architecture
Understanding the Laravel MVC Architecture
 
Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?Are Multi-Cloud and Serverless Good or Bad?
Are Multi-Cloud and Serverless Good or Bad?
 
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for PartnersEnhancing Worker Digital Experience: A Hands-on Workshop for Partners
Enhancing Worker Digital Experience: A Hands-on Workshop for Partners
 
CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):CloudStudio User manual (basic edition):
CloudStudio User manual (basic edition):
 
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort ServiceHot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
Hot Sexy call girls in Panjabi Bagh 🔝 9953056974 🔝 Delhi escort Service
 
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
"Federated learning: out of reach no matter how close",Oleksandr Lapshyn
 
Unblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen FramesUnblocking The Main Thread Solving ANRs and Frozen Frames
Unblocking The Main Thread Solving ANRs and Frozen Frames
 
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
Bun (KitWorks Team Study 노별마루 발표 2024.4.22)
 
My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024My INSURER PTE LTD - Insurtech Innovation Award 2024
My INSURER PTE LTD - Insurtech Innovation Award 2024
 
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
Automating Business Process via MuleSoft Composer | Bangalore MuleSoft Meetup...
 
Connect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck PresentationConnect Wave/ connectwave Pitch Deck Presentation
Connect Wave/ connectwave Pitch Deck Presentation
 
Human Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR SystemsHuman Factors of XR: Using Human Factors to Design XR Systems
Human Factors of XR: Using Human Factors to Design XR Systems
 
Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024Build your next Gen AI Breakthrough - April 2024
Build your next Gen AI Breakthrough - April 2024
 
DMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special EditionDMCC Future of Trade Web3 - Special Edition
DMCC Future of Trade Web3 - Special Edition
 
Unleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding ClubUnleash Your Potential - Namagunga Girls Coding Club
Unleash Your Potential - Namagunga Girls Coding Club
 

Logging at scale: doing more with less

  • 1. Logging at scale Doing more with less Presented by Andre Fucs de Miranda
  • 2. Macquarie GovernmentMacquarie Government 1. A bit about me 2. A bit of context 3. Apache NiFi and the SOC 4. Demo 5. Questions The agenda. | Logging at scale – Doing more with less 2
  • 3. Macquarie Government A bit about me. | Logging at scale – Doing more with less
  • 4. Macquarie Government Manager @ Macquarie’s Security Operations Center 20 years working in information cyber security Apache NiFi committer and PMC member | Logging at scale – Doing more with less https://github.com/trixpan https://twitter.com/trixpan About me
  • 5. Macquarie Government A bit of context | Logging at scale – Doing more with less
  • 6. Macquarie Government A bit of context About Macquarie Government • 42% of Australian Government agencies are our customers • 3+ billion events per day; Our tool stack is diverse and busy: • We generate TBs of data per day. • Since 2015 we have been using “Big Data” (i.e. Hadoop ecosystem) for reporting and analytics. • We are constantly looking for ways to offer our customers with better insights over the threats targeting them. • We also felt that relying exclusively on traditional SIEM wasn’t enough anymore. | Logging at scale – Doing more with less 6
  • 7. Macquarie Government A bit of context Could we leverage “big data” solutions to improve our SOC further? • Perhaps we could rationalise the way we collect and process log messages? • Perhaps we could do enrichment against a more diverse set of sources?? • What else? | Logging at scale – Doing more with less 7
  • 8. Macquarie Government So we went and evaluated lots of tools and architectures looking to map things like: • Ability to integrate with SIEM pipelines natively • Ability to consume cloud services (IaaS, PaaS and Saas) • Ability to query odd stuff • Inbuilt Security • Ability to Scale out • How easy to maintain and extend | Logging at scale – Doing more with less 8 and many more… A bit of context All Apache project logos are trademarks of the ASF and the respective projects. Logstash is a trademark of Elasticsearch BV, registered in the U.S. and in other countries. fluentd is trademark by Treasure Data
  • 9. And the winner was…
  • 10. Macquarie Government Sorry, there was a mistake… | Logging at scale – Doing more with less 10 All Apache project logos are trademarks of the ASF and the respective projects.
  • 11. Macquarie Government Let’s talk tech. | Logging at scale – Doing more with less Apache NiFi and the SOC
  • 12. Macquarie Government A bit about Apache NiFi – A brief Prologue When you are start shipping “data” seems like an “easy” task | Logging at scale – Doing more with less DC1 DB 12
  • 13. Macquarie Government A bit about Apache NiFi – A brief Prologue But as the environment grows, complexity compounds… …but you keep adjusting your environment | Logging at scale – Doing more with less DC1 DB DC2 DB HQ ClientX AZ1 AZ2 13
  • 14. Macquarie Government ‘til the point you suddenly realise your pipeline is missing a bit of cheese. Or worse… | Logging at scale – Doing more with less © Luca Nebuloni https://www.flickr.com/photos/nebulux/10708289086/ 14
  • 15. Macquarie Government A bit about Apache NiFi – A brief Prologue | Logging at scale – Doing more with less Source: https://goo.gl/xKoavI 15
  • 16. Macquarie Government “Apache NiFi supports powerful and scalable directed graphs of data routing, transformation, and system mediation logic.” Open sourced by the National Security Agency in 2014[1] and submitted to The Apache Software Foundation for on-going stewardship [1] https://goo.gl/aZxCIC | Logging at scale – Doing more with less • User friendly interface • Flexible • Data Agnostic • Inbuilt mechanisms to balance between latency and throughput • Fine grain control of delivery guarantees (e.g. discard a flowfile once it becomes too old to be relevant). • “Secure” • Data provenance (from where, to where, changed by, etc.) • Authorization Policies, TLS, Kerberos, Encryption and a handful of other features • Designed for Extension A bit about Apache NiFi16
  • 17. Macquarie Government A bit about Apache NiFi NiFi allows you easily move data between A and B (and B to A) in a controlled, secure and reliable way, while still allowing you to process and granularly apply logic to the data in motion. | Logging at scale – Doing more with less 17
  • 18. Macquarie Government A bit about Apache NiFi A few examples on how NiFi capabilities help a SOC: • Rationalising the flows of data into your SIEM • Do you truly need your SIEM to be ingesting all your logs? • What happens when you run more than one SIEM (because it may well happen…)? • Enrich data against a diverse range of sources • ElasticSearch, REST APIs, DNS, Redis, Whois, GeoIP, SQL, MISP (via HTTP) • (Pull|push) data (from|to) a diverse set of platforms • Object based stores such as GCS or S3, FTP, SFTP, Mainframes via WebSphere MQ, Files, SQL and Syslog of course. | Logging at scale – Doing more with less 18
  • 19. Macquarie Government Let’s take a closer look. | Logging at scale – Doing more with less
  • 20. Macquarie Government | Logging at scale – Doing more with less DEMO Time
  • 21. Macquarie Government Let’s talk. | Logging at scale – Doing more with less Andre Fucs de Miranda Macquarie Government amiranda@macquariegovernment.com 1800 004 943