• Building custom threat detection rules with OpenSearch Security Analytics

    Tue, Nov 21, 2023

    The threat detection rules scan log data to produce security findings representing potential threats. Security Analytics provides more than 2,200 prepackaged, open-source Sigma rules to help you identify potential security threats from a variety of log sources, including Microsoft Windows, AWS CloudTrail, Amazon S3 access logs, and many more. Additionally, you have the flexibility to create new detection rules and...

    Read More
  • Secrets to improving ingestion with OpenSearch

    Mon, Nov 20, 2023

    While most of the optimization secrets I’m sharing with you aren’t intentionally hidden, they sure felt hidden to me when I started with OpenSearch.

    Read More
  • Optimize OpenSearch Refresh Interval

    Mon, Nov 13, 2023

    Learn how to optimize the refresh interval of an OpenSearch index and strike a balance between the speed at which indexed information is available for search with CPU and I/O costs

    Read More
  • What in the ML is going on around here?

    Thu, Nov 02, 2023

    Going from a vanilla install of OpenSearch to having vectorized text stored in a k-NN–enabled index seemed like a quick learning exercise. On paper, it almost looked easy. Upload a model to a node designated as a ML node, load it, and start ingesting text and storing it as a vector. The amount of probing, asking, experimenting, and copying and...

    Read More
  • Introducing a traffic capture and replay solution for OpenSearch migrations and upgrades

    Thu, Oct 26, 2023

    We are thrilled to introduce the beta release of a live traffic capture and replay solution designed to assist users in migrating to OpenSearch. This tool equips users to capture live traffic from their source cluster and replay it, either simultaneously or offline, on a specified shadow cluster for rigorous testing and analysis. By comparing the performance and behavior of...

    Read More