Log Management and Analytics use cases

The following use cases show just some of the ways you can use Log Management and Analytics to leverage your log data.

Observe cloud network traffic with logs

In this use case, you need to use VPC Flow logs to monitor and analyze incoming HTTP(S) traffic to your Virtual Private Cloud (VPC) in Amazon Web Services (AWS).

Use logs in context to troubleshoot issues

In this use case, you need to do proactive health and performance check of the apps running on maintained cluster and learns about errors in logs that are caused by another component.

Investigate security incidents in Kubernetes clusters

Application Security

In this use case, you work with Security Investigator to analyze unauthorized requests in your Kubernetes audit logs. See how you can manage and reuse the evidence gathered during the investigation, navigate between executed queries while maintaining investigation in context, and get a detailed overview of your results in the original format.

Run instant queries to debug intrusions

Application Security

In this use case, once you set up a workflow that notifies you when an attack occurs, determines what is affected, and enriches the data with context, you can immediately respond to discoveries and perform further investigations on logs by running a sequence of DQL queries in Notebooks tailored to the attack type.

Resolve team dependencies

In this use case, you create a Log Analysis Dashboard that takes care of identifying bugs from logs, as well as grouping, triaging, and distributing to a bug tracker that clarifies ambiguous responsibilities and interdependencies.

Real-time advanced observability with logs and DQL

In this use case, you want to observe mission-critical information over time found in your logs that are sent using log ingest API.