managing prometheus in a security focused environment
play

Managing Prometheus in a Security-focused Environment Linux - PowerPoint PPT Presentation

Sep 08, 2023 •340 likes •605 views

Managing Prometheus in a Security-focused Environment Linux Monitoring at HUK-COBURG PromCon 2019 | Christian Hoffmann Conways Law? 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 2 Introduction $ cat

  1. Managing Prometheus in a Security-focused Environment Linux Monitoring at HUK-COBURG PromCon 2019 | Christian Hoffmann

  2. Conway‘s Law? 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 2

  3. Introduction $ cat /HUK-COBURG HUK-COBURG  German consumer insurance company  Largest car insurance for consumers in Germany  12 million customers  10.000 employees 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 3

  4. Introduction $ cat /HUK-COBURG/IT IT-related departments HUK-COBURG  800 people  Not a startup, but lots of teams …  Highly regulated 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 4

  5. Introduction $ cat /HUK-COBURG/IT/Linux Linux Platform Development IT-related departments HUK-COBURG …  Internal IaaS provider  900 RHEL servers  Two main data centers 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 5

  6. Introduction $ cat /HUK-COBURG/IT/Linux/Christian Hoffmann Linux Platform Development IT-related departments  One of ten people HUK-COBURG  Joined in 2016 …  Linux & Open Source enthusiast 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 6

  7. Introduction $ cat /HUK-COBURG/IT/Linux/Application owners Linux Platform Development IT-related departments Application owners HUK-COBURG …  About 130 people, running: • Databases • Web servers • … 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 7

  8. Introduction $ cat /HUK-COBURG/IT/Linux/Others Linux Platform Development IT-related departments Application owners HUK-COBURG Operations … … 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 8

  9. Overview Scraping Alerts Monitoring Graphs Integrations 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 9

  10. Scraping Placement of Prometheus Instances  Close to the target  What does close mean? Firewalled zone #40 SMTP? Alertmanager/HTTP? 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 10

  11. Scraping Our setup: One Prometheus per DC DC 1 DC 2 60s 2 4 1.7 M 200 VMs cores series alert rules scrape_interval 20 GiB 1.2 TiB 2 600 1 600 30 k RAM disk file_sd rec rules samples/s 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 11

  12. Scraping Scraping: Securing and unifying metrics access # ps – ef | grep agent root 3474 Nov07 00:30:14 /opt/security-scanner/agent root 7182 Nov07 00:05:03 /opt/hardware-monitoring/agent root 1139 Nov07 83:01:37 /opt/license-management/agent root 4100 Nov07 00:20:00 /opt/config-management/agent root 9983 Nov07 01:30:53 /opt/backup-management/agent ... 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 12

  13. Scraping So… # nmap server1001 PORT STATE SERVICE 22/tcp open ssh Nmap done: 1 IP address (1 host up) scanned in 0.12 seconds 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 13

  14. Scraping Introducing sshified Monitoring target Prometheus server proxy_url: 10.1.2.3:22 127.0.0.1:8000 127.0.0.1:9100 node_exporter sshified sshd 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 14

  15. Scraping Exporters node process multilog blackbox non-systemd textfile decentralized procs runs as root systemd 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 15

  16. Overview Scraping Alerts Monitoring Graphs Integrations 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 16

  17. Alerts Alertmanager Alertmanager Central Event • Routing Management • LinuxPlatform.+ Operations Prometheus • LinuxServer.+ • Dead man’s switch • App.+ • Incident creation • Integrations • Paging • webhook • email • Silences syslog Server inventory 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 17

  18. Overview Scraping Alerts Monitoring Graphs Integrations 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 18

  19. Graphs Grafana with basic multi-tenancy huk-grafana-provisioning.py Template 127.0.0.1:8888/owner="john"/ api/v1/query?query=up Apache httpd owner_john prometheus-filter-proxy • mod_ldap • mod_auth_kerb owner_lisa 127.0.0.1:9090/api/v1/query?query=up{ owner="john" } John owner_* Prometheus 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 19

  20. Graphs Grafana with high availability Apache httpd prometheus-filter-proxy 10.1.2.3 Prometheus rsync grafana.sqlite John Prometheus Apache httpd prometheus-filter-proxy 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 20

  21. Overview Scraping Alerts Monitoring Graphs Integrations 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 21

  22. Integrations Integrating Prometheus into Configuration Management Deploy & configure exporters  hiera  common.yml  role/web.yml • Scrape configs  role/db.yml • Platform alerts  node/srv1001.yml Role-specific alerts 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 22

  23. Integrations Integrating Patch Management into Prometheus  Staging of new Linux patches Development  Roll-out on application servers Staging Production 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 23

  24. Future What‘s up next?  Long Term Storage, Downsampling, „ Janitor “  Dashboard performance  Lots of additional ideas and areas for work 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 24

  25. Summary Benefits & Takeaways Prometheus and Grafana provide us  Sufficient flexibility in a regulated environment,  Basic multi-tenancy for our teams, and  Helpful integrations into other processes. 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment 25

  26. Thanks! Any questions? Christian Hoffmann Linux System Engineer at HUK-COBURG christian.hoffmann2@huk-coburg.de http://github.com/hoffie/sshified http://github.com/hoffie/prometheus-filter-proxy http://github.com/hoffie/multilog_exporter 11/2019 Christian Hoffmann | Managing Prometheus in a Security-focused Environment

Recommend

Prometheus Best Practices and Beastly Pitfalls Julius Volz, August 17, 2017 Prometheus

Prometheus Best Practices and Beastly Pitfalls Julius Volz, August 17, 2017 Prometheus

Prometheus Best Practices and Beastly Pitfalls Julius Volz, August 17, 2017 Prometheus Prometheus Areas Instrumentation Alerting Querying Prometheus Instrumentation Prometheus What to Instrument Every component (including

579 views • 34 slides
PromCon 2017 Welcome and Introduction Julius Volz, 17. August 2017 Prometheus Welcome and Thank

PromCon 2017 Welcome and Introduction Julius Volz, 17. August 2017 Prometheus Welcome and Thank

PromCon 2017 Welcome and Introduction Julius Volz, 17. August 2017 Prometheus Welcome and Thank You Prometheus What Happened? Lots of work on: Prometheus 2.0 prep Very soon now! new TSDB Prometheus 2.0 January 2015 July 2016

161 views • 14 slides
3. Agent-Oriented Methodologies Part 2: D) ems Design (MASD The PROMETHEUS The PROMETHEUS

3. Agent-Oriented Methodologies Part 2: D) ems Design (MASD The PROMETHEUS The PROMETHEUS

3. Agent-Oriented Methodologies Part 2: D) ems Design (MASD The PROMETHEUS The PROMETHEUS methodology. Javier Vzquez-Salceda q Multiagent Syste MASD https://kemlg.upc.edu Methodological Extensions to Object-Oriented Approaches A

310 views • 20 slides
110 Rules for Prometheus Brian Brazil Founder Rule 110 110 Rules for Prometheus Brian Brazil

110 Rules for Prometheus Brian Brazil Founder Rule 110 110 Rules for Prometheus Brian Brazil

110 Rules for Prometheus Brian Brazil Founder Rule 110 110 Rules for Prometheus Brian Brazil Founder Who am I? One of the core developers of Prometheus Founder of Robust Perception Primary author of Reliable Insights blog

443 views • 16 slides
Co-Founder, Managing Partner, SPiCE VC - Security Token Pioneers @AmiBenDavid 1 st Fully

Co-Founder, Managing Partner, SPiCE VC - Security Token Pioneers @AmiBenDavid 1 st Fully

P R E S E N T A T I O N B Y A M I B E N D A V I D Co-Founder, Managing Partner, SPiCE VC - Security Token Pioneers @AmiBenDavid 1 st Fully tokenized VC fund 4 th ever Security Token 1 st Regulation-enforcing Token (DS Protocol) Focused on

488 views • 21 slides
Knowledge in Interviews Brian Brazil Founder Who am I? One of the developers of Prometheus

Knowledge in Interviews Brian Brazil Founder Who am I? One of the developers of Prometheus

Evaluating Prometheus Knowledge in Interviews Brian Brazil Founder Who am I? One of the developers of Prometheus Author of Prometheus: Up&Running Primary author of Reliable Insights blog You may have heard of me :) Looking

546 views • 17 slides
Rethinking monitoring with Prometheus Martn Ferrari Based on a previous talk prepared with

Rethinking monitoring with Prometheus Martn Ferrari Based on a previous talk prepared with

Rethinking monitoring with Prometheus Martn Ferrari Based on a previous talk prepared with tefan afr - @som_zlo Who is Prometheus? A dude who stole fire from Mt. Olympus and gave it to humanity http://prometheus.io/ What is

402 views • 27 slides
Prometheus Adam Goldsmith, Jack Gonsalves, Ben Gillette, and Luke Buquicchio Prometheus

Prometheus Adam Goldsmith, Jack Gonsalves, Ben Gillette, and Luke Buquicchio Prometheus

Prometheus Adam Goldsmith, Jack Gonsalves, Ben Gillette, and Luke Buquicchio Prometheus Synopsis Have you ever wanted to travel to new and exciting places? Have you ever wanted to meet your maker? Have you ever wanted to kill

248 views • 9 slides
Managing Dependencies and Runtime Security ActiveState Deminar Managing Dependencies and

Managing Dependencies and Runtime Security ActiveState Deminar Managing Dependencies and

Managing Dependencies and Runtime Security ActiveState Deminar Managing Dependencies and Runtime Security About ActiveState Track-record: 97% of Fortune 1000, 20+ years open source Polyglot: 5 languages - Python, Perl, Tcl, Go, Ruby

727 views • 47 slides
YOUR CYBER SECURITY Ben Goodall PSC Griffiths Goodall, Managing Principal Nathaniel Barrs

YOUR CYBER SECURITY Ben Goodall PSC Griffiths Goodall, Managing Principal Nathaniel Barrs

YOUR CYBER SECURITY Ben Goodall PSC Griffiths Goodall, Managing Principal Nathaniel Barrs PSC Insurance Group, Director of Operations 19 May 2020 1 Agenda for Today Todays Environment Covid-19 Influences Types of Cyber

666 views • 21 slides
Staleness and Isolation in Prometheus 2.0 Brian Brazil Founder Who am I? One of the core

Staleness and Isolation in Prometheus 2.0 Brian Brazil Founder Who am I? One of the core

Staleness and Isolation in Prometheus 2.0 Brian Brazil Founder Who am I? One of the core developers of Prometheus Founder of Robust Perception Primary author of Reliable Insights blog Contributor to many open source projects

487 views • 44 slides
Practical monitoring with Prometheus and Grafana Jess Portnoy jess.portnoy@kaltura.com, Kaltura,

Practical monitoring with Prometheus and Grafana Jess Portnoy jess.portnoy@kaltura.com, Kaltura,

Practical monitoring with Prometheus and Grafana Jess Portnoy jess.portnoy@kaltura.com, Kaltura, Inc Abstract Prometheus is an open source monitoring and alerting toolkit. In this session we'll review the Prometheus architecture and various

418 views • 16 slides
An Introduction to Prometheus Brian Brazil Founder Who am I? Engineer passionate about running

An Introduction to Prometheus Brian Brazil Founder Who am I? Engineer passionate about running

An Introduction to Prometheus Brian Brazil Founder Who am I? Engineer passionate about running software reliably in production. Core developer of Prometheus Studied Computer Science in Trinity College Dublin. Google SRE for 7 years, working

431 views • 42 slides
Prometheus: Designing and Implementing a Modern Monitoring Solution in Go Bjrn Beorn

Prometheus: Designing and Implementing a Modern Monitoring Solution in Go Bjrn Beorn

Prometheus: Designing and Implementing a Modern Monitoring Solution in Go Bjrn Beorn Rabenstein, Production Engineer, SoundCloud Ltd. http://prometheus.io Architecture Go client library Counter interface (almost complete) type

489 views • 37 slides
Cortex: Prometheus as a Service, One Year On Tom Wilkie, PromCon 2017 tom.wilkie@gmail.com

Cortex: Prometheus as a Service, One Year On Tom Wilkie, PromCon 2017 tom.wilkie@gmail.com

Cortex: Prometheus as a Service, One Year On Tom Wilkie, PromCon 2017 tom.wilkie@gmail.com https://github.com/weaveworks/cortex https://www.youtube.com/watch?v=3Tb4Wc0kfCM Prometheus HA Grafana Cortex: Prometheus as a Service Alertmanager

541 views • 35 slides
Staying Focused in Volatile Times - Managing Investment Risk Sonia Kowal, President Kevin

Staying Focused in Volatile Times - Managing Investment Risk Sonia Kowal, President Kevin

Staying Focused in Volatile Times - Managing Investment Risk Sonia Kowal, President Kevin Callahan, CFA, Senior Portfolio Manager www.zevin.com (617) 742 - 6666 Managing Sustainable and Responsible Portfolios Since 1997 1 www.zevin.com |

511 views • 16 slides
Evolving Prometheus for the Cloud Native World Brian Brazil Founder Who am I? Engineer

Evolving Prometheus for the Cloud Native World Brian Brazil Founder Who am I? Engineer

Evolving Prometheus for the Cloud Native World Brian Brazil Founder Who am I? Engineer passionate about running software reliably in production. Core developer of Prometheus Studied Computer Science in Trinity College Dublin.

370 views • 25 slides
Monitoring Networking Infrastructure with Prometheus ecosystem PromCon 2019 Artem Nedoshepa

Monitoring Networking Infrastructure with Prometheus ecosystem PromCon 2019 Artem Nedoshepa

Monitoring Networking Infrastructure with Prometheus ecosystem PromCon 2019 Artem Nedoshepa Motivation behind implementing Prometheus Usability and self service Rich dimensional data model Flexible and powerful human readable

323 views • 8 slides
Where does CoreOS fit in? Automating Monitoring infrastructure Prometheus + Kubernetes

Where does CoreOS fit in? Automating Monitoring infrastructure Prometheus + Kubernetes

Alertmanager and high availability Frederic Branczyk Software Engineer at CoreOS Prometheus/Alertmanager/Kubernetes @brancz Where does CoreOS fit in? Automating Monitoring infrastructure Prometheus + Kubernetes What will I be talking

488 views • 29 slides
Deploying Prometheus Filippo Giunchedi - Operations Engineer filippo@wikimedia.org Agenda

Deploying Prometheus Filippo Giunchedi - Operations Engineer filippo@wikimedia.org Agenda

Deploying Prometheus Filippo Giunchedi - Operations Engineer filippo@wikimedia.org Agenda Introduction What we have and what we need Why Prometheus? How does it look like in production? What Prometheus does (and

316 views • 19 slides
Smoke free environment policy A guide to managing staff in a smoke free environment Smoke free

Smoke free environment policy A guide to managing staff in a smoke free environment Smoke free

Human Resources Smoke free environment policy A guide to managing staff in a smoke free environment Smoke free environment On 1 January 2015 all Federation University campuses became smoke free. As managers you are responsible for ensuring

409 views • 9 slides
Overview of Prometheus Mediator Snehal Thakkar CSCI 548 Information Integration On the Web

Overview of Prometheus Mediator Snehal Thakkar CSCI 548 Information Integration On the Web

Overview of Prometheus Mediator Snehal Thakkar CSCI 548 Information Integration On the Web Outline Prometheus mediator Brief Introduction Understanding data sources Installation Global-As-View Local-As-View Using

357 views • 21 slides
Chapter 9: Security Security The security environment Basics of cryptography User

Chapter 9: Security Security The security environment Basics of cryptography User

Chapter 9: Security Security The security environment Basics of cryptography User authentication Attacks from inside the system Attacks from outside the system Protection mechanisms Trusted systems Chapter 9: Security

801 views • 65 slides
Monitoring Cloudflare's planet-scale edge network with Prometheus Matt Bostock @mattbostock

Monitoring Cloudflare's planet-scale edge network with Prometheus Matt Bostock @mattbostock

Monitoring Cloudflare's planet-scale edge network with Prometheus Matt Bostock @mattbostock Platform Operations Prometheus for monitoring Alerting on critical production issues Incident response Post-mortem analysis Metrics, but

819 views • 70 slides

More recommend