Versions Compared

Key

  • This line was added.
  • This line was removed.
  • Formatting was changed.

Conflux is a an LMaaS (Log Management as a Service) module offered as part of the Cloudaware platform. Conflux discovers, enhances and aggregates logs from cloud providers , such as AWS, Azure and GCP, GCP, and on-prem. Besides standard log management functionality, such as search and visualization, Conflux provides enhanced capabilities such as security, monitoring, alerting, reporting, anomaly detection and forecasting. Conflux is available via Cloudaware Launcher.

...

Whenever a user creates new objects - for example, AWS Load Balancers, AWS S3 Buckets and AWS RDS Databases - cloud provider requests the user to provide destination logging location, like a bucket or big query BigQuery table. This flexibility is great, but large cloud consumers end up with hundreds of locations for log storage. This often results in fragmented data. 

Traditional vendors, like Splunk and Sumo, rely on customer to configure ''push'' pipelines. However, as the number of cloud services and application components that generate logging data increases, they often have missing or incomplete data. Another key problem with traditional ''push'' approach is that it requires a manual action. See step 1:

...

Auto Discovered Log Sources

Provider

Log

AWS

CloudTrail, VPC Flow Logs, CloudFront; Billing Cost Allocation, DBR and CUR; RDS Logs; S3 Access Logs,

Elb

ELB Access Logs,

Alb

ALB Access Logs, Route53 Logs

Azure

Azure Network Logs, Azure Billing Data

GCP

GCP Billing Data

Google Audit Logs

Operating System

Metrics Beat, File Beat, Winlogbeat

Custom Push Via Syslog

Any custom log file

Custom Pull Via Breeze/LogBeat

Any custom log file

Graph API and Automated Relationship Detection

...

  • Single Metrics - detect anomalies in single time series, e.g. Total Spending By Day 

  • Multi-Metrics - detect anomalies across multiple time series, e.g. CPU

  • Network Traffic by Instance and Population - detect activity that is unusual compared to the behaviour of the population, e.g. console users’ logins.

...

Reliability and Scalability

Conflux is a highly redundant service with data replicated across multiple cloud providers and regions. Customers can request specific datacenter locations such as US Only, EU Only, etc. 

...

Security

Granular Access and Audit Controls

Role-based access and audit controls allow you to control and monitor the actions your Conflux users can take, and what data, tools and dashboards they can access. 

User Authentication

Conflux supports SAML integration for single sign-on (SSO) via SAML v2 compliant identity providers including Okta, PingFederate, Azure AD, ADFS, CA SiteMinder, OneLogin, Centrify, SecureAuth, IdentityNow, Oracle OpenSSO, Google SAML2 provider and Optimal Id. Conflux can also integrate with other authentication systems, such as LDAP, Active Directory and e-Directory. 

Data Encryption In-Transit and At-Rest

Conflux uses industry standard SSL/TLS (Secure Sockets Layer/Transport Layer Security) encryption for data in transit. All forwarders and user sessions are secured in this manner. Electronic messaging is secured by opportunistic TLS encryption on the email gateways.

 Conflux encrypts data at rest using Advanced Encryption Standard (AES) 256-bit encryption.  

Environment Segmentation

Conflux deployments run in a compartmentalized secure environment, and your data exists on virtually dedicated servers to ensure it remains isolated from other customers’ data.

Supported Alert Mechanisms

  • Email

  • Webhook (Generic, PagerdutyPagerDuty, Slack, JIRA, Cloudaware)

  • SNS