2
ExtraHop can provide a wealth of real-time wire data for use in the Elasticsearch ELK stack—comprised of Elasticsearch, Logstash, and Kibana—enabling IT organizations to derive even deeper and more meaningful IT and business insights. “The wire data that ExtraHop’s Open Data Stream can send to the ELK stack will allow businesses to combine it with other machine and human- generated operational data, helping them gain a complete picture of their business so they can draw faster, more comprehensive insights.” – Steven Schuurman, Elasticsearch, CEO Unleash the Potential of Your Wire Data with a Powerful Analytics Combination THE EXTRAHOP PLATFORM EQUIPS ALL TEAMS WITH REAL-TIME WIRE DATA Every day, your organization produces an incredible amount of communications on the wire—every transaction and message passing over the network between devices, applications, and users. What if you could mine these communications for real-time IT and business insights? The ExtraHop wire data analytics platform transforms raw packet data into structured wire data at an unprecedented rate of 40 Gbps. This enables you to explore and correlate a wealth of events and metrics, such as: JOINT SOLUTION HIGHLIGHTS Send precise wire data events and metrics to Elasticsearch for multidimensional analysis Take advantage of unmatched flexibility to build a solution to meet your particular requirements Cost-effectively scale out your search and analytics solution with the most scalable wire data analytics platform and Elasticsearch MACHINE DATA Application servers Routers, switches, proxies System resource utilization Firewall and IDS Others OPEN DATA STREAM Wire data, all L2-L7 communications With ExtraHop’s Open Data Stream capability, you can also send precise, policy-driven events and metrics to Elasticsearch for post-hoc multidimensional analysis and correlation with other data sets. Transaction and payload data Database and storage transaction details, such as process time for individual stored procedures Web services and APIs Cross-tier correlation metrics Network performance and correlation COMBINE WIRE DATA WITH OTHER DATA SETS FOR RICHER INSIGHTS Thousands of organizations worldwide choose Elasticsearch as a scalable open-source search and analytics engine because of its flexibility and cost-effectiveness. Elasticsearch, combined with Logstash and Kibana, delivers a complete machine data analytics solution. Wire data provides an objective, outside-looking-in view into availability, performance, and security that you cannot get with logs or other instrumentation of the host. By combining wire data, machine data, and other data sets, you can more effectively accomplish a variety of tasks, including: Application development and management Security forensics and detection Business analytics Troubleshooting and root cause analysis Performance benchmarking and optimization +

ExtraHop and Elasticsearch datasheet

Embed Size (px)

Citation preview

Page 1: ExtraHop and Elasticsearch datasheet

ExtraHop can provide a wealth of real-time wire data for use in the Elasticsearch ELK stack—comprised of Elasticsearch, Logstash, and Kibana—enabling IT organizations to derive even deeper and more meaningful IT and business insights.

“The wire data that ExtraHop’s Open Data Stream can send to the ELK stack will allow businesses to combine it with other machine and human-generated operational data, helping them gain a complete picture of their business so they can draw faster, more comprehensive insights.”

– Steven Schuurman, Elasticsearch, CEO

Unleash the Potential of Your Wire Data with a Powerful Analytics Combination

THE EXTRAHOP PLATFORM EQUIPS ALL TEAMS WITH REAL-TIME WIRE DATAEvery day, your organization produces an incredible amount of communications on the wire—every transaction and message passing over the network between devices, applications, and users. What if you could mine these communications for real-time IT and business insights?

The ExtraHop wire data analytics platform transforms raw packet data into structured wire data at an unprecedented rate of 40 Gbps. This enables you to explore and correlate a wealth of events and metrics, such as:

JOINT SOLUTION HIGHLIGHTS• Send precise wire data

events and metrics to Elasticsearch for multidimensional analysis

• Take advantage of unmatched flexibility to build a solution to meet your particular requirements

• Cost-effectively scale out your search and analytics solution with the most scalable wire data analytics platform and Elasticsearch

MACHINE DATA• Application servers• Routers, switches, proxies• System resource utilization• Firewall and IDS• Others

OPEN DATA STREAM

Wire data, all L2-L7 communications

With ExtraHop’s Open Data Stream capability, you can also send precise, policy-driven events and metrics to Elasticsearch for post-hoc multidimensional analysis and correlation with other data sets.

• Transaction and payload data

• Database and storage transaction details, such as process time for individual stored procedures

• Web services and APIs

• Cross-tier correlation metrics

• Network performance and correlation

COMBINE WIRE DATA WITH OTHER DATA SETS FOR RICHER INSIGHTSThousands of organizations worldwide choose Elasticsearch as a scalable open-source search and analytics engine because of its flexibility and cost-effectiveness. Elasticsearch, combined with Logstash and Kibana, delivers a complete machine data analytics solution.

Wire data provides an objective, outside-looking-in view into availability, performance, and security that you cannot get with logs or other instrumentation of the host. By combining wire data, machine data, and other data sets, you can more effectively accomplish a variety of tasks, including:

• Application development and management

• Security forensics and detection

• Business analytics

• Troubleshooting and root cause analysis

• Performance benchmarking and optimization

+

Page 2: ExtraHop and Elasticsearch datasheet

WHAT IS WIRE DATA?Wire data is all application communications on the wire, or L2-L7 communications including full bi-directional transactional payloads. It represents a rich but untapped source of visibility for most IT organizations.

READ MORE BY DOWNLOADING THE WHITE PAPER, Designing and Building an Open IT Operations Analytics (ITOA) Architecture

ABOUT EXTRAHOP NETWORKSExtraHop is the global leader in real-time wire data analytics. The ExtraHop platform analyzes all L2-L7 communications, including full bidirectional transactional payloads. This provides the correlated, cross-tier visibility essential for today’s complex and dynamic IT environments. The ExtraHop platform scales up to 40 Gbps and deploys without agents in 15 minutes.

ABOUT ELASTICSEARCH, INCFounded in 2012 by the people behind the Elasticsearch and Apache Lucene open source projects, Elasticsearch, Inc. is on a mission to make massive amounts of data usable for businesses by delivering the world’s most advanced search and analytics engine. With a laser focus on scalability and ease of use, the Elasticsearch ELK stack—comprised of Elasticsearch, Logstash, and Kibana—has been adopted by thousands of enterprises worldwide for a range of real-time search, log analysis and analytics use cases.

http://www.extrahop.com/open-itoa/

ExtraHop UI Wire data in ELK

BENEFITS OF COMBINING EXTRAHOP WITH ELASTICSEARCH• Flexibility – IT organizations that use ExtraHop and Elasticsearch love both platforms for the ease

with which they can customize and program those solutions. If you need to solve a problem, you will be able to get it done with ExtraHop and Elasticsearch.

• Unprecedented Scalability – Both ExtraHop and Elasticsearch offer unparalleled scalability so that your organization can reap the full benefits of search and analytics. The ExtraHop platform offers continuous analysis of up to a sustained 40 Gbps, or the equivalent of 1.3 million HTTP transactions per second, with bulk decryption at line rate.

• Cost-Effectiveness – The combined solution of ExtraHop and the ELK stack frees you from worries about scaling your search and analytics deployment. Due to ExtraHop’s server-based licensing model, there are no limits on the amount of wire data you can store and index besides provisioning infrastructure.

• Data Freedom – The data is yours; you should consume it in the manner that is most effective for your organization. Your data should not remain locked in a single data store. That’s why ExtraHop offers the Open Data Stream capability, which enables you to send your real-time wire data to the data store of your choice, including industry-leading open-source solutions such as Elasticsearch.

TRY EXTRAHOP FREEDownload the ExtraHop Discovery Edition, a free-forever virtual appliance that lets you start exploring what is possible with wire data analytics.

www.extrahop.com/discovery


CRITERIA TO TEST FOR IN A POC - ExtraHop

CRITERIA TO TEST FOR IN A POC - ExtraHop

Documents
Elasticsearch & Docker

Elasticsearch & Docker

Documents
Trigger API Reference - Extrahop Networks · ExtraHop 7.1 Trigger API Reference 3 Contents Overview 6 ExtraHop data types 7 Global functions 8 General purpose ... to syslog consumers

Trigger API Reference - Extrahop Networks · ExtraHop 7.1 Trigger API Reference 3 Contents Overview 6 ExtraHop data types 7 Global functions 8 General purpose ... to syslog consumers

Documents
ElasticSearch Basics

ElasticSearch Basics

Technology
Insecure Protocol Usage - ExtraHop

Insecure Protocol Usage - ExtraHop

Documents
Elasticsearch and Spark

Elasticsearch and Spark

Data & Analytics
Dell EMC Search · above Elasticsearch. Elasticsearch cluster ports NGINX TCP/ HTTPS 9300– 9400 Ports for communicating with Elasticsearch (Index data nodes). Elasticsearch cluster

Dell EMC Search · above Elasticsearch. Elasticsearch cluster ports NGINX TCP/ HTTPS 9300– 9400 Ports for communicating with Elasticsearch (Index data nodes). Elasticsearch cluster

Documents
ExtraHop IT Operational Intelligence White Paper · The ExtraHop IT Operational Intelligence Platform: How It Works and Real-World Results Table of Contents Introduction !! ! ! !

ExtraHop IT Operational Intelligence White Paper · The ExtraHop IT Operational Intelligence Platform: How It Works and Real-World Results Table of Contents Introduction !! ! ! !

Documents
Admin UI Guide - Extrahop Networks · 2020-07-23 · ExtraHop 7.9 Admin UI Guide 3 Contents Introduction to the ExtraHop Admin UI 8 Supported browsers 8 Status and Diagnostics 9 Health

Admin UI Guide - Extrahop Networks · 2020-07-23 · ExtraHop 7.9 Admin UI Guide 3 Contents Introduction to the ExtraHop Admin UI 8 Supported browsers 8 Status and Diagnostics 9 Health

Documents
ELASTICSEARCH INTRODUCTION › content › download › 6739 › 115193 › file...ELASTICSEARCH INTRODUCTION Zagreb, 27.03.2015. Kristijan Duvnjak & Mladen Maravi ć Elasticsearch

ELASTICSEARCH INTRODUCTION › content › download › 6739 › 115193 › file...ELASTICSEARCH INTRODUCTION Zagreb, 27.03.2015. Kristijan Duvnjak & Mladen Maravi ć Elasticsearch

Documents
ExtraHop Reveal(x) vs. Cisco Stealthwatch...ExtraHop Reveal(x) vs. Cisco Stealthwatch NetFlow Is Not Enough ExtraHop Reveal(x) and Cisco Stealthwatch both use the network as a data

ExtraHop Reveal(x) vs. Cisco Stealthwatch...ExtraHop Reveal(x) vs. Cisco Stealthwatch NetFlow Is Not Enough ExtraHop Reveal(x) and Cisco Stealthwatch both use the network as a data

Documents
Elasticsearch 101

Elasticsearch 101

Software
Elasticsearch: Accelerating the Django Admin · Elasticsearch Service elastic cloud Elasticsearch Reference + + + + + + + Elasticsearch Reference: 6.4 (current) Getting Started Set

Elasticsearch: Accelerating the Django Admin · Elasticsearch Service elastic cloud Elasticsearch Reference + + + + + + + Elasticsearch Reference: 6.4 (current) Getting Started Set

Documents
Elasticsearch Py

Elasticsearch Py

Documents
Meetup ElasticSearch : « Booster votre Magento avec Elasticsearch »

Meetup ElasticSearch : « Booster votre Magento avec Elasticsearch »

Engineering
Elasticsearch Workshop

Elasticsearch Workshop

Data & Analytics
Installing the ExtraHop Discovery Edition HyperV

Installing the ExtraHop Discovery Edition HyperV

Documents
Elasticsearch Intro

Elasticsearch Intro

Technology
Elasticsearch Terminology

Elasticsearch Terminology

Technology
Elasticsearch - nosqlroadshow.comnosqlroadshow.com/.../elasticsearch_Alexander_Reelsen.pdf · Elasticsearch - The Company • Founded in 2012 • By the people behind the Elasticsearch

Elasticsearch - nosqlroadshow.comnosqlroadshow.com/.../elasticsearch_Alexander_Reelsen.pdf · Elasticsearch - The Company • Founded in 2012 • By the people behind the Elasticsearch

Documents
ExtraHop Trace Admin UI Guide...ExtraHop 8.1 ExtraHop Trace Admin UI Guide 3 Contents Introduction to the ExtraHop Trace Admin UI 6 Supported browsers 6 Status and Diagnostics 7 Health

ExtraHop Trace Admin UI Guide...ExtraHop 8.1 ExtraHop Trace Admin UI Guide 3 Contents Introduction to the ExtraHop Trace Admin UI 6 Supported browsers 6 Status and Diagnostics 7 Health

Documents
2020 THREAT HUNTING REPORT - ExtraHop

2020 THREAT HUNTING REPORT - ExtraHop

Documents
ExtraHop Reveal(x)

ExtraHop Reveal(x)

Documents
ElasticSearch 5.x - New Tricks - 2017-02-08 - Elasticsearch Meetup

ElasticSearch 5.x - New Tricks - 2017-02-08 - Elasticsearch Meetup

Data & Analytics
elasticsearch introduction

elasticsearch introduction

Documents
Elasticsearch Aggregations

Elasticsearch Aggregations

Software
Analyzing Malicious Behavior Effectively with ExtraHop

Analyzing Malicious Behavior Effectively with ExtraHop

Documents
ExtraHop Discover Sensors Datasheet nopacket

ExtraHop Discover Sensors Datasheet nopacket

Documents
The ExtraHop Stream Analytics Platform · enabling data integration with complementary technologies supports open ... Which of the following technologies does your ... The ExtraHop

The ExtraHop Stream Analytics Platform · enabling data integration with complementary technologies supports open ... Which of the following technologies does your ... The ExtraHop

Documents
Elasticsearch Documentation

Elasticsearch Documentation

Documents