Elastic Meetup with ThreatSTOP

ThreatSTOP - 2720 Loker Ave W San Diego San Diego
Wed, Jun 8, 2016, 6:00 PM (PDT)

About this event

Join us for an Elastic meetup on June 8 in the Carlsbad area, we'll have a talk from:  

• ThreatSTOP's Brad Sacks on "Our journey migrating our log analytics application from a SQL database to Elasticsearch - from POC to Prod." 

Food, beverages, and good conversation will be provided! 

------------------------------------------------------------------

We'll discuss: 

POC phase:   

• The first ElasticSearch cluster: 3 Nodes, 16 GB Ram, 8 CPUs, 250GB spinning disks 

• Fun with analyzed strings 

• GC errors 

• Up to 32 GB Ram 

• Testing on AWS with SSDs 

Development phase:

• The new cluster:  8 nodes - 3 masters, 5 data nodes, 64 GB Ram, 8 CPUs, 1TB SSDs 

• Better schema - no analyzed strings 

• Nested path aggregations 

Getting ready for production 

• Hand ringing 

• QA testing 

• Load testing (locust) 

Production! 

• How are we doing? 

• The state of the cluster 

• The performance of the reports Issues we have encountered 

•  Where are we going from here? 

Brad Sacks is a Development Manager for Web and API team at ThreatStop Inc. He has primarily been working on our RESTful API, Next Generation Reporting and Web platform.

Whether you're new to the Elastic Stack or an experienced user, this user group will have good, technical conversations, and offer immediately-usable tactical tips.

We focus on technical tutorials and real world use cases in these meetups. So, please come ready to ask the hard questions and learn how the Elastic Stack can help you and your team! We are on the lookout for speakers, hosts, and community organizers. If you are interested in getting more involved with this user group, please reach out to us at meetups@elastic.co. 

When

Wednesday, Jun 8
6:00 PM - 9:00 PM (PDT)

Where

ThreatSTOP
2720 Loker Ave W San Diego

Partner