Welcome!

Microservices Expo Authors: Pat Romanski, Liz McMillan, Elizabeth White, Yeshim Deniz, Zakia Bouachraoui

Related Topics: Microservices Expo, Java IoT, Mobile IoT, Agile Computing, @CloudExpo, @DXWorldExpo

Microservices Expo: Blog Feed Post

Custom API Analytics with Expressway and Splunk

Data analytics solutions seem as varied as the data they analyze

Splunk – An Ancillary Source of API Analytics
Data analytics solutions seem as varied as the data they analyze. However, Expressway users have found tremendous success extending it’s built in API Analytics capabilities with those of Splunk’s – a recognized 2013 Gartner Magic Quadrant Leader for Security Information and Event Management. Intel distributes a free Splunk Application that ingests Expressway’s transactional logs. The application provides in depth dashboards and metrics of message transactions & system utilization. Recently, one of my customers wanted an alternate way to integrate Splunk with Expressway that:

  1. Goes beyond transactional context Expressway Service Gateway’s (ESG) transactional logs provide.
  2. Sends data directly to Splunk from ESG Applications – instead of Splunk ingesting ESG logs.
  3. Does 1 and 2 with negligible overhead.

Coupling Splunk’s ability to ingest “any data from any source” with ESG’s integration capabilities and Intel optimized performance, this was snap.

Integration of ESG and Splunk

ESG_Splunk_Invoke

Splunk offers several options for data input, including files & directories, TCP, UDP, and scripts. ESG’s flexible interfaces easily accommodate a TCP connection (right) to Splunk.

ESG paramaratizes all aspects of an incoming request, both content and context. For API requests this includes:

  • HTTP headers
  • HTTP method
  • HTTP URI segments
  • request size
  • response size
  • response code
  • query parameters
  • inbound IP address
  • processing time
  • specific message content
  • transaction time
  • … any other data …

Sending this data directly to Splunk allows it to generate real-time metrics of ESG’s API utilization.

Customized & Enriched Information
Even a small amount of Expressway data allows Splunk to yield instant yet thorough API analytics.

API Analytics Splunk Dashboards

Splunk’s true value to Expressway users (API providers) come from its ability to easily generate secondary (tertiary, etc.) API analytics. For example, say transactions have a HTTP header whose values represent a unique application identifier. Now statistics (calls per operation, processing time per operation, etc.) can be further delineated by application.

Calls_by_Operation_per_Applicaiton Processing_Time_by_Operation_Per_Application

Analytical permutations become a function of the amount of data sent from Expressway. Splunk’s custom application management does the rest!

Summary
Expresway Service Gateway
– API security, high speed policy enforcement, data format & protocol mediation, with applicability across several industry verticals. Now seamless integration with Splunk, capable of proving in-depth transactional analytics – especially around API utilization. Be sure to keep an eye out in Splunk Apps for an Expressway API Analytics application – coming soon!

The post Custom API Analytics with Expressway and Splunk appeared first on Application Security.

Read the original blog entry...

More Stories By Application Security

This blog references our expert posts on application and web services security.

Microservices Articles
Lori MacVittie is a subject matter expert on emerging technology responsible for outbound evangelism across F5's entire product suite. MacVittie has extensive development and technical architecture experience in both high-tech and enterprise organizations, in addition to network and systems administration expertise. Prior to joining F5, MacVittie was an award-winning technology editor at Network Computing Magazine where she evaluated and tested application-focused technologies including app secu...
Using new techniques of information modeling, indexing, and processing, new cloud-based systems can support cloud-based workloads previously not possible for high-throughput insurance, banking, and case-based applications. In his session at 18th Cloud Expo, John Newton, CTO, Founder and Chairman of Alfresco, described how to scale cloud-based content management repositories to store, manage, and retrieve billions of documents and related information with fast and linear scalability. He addresse...
Adding public cloud resources to an existing application can be a daunting process. The tools that you currently use to manage the software and hardware outside the cloud aren’t always the best tools to efficiently grow into the cloud. All of the major configuration management tools have cloud orchestration plugins that can be leveraged, but there are also cloud-native tools that can dramatically improve the efficiency of managing your application lifecycle. In his session at 18th Cloud Expo, ...
The now mainstream platform changes stemming from the first Internet boom brought many changes but didn’t really change the basic relationship between servers and the applications running on them. In fact, that was sort of the point. In his session at 18th Cloud Expo, Gordon Haff, senior cloud strategy marketing and evangelism manager at Red Hat, will discuss how today’s workloads require a new model and a new platform for development and execution. The platform must handle a wide range of rec...
Containers and Kubernetes allow for code portability across on-premise VMs, bare metal, or multiple cloud provider environments. Yet, despite this portability promise, developers may include configuration and application definitions that constrain or even eliminate application portability. In this session we'll describe best practices for "configuration as code" in a Kubernetes environment. We will demonstrate how a properly constructed containerized app can be deployed to both Amazon and Azure ...
SYS-CON Events announced today that DatacenterDynamics has been named “Media Sponsor” of SYS-CON's 18th International Cloud Expo, which will take place on June 7–9, 2016, at the Javits Center in New York City, NY. DatacenterDynamics is a brand of DCD Group, a global B2B media and publishing company that develops products to help senior professionals in the world's most ICT dependent organizations make risk-based infrastructure and capacity decisions.
Discussions of cloud computing have evolved in recent years from a focus on specific types of cloud, to a world of hybrid cloud, and to a world dominated by the APIs that make today's multi-cloud environments and hybrid clouds possible. In this Power Panel at 17th Cloud Expo, moderated by Conference Chair Roger Strukhoff, panelists addressed the importance of customers being able to use the specific technologies they need, through environments and ecosystems that expose their APIs to make true ...
In his keynote at 19th Cloud Expo, Sheng Liang, co-founder and CEO of Rancher Labs, discussed the technological advances and new business opportunities created by the rapid adoption of containers. With the success of Amazon Web Services (AWS) and various open source technologies used to build private clouds, cloud computing has become an essential component of IT strategy. However, users continue to face challenges in implementing clouds, as older technologies evolve and newer ones like Docker c...
CloudEXPO New York 2018, colocated with DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City and will bring together Cloud Computing, FinTech and Blockchain, Digital Transformation, Big Data, Internet of Things, DevOps, AI, Machine Learning and WebRTC to one location.
DevOpsSummit New York 2018, colocated with CloudEXPO | DXWorldEXPO New York 2018 will be held November 11-13, 2018, in New York City. Digital Transformation (DX) is a major focus with the introduction of DXWorldEXPO within the program. Successful transformation requires a laser focus on being data-driven and on using all the tools available that enable transformation if they plan to survive over the long term.