When disaster strikes: How to find the information you need when you don't know what to look for? Which logs and traces happened at the same time period to get more context? What was the performance of the underlying infrastructure connected to those logs and traces? As somebody on call to investigate problems, it's important to be efficient when responding to incidents.
In this episode, Tiit Hallas (@Tiit_Hallas), Principal Product Manager at Dynatrace, walks us through some tips and, tricks, and best practices for finding the unknown by breaking data silos for log analysis and incident response with the Dynatrace Security Investigator!
Tiit will show:
- When to use the Security Investigator vs Notebooks and Dashboards
- How to find time-based correlated logs more easily with the new reference timeframe feature
- How to pivot on any log attribute to refocus your investigation up, down, left, and right the stack
- How to get instant access to performance metrics of the infrastructure, the logs, and traces that came from
- And how to easily switch between logs, metrics, and traces without losing context
---------------------------
📖 Chapters 📖
00:00 - Introduction
00:56 - The Known: Dashboards and Notebooks
01:50 - The Unknown: Security Investigating
05:00 - Explore raw log data
05:51 - Three new Feature Overview
06:33 - Timeframe reference
13:29 - Pivotal Analysis
19:27 - Performance Metrics
25:04 - Wrap Up
-----------------------------
🔗 Additional Links
Explore the Security Investigator on our Dynatrace Playground
Read the blog on Metrics Based Investigation
Learn more about IP based Investigation
Check out the blog on Investigation Pivot
-----------------------------
Subscribe to our YT channel
Stay up-to-date with Dynatrace! Follow us on Facebook, Instagram, LinkedIn, Twitter, Twitch
