Security Monitoring

The security monitoring solution using InfluxDB provides real-time monitoring, correlation, and expert analysis of activity in your environment, detecting and alerting on valid threats to your data and devices.

Get Started Now

What is security event monitoring?

Security event monitoring provides real-time monitoring, correlation and expert analysis of activity in your environment, detecting and alerting on valid threats to your data and devices.

Why InfluxDB for security event monitoring?

Security monitoring is complex. Successful implementation of a security monitoring infrastructure involves people, process, technology, and data. Such monitoring requires multiple iterative phases to reach maturity. The data component comes from consuming log files from every possible asset, be it an application, database, virtual machine, operating system, server, network component, storage, even intelligent power strips. Log data from these assets will help with the following:

  • Identifying security incidents
  • Monitoring policy violations
  • Establishing baselines
  • Assisting non-repudiation controls
  • Providing information about problems and unusual conditions
  • Contributing additional application-specific data for incident investigation which is lacking in other log sources
  • Helping defend against vulnerability identification and exploitation through attack detection

But log data on its own is not an efficient way of finding the anomalies and therefore, this data should be collected and organized in a collection of time series. This data set provides a way to correlate time series events that enable incident detection, response, remediation and forensics workflows to be timely and successful.

The functional architecture of the InfluxData security monitoring platform

Reference-Architecture-Detail-Security-Monitoring-InfluxData

“When information is gathered from a large number of devices out at the edge, ensuring that data is reliable and trustworthy can be challenging. Ockam provides open source tools and libraries that make it easy to establish and maintain mutually authenticated secure channels between fleets of globally distributed devices and InfluxDB."
Mrinal Wadhwa, CTO, Ockam

Featured customers:

Ockam enables developers to establish an architecture for trust within their applications. The Ockam SDK makes it simple to interconnect secure hardware with software services to facilitate trustful exchange of information within connected systems.

Learn more

Aporeto is a Kubernetes network plugin that enforces the security policies specified by Kubernetes NetworkPolicy resources in a scalable way. It goes further to extend and strengthen the security of Kubernetes workloads with automatically generated trusted identities for workloads.

Learn more

Get InfluxDB
InfluxDB Templates
InfluxDB Integrations
Free InfluxDB training

Videos

Trust and the Internet of Things

Security Monitoring in the Time Series Domain

Building Value With InfluxDB Cloud