Recent Posts by Adam Vanderbush

VP Marketing for Qbox and Supergiant.io. Qbox is a a venture-backed company focusing on search as a service. Foundational cloud Elasticsearch product at Qbox helps users discover insights through data exploration and analytics. 

The penetration testing world is fast moving and persistently demands new ideas, tools and methods for solving problems and breaking things. In recent years many people have gotten used to the idea of using Elasticsearch in the penetration testing workflow, most notably for hacking web applications.  

More and more companies and websites are opening bug bounty programs. If you have new tools in your arsenal that other people don’t use or understand yet, then you could be making a great deal more money from Bug Bounty hunting. This tutorial teaches you how to use new tools with Elasticsearch to give you that competitive edge. 

Keep reading

The team behind Qbox.io and Supergiant.io will join other companies at the ATX Startup Crawl at SXSW to introduce their hosted elasticsearch product and their open-source container orchestration system on March 13 from 5PM - 10PM.

Join us as the Startup Crawl showcases the best in talent, startups, and more that Austin’s technology community has to offer. Last year had more than 90 companies and 12,000+ registered crawlers. This year is going to be just as awesome.

Keep reading

A common use case that comes up when we use any product is how can we get metrics from it? How can we monitor it? Elasticsearch, since its early release, has always provided a way to monitor it using the _cat/stats API. However, for Logstash there wasn’t a way to gather metrics and monitor it until recently. With the release of Logstash 5.0+, Logstash has introduced a set of APIs to monitor Logstash.  In this article we explore the monitoring APIs exposed by Logstash, which includes the Node Info API, the Plugins API, the Node Stats API, and the Hot Threads API. 

Keep reading

When working with thousands of documents, a question that emerges is how to find documents that are similar to a given document or a set of documents. There are often uses cases when one would like to show documents that are similar to the document that the user is viewing, or is interested in. Elasticsearch has a query feature called “More Like This Query”, also known as the MLT Query, that tackles these cases.

Keep reading

We all know that Elasticsearch is a powerful search engine that comes with a lot of additional plugins to meet most of the requirements. Suppose you have a special requirement to work with Elasticsearch that is not provided by any of the plugins available in the market. Don’t worry. Elasticsearch provides many custom plugin classes that can be extended and helps you create your own plugin to serve those purposes.

In this article we explain how to write a custom plugin for Elasticsearch.

Keep reading

You probably found this article by searching if you can secure your Elasticsearch cluster by providing some sort of authentication mechanism. You might have come across many options like Shield, or some of the open-source authentication plug-ins available in Qbox, but you decided that you want to have some fun by creating your own plugin for authenticating the REST requests coming to Elasticsearch. 

In this tutorial we explain how you can plug-in basic authentication into Elasticsearch. This article is based on the APIs available in Elasticsearch 2.3.x.

Keep reading

In production environments, network security is ineluctable. When elasticsearch is deployed, there are many ways to secure the environment. You can use Ngnix, commercial products like Shield, open source products, or easily selectable plugins via Qbox. However, you can also create your own security plugins and have more control over security. This article is intended to give readers a running start on how to write their own in-house security plugin.

Keep reading

How do you easily integrate Elasticsearch to your application? Elasticsearch gives us two ways, REST APIs and Native clients.

Which is the better solution? Like everything, there are pros and cons to both. For the REST APIs provided by Elasticsearch, you have to use third party libraries like JAX-RS to carry out the interaction. Although native clients are an easy option that come in many languages like Java, Python, Ruby, problems occur whenever there is a major version upgrade of Elasticsearch. You have to upgrade your native client, and many deem this as an unnecessary maintenance effort.

Keep reading

“ChatOps” has recently become a buzzword in places that are aiming for continuous delivery. It is based on chat clients like Slack and Hipchat and is plugged in with chatbots for real-time communication and task execution among members of development and IT operations teams.

Chat has become an integral part of the “better” delivery models. With huge amounts of data flowing within the system, wouldn’t it be nice if we could put it into an analysis tool and churn out some results that might improve the business?

In this article, we explore how to integrate Slack with Elasticsearch and perform basic data analyses for examples.

Keep reading

Having the ability to deploy Elasticsearch, Logstash and Kibana (ELK) from a single command is a wonderous thing. Together, in this post, we shall build the Ansible playbook to do just that.

There are some prerequisites. This Ansible playbook is made for Ubuntu Server and executed on Ubuntu Server 16.04. A basic system of 2 CPU cores and 4GB of RAM will be enough. The specs of the machine are entirely up to the situation and the volume of data.

This blog post is an alternative to using the ELK stack on Qbox. To easily deploy and run your own ELK setup on Qbox, simply sign up or launch your cluster here, and refer to the tutorial "Provisioning a Qbox Elasticsearch Cluster."

Keep reading