Loggly alternative for centralized logs

I'm looking for an alternative to loggly. I have various .NET applications deployed across multiple locations, and I need them to send their logs back to a central server.

I've been experimenting with loggly and I’m already at the limit of their free plan, even in the testing phase. I was thinking about splunk since they offer the most similar feature set to Loggly, but it comes with significant limitations on data ingestion, especially in the Splunk Light version.

Does anyone have any recommendations? :)

https://redd.it/1ery93u
@r_devops

I started challenging our junior devs to provide feedback or ask at least one question while reviewing a PR. Thoughts?

Our JR devs are allowed to approve PRs (not my choice), and it's usually just a rubber stamp as they're nervous to call out a more senior member.

I requested they try to add something to the PR in terms of feedback just to help them get their feet wet and more comfortable.



https://redd.it/1es2ykc
@r_devops

We're reviewing a few CI/CD tools for our company and I'm curious about your experience with a couple.

Namely it looks like management is whittling it down to Travis CI or GitHub Actions. I've heard that Github Actions requires a lot more coding than Travis (this is a lot more important to me than the bean counters lol). If that's the case it sounds like there's a big argument there in terms of efficiency that may not be so easily quantified to various decision makers. Anyone?

https://redd.it/1es4h0a
@r_devops

Standard vs Express Step function

I don’t quite understand what do they mean by exactly once and atleas -once model respectively.If we can use a for loop and retry in standard workflow how is that exactly once then?!

https://redd.it/1es5brj
@r_devops

In your resume, do you put a lot of keywordd to pass CV screening or avoid it?

Hello!

In your resume, in order to pass the CV screening phase, often done by HR or even automatic tool, do you put a lot of technologies keywords? (Like list all the tech you work on only if it was for a low amount of time)

Or you avoid it in order to pass the hiring manager CV screening?

What is the good balance?

https://redd.it/1es72ff
@r_devops

How to prevent data exfiltration

Hi everyone,

I’d like to get your opinions on implementing a data exfiltration prevention system.

For context, we have a partner who provides us with data and requires controls to prevent data exfiltration through personal email accounts, saving to local drives, copying, remote printing, etc.

We currently have SIEM, antivirus, and threat detection in place on both workstations and servers. Server access is restricted to authorized personnel only, requires VPN and approval for each connection, with sessions limited to 8 hours and fully logged. We also have DLP enabled in Microsoft Office. We are SOC2 Type 2 certified.

Support handles level 1 and 2 issues with limited access to client data via browsers. Level 3 support is managed by developers, and unfortunately, there are too many of them, but that's something we can’t address.

The partner wants us to extend these measures to our clients, which is impossible since we are a B2C company. However, they criticize us for only having detection methods and no prevention measures.

This is where we’re stuck—how can we implement a system that actively blocks data exfiltration? I see the potential of using a proxy to filter all web traffic, but that would significantly slow down development, which is challenging for a tech firm like ours.

What solutions do you use?

https://redd.it/1es70z4
@r_devops

Notebook-Native CI/CD: Dagger for Runme

Have you tried Dagger yet? If the answer is yes, have you built pipelines in a notebook yet? Crazy idea?


Learn about it here: https://runme.dev/blog/dagger-for-runme

https://redd.it/1es7taw
@r_devops

Exploring the Recent Microsoft AI Health Bot Vulnerability: What DevOps Teams Should Know

Recently, a vulnerability was discovered in the Microsoft AI Health Bot, raising important questions for DevOps professionals working in the healthcare sector. As we navigate an era where AI integration in health care is becoming increasingly prevalent, understanding the implications of such vulnerabilities is critical. How should DevOps teams approach security when deploying AI solutions? What best practices can be implemented to safeguard sensitive information? Let’s discuss the lessons learned from this incident and share strategies to enhance our security posture in artificial intelligence applications. Have you faced similar challenges in your projects? What measures did you take?
https://7med.co.uk/microsoft-ai-health-bot-vulnerability-patched/

https://redd.it/1esb8jo
@r_devops

Need to create a main branch under repo using API (power Automate)

Hi Guys, We are automating a process to create project, repos, main branch and sub branch using power Automate http connect or. I am able to create project and repo in an hierarchy. But I am struggling to create a main branch using the rest API. Please help me on this. Thanks 🙏

https://redd.it/1esd55o
@r_devops

Env vars

Hey all

Curious how you handle your env vars within a deployment?
We have GitHub builder our docker containers for kubernetetes and on every build adds the env vars to a .env file
I find this approach terrible as if a dev forgets to add a new variable in the pipeline file the build fails.

Wondered if you guys are doing it a cleaner way?


https://redd.it/1esddux
@r_devops

What's your strategy for learning tech at your organization?

When it seems like it's endless?

Do you tend to be a master of a few trades or a jack of all trades? How deep does your knowledge typically spread?

https://redd.it/1esfcah
@r_devops

Launch.json config for listening to a containerized app not working

I have a straightforward setup and I see Debugger listening on ws://127.0.0.1:5555, but when I try to listen to the debugger port, VS Code hangs and doesn't output any error message. Why would it work on Linux, but not on Windows, and what are the fixes?

{

"version": "0.2.0",

"configurations": [

{

"type": "node",

"request": "attach",

"name": "Attach to Docker Container",

"address": "localhost",

"port": 5555,

"localRoot": "${workspaceFolder}",

"remoteRoot": "/usr/src/app"

}

]

}




It looks something like this, and I was wondering what I can do to debug and find out why it's not working. I am using ts-node-dev.

https://redd.it/1escqf3
@r_devops

Would Sherlock use traces or metrics to debug your application?

https://jaywhy13.hashnode.dev/would-sherlock-use-traces-or-metrics-to-debug-your-application

Looking for some thoughts and oppositions on the superiority of traces for debugging applications.

https://redd.it/1esi84f
@r_devops

Exploring the 12-Factor App Methodology: A Blueprint for Building Scalable and Resilient Cloud-Native Applications

Hey everyone,

I wanted to share a comprehensive blog post I just published about the **12-Factor App methodology**—a set of best practices designed to help developers build scalable, maintainable, and resilient cloud-native applications.

If you're working with **DevOps**, **microservices**, or building applications that need to thrive in **cloud environments**, understanding and applying these 12 factors can be a game-changer. In the post, I dive deep into each principle, explaining how they contribute to building modern, robust applications. I've also included book recommendations for each factor to help you explore these concepts further.

**What you’ll find in the blog:**

* An overview of all 12 factors, from codebase management to treating logs as event streams
* Practical insights on how to implement these principles in your projects
* Book recommendations to deepen your understanding of each factor

If you're interested in improving your application development practices, I think you'll find this post valuable.

🔗 \[[Check out the blog here](https://medium.com/@srivatssan/the-12-factor-app-methodology-a-blueprint-for-modern-cloud-native-applications-c1aea2984bde?sk=e2e214a30f30be4dfe7495b5fc27c80a)\]

I'd love to hear your thoughts and any experiences you've had implementing the 12-Factor App principles in your work!

https://redd.it/1esjnro
@r_devops

Any certifications that goes around Python?

Got laid off last week (Cisco) and trying to brush up my skillsets and started Python training.
I can test my coding skills on local, but are there any certifications that are worth industry considers it currently out there that helps me to secure jobs?

https://redd.it/1esak6x
@r_devops

Advice about Staff Role

I recently got promoted to Staff Engineer and I'm trying to find my footing. I've been leading Observability at my company for a few years. I've done trainings, worked on tooling improvements and we've now aligned my ideas with our business goals, and I'm working on a proper roadmap. I'm confused about the shape of my role based on my interests.

I like the intersection of SRE/DevOps/Platform and how teams are using tooling. As an example, I'm not stimulated by the idea of migrating our company off DataDog to OpenTelemetry so we can use other vendors. I'm much more excited about working with teams to leverage OpenTelemetry and other abstractions in ways that make our system much easier to debug. As a concrete example, I worked on an approach where we collect a lot more telemetry and automatically attach it to spans/traces in DataDog. Possibly I could get excited about it.. but not sure yet. I'm also passionate about education, so I love doing presentations and sourcing folks to increase engineer competency with our tools. I'm also pretty passionate about architecture and love building things. I also love to feel the pain of the Observability tool and would love to continue building apps that utilize them.

What does that make me? I've gotten a couple of suggestions:

Office of the CTO - detach myself from a team and report directly into the CTO
Staff Platform Engineer - become a Staff Engineer on the Platform side. I'm not sure what the usual expectation is with this though. I'm not a fan of going all the way and writing TerraForm and such for the rest of my days.
Staff Observability Engineer - I've seen a couple posts like this but these all seem to require deep knowledge of Prometheus and other tools in that space, which feels more SRE/DevOpsy to me.
Staff Engineer within a team - this is my current state, which I dislike because it doesn't give me enough time to focus on Observability.

I'd love to get some feedback from others who have navigated this journey, made strides, have thoughts, ideas, anything! Thanks in advance!

https://redd.it/1esi310
@r_devops

How do you avoid being the Brent of your organisation?

Without losing status of being a good engineer

https://redd.it/1esm9st
@r_devops

Is writing CI(/CD) tool agnostic pipelines the way to go in 2024?

Wouldn't it make most sense to create pipelines that only call scripts that you could run on any system or container, independent of what tools you use?

How do you guys do it?



Right now we're using Jenkins for CI.

Yep, just because we're stuck using Bitbucket.

To make pipeline creation easier, we're putting every little shit into Jenkins Libraries to call an insane amount of Groovy functions to "simplify" pipeline creation and management.
1. Main Pipeline calls the library function that contains the actual pipeline with its stages (in the worst case we're adding 50+ line long map full of parameters to the function call - with stuff like 'what stages to run', 'what registry to push to', etc.).
2. For every stage, the pipeline calls new functions for each task, using the map from the function call at the beginning for their settings.
3. These task functions now call Jenkins pipeline steps (the actual stuff that does things, like Shell, Maven, Docker Builds, etc.) - yet these goddamn task functions are Jenkins pipeline steps themselves too.

We did it, because:
a) - changing 200 Jenkinsfiles distributet between 70 repos became a pain in the ass to manage. Much fun having to change ONE function in any of them.
b) - our devs should be able to use and create pipelines without our input.
c) - to streamline the setup and structure of our repos.

It's not as bad as it seems. Mostly since I actually document that stuff.
But the size it's reached is immense and we're slowly drifting into a "there's no way out" situation with Jenkins.

Working on this feels somewhat wrong now.






https://redd.it/1esohl7
@r_devops

What advanced practices ensure efficient CI/CD pipeline implementation in complex, multi-cloud environments?

Which cutting-edge tools and methods optimize container orchestration and scaling in large Kubernetes clusters?

https://redd.it/1esr8z2
@r_devops

PowerPoint/SlideShare

Anyone have a link to their favorite trunk based development slide deck or presentation? I’m looking for one that depicts short lived feature branching, policy enforcement, etc.

https://redd.it/1estrgo
@r_devops

Salaries in the Netherlands

Hey fellow engineers, I have been looking into salaries range for devops engineer position in the Netherlands and found they are from 43.400 EUR and 71.100 EUR per year. I would like to see whether it is accurate from your experience.

I have been working as a contractor for the small Dutch firm for some time and lately I have been thinking about moving to the country, but I am not sure, for instance, that 43.400 EUR is a competitive salary for our specialty and if it is going to cover the costs, to be honest. Also, not sure if that’s gross or net amount.

So, basically, I would like to hear from your side what is an actual average salary and how competitive is the market now if, for instance, my employer would not be able to match the average or close-to-average.

https://redd.it/1esur7a
@r_devops