赞助商： ChaosSearch-在 Databricks 中本地扩展日志分析和威胁追踪.pdf

1、2024 Databricks Inc.All rights reservedEXPANDING LOG EXPANDING LOG ANALYTICS AND ANALYTICS AND THREAT HUNTING THREAT HUNTING NATIVELY IN NATIVELY IN DATABRICKSDATABRICKSEd Walsh,ChaosSearch CEOEd Walsh,ChaosSearch CEO6/12/20246/12/202412024 Databricks Inc.All rights reserved2024 Databricks Inc.All r

2、ights reservedIn an AI-enabled world,a centralized data foundation is key for business successThe lakehouse has emerged as the core data architectureandthe Databricks Data Intelligence Platform is built on a lakehouse architectureCentralize data on the data lake with unified catalog and governance(U

3、nity)Standardize open data format(Delta Lake)and query engine(Apache Spark)Support multiple data sources and use cases,with AI focus via superior data engineering,data science experienceTHE LAKEHOUSE IS THE FOUNDATIONAL AI DATA ARCHITECTURETHE LAKEHOUSE IS THE FOUNDATIONAL AI DATA ARCHITECTUREBusine

4、ss IntelligenceOrchestrationData WarehousingAI andData ScienceDataIntelligence EngineUnified GovernanceUnified DataOpen Data LakeETL&Real-Time Analytics2 22024 Databricks Inc.All rights reserved2024 Databricks Inc.All rights reserved3ChaosSearch was built forChaosSearch was built foroperational anal

5、ytics on the lakeoperational analytics on the lakeUser User InsightsInsightsObservabilitySecurityObservabilitySecurity?Current lakehouse approach still has some limitations for operational analytics leading to separate systems such as Elasticsearch or OpenSearch to handle them.This approach increase

6、s operational analytics costcost,management toilmanagement toil,reduces their retentionretentionand creates data silos.data silos.It prevents the data lakehouse to from fulfilling its promise of centralization across use cases,and hinders SREs and Security users from leveraging the lakehouses benefi