Rapid7 Logs Docker Containers With Logentries

By Sean Michael Kerner  |  Posted 2015-12-15 Print this article Print
Docker containers

Rapid7, which recently acquired Logentries, brings a Docker Insights Dashboard to market to help solve the challenge of container visibility.

Having insight into what is running inside a Docker container, along with logging capabilities, is crucial for enabling enterprises to deploy containers at scale in a secure manner. Today, security vendor Rapid7 is announcing that it is now a Docker Inc. Ecosystem Technology Partner, bringing a new Docker Insights Dashboard to the market to help solve the challenge of container visibility.

The new Rapid7 technology comes from its Logentries division, which it acquired in October for $68 million. The open-source Docker engine itself has had a Docker Stats API available since the Docker 1.5 release in February that enables monitoring and logging technologies to plug into containers.

"The Logentries container is using the stats API, available since Docker 1.5, to collect container- level metrics, but it can also collect Docker API lifecycle event info as well as container-level log data," Trevor Parsons, Rapid7 senior director of log management and search, told eWEEK.

The core piece of technology from Rapid7's Logentries for container visibility is a product called the Docker Insights Dashboard. The Docker Insights Dashboard provides a way to visualize and correlate container-level resource usage stats, lifecycle events and application log data information, Parsons said. The Docker API lifecycle event information that Logentries can collect includes details on containers that have been started and stopped. Logentries can also collect host-level information and host-level resource usage statistics, giving a full container stack view from a log and resource usage level, Parsons said.

"Being able to collect and correlate a range of data sources like this is important for fast problem identification and resolution," Parsons said.

The new Docker Insights Dashboard is one part of the larger overall Logentries platform. Parsons explained that Logentries is a cloud-based logging analytics service, which collects, analyzes and visualizes machine-generated data in real time.

"The Logentries Docker container has been developed to collect container log data, resource usage info and lifecycle events using a range of different Docker APIs, which it then sends to the Logentries service in real time," Parsons said. "This data is visualized and available to interact with when using the Logentries service via the Docker Insights Dashboard."

In addition to the Docker Insights Dashboard, Rapid7's Logentries is now part of Docker Inc.'s Ecosystem Technology Partner program that was announced in June. The program launched with six vendors that integrated with Docker for monitoring, including AppDynamics, Datadog, New Relic, Scout, SignalFx and Sysdig.

"While Logentries is just becoming a partner of the Logging ETP announcement, we have been working as a Docker partner for quite some time and have been developing logging since Docker was in its nascent stages," Parsons said.

Beyond just Logentries, Rapid7 is well-known in the security world for its Metasploit penetration testing technology as well as security professional services. The topic of container security is still an emerging space with multiple viewpoints on what is needed.

"At this time, we are not actively working with any additional professional services engagements to look at the security of Docker containers; however, it may be something we explore in the future," Parsons said.

Sean Michael Kerner is a senior editor at eWEEK and InternetNews.com. Follow him on Twitter @TechJournalist.


Submit a Comment

Loading Comments...
Manage your Newsletters: Login   Register My Newsletters

Rocket Fuel