There’s still a lot of life left in tape backup

This industry likes to abandon technologies as soon as it adopts them, but a few find a way to hang around. I recently purchased a car, and in the finance office was a dot matrix printer, chugging away at the same multipage forms I saw used more than 25 years ago.

Critical Security Controls v7 RELEASED

I have previously posted on the Critical Security Controls, which many still incorrectly called the “SANS Top 20” and the like, tho SANS hasn’t been managing them for some time.  The current org that manages them is the Center for Internet Security, which has overseen them since around 2015.  They previously put out v6 and after about a year working on the have released v7.  You can download them from the CIS website, along with other materials.

Grafana Heatmaps with the IRONdb Data Source

GrafanaCon EU 2018 Recap

A couple weeks ago at GrafanaCon EU 2018 we announced the beta release of the IRONdb Data Source for Grafana. We’ve continued to make improvements to some features, such as the heatmap visualization of histogram data. In this blog post, we’ll show you how to use the IRONdb data source to produce these visualizations. We will start with the assumption that you already have IRONdb up and running; if not, the installation instructions are here (you can get a free 25k metric license here). If you don’t have a host to install IRONdb on, or want to try out the free hosted IRONdb version on Circonus, just keep reading to see the hosted example; we got you covered!

Data Source Installation

The first order of business is to get the data source installed. You’ll need Grafana v5.0 or 4.6.3 installed as a prerequisite, as it contains a number of updates needed for rendering the heatmap visualization. The IRONdb data source can be found here on GitHub. As with most Grafana plugins, the code is installed in /var/lib/grafana/plugins, and a server restart makes the data source available in the UI. Follow the data source configuration instructions, and you should have the IRONdb datasource installed on the Grafana host.

Data Source Configuration

Hosted or Standalone

Your data source should look something like this; note that this is an example using the Circonus API (URL is set to If you don’t have a host to install IRONdb on, you can create a circonus account, grab an API token, and setup a hosted instance. Select IRONdb for the Type field under settings. Enter your IRONdb cluster url in the URL field ( for hosted, something like http://localhost:8112 for standalone). You’ll want proxy set under the Access field, since direct mode is not supported yet (this means requests to IRONdb are proxied through Grafana).

Auth and Advanced HTTP Settings

No changes are needed here from the default.

IRONdb Details

The rest of the configuration is specifying hosted or standalone under the installation type, and entering in the API Token.

For standalone IRONdb installation:

  • Set the IRONdb Type field to standalone.
  • Enter the Account ID to the value set in your irondb.conf file.
  • Set the Query Prefix field to the root value of your metrics namespace for the metrics selector.

For hosted IRONdb installation:

  • Set the IRONdb Type field to hosted.
  • Enter the API Token from the API Token Page in your Circonus account.
  • You will not need to make any change to the Query Prefix setting unless you are collecting your own custom metrics (like via Statsd).

Save & Test

Click to save the configuration and test the datasource; if it is working, you’ll see the “Data source is working” status message. If not, revisit the values you entered. Feel free to reach out to us at the Circonus Labs Slack #irondb channel if you have questions or problems you can’t resolve.

Collecting Histogram data

If you are an existing IRONdb user who has histogram metrics already available, you can go to the next step. If not, you’ll need to get histogram data into your instance. To generate a meaningful heatmap, you’ll likely want to be using data that represents latency or a duration, such as HTTP request duration.

For standalone IRONdb installations, see the IRONdb documentation on how to write histogram metrics.

For hosted IRONdb installations, modify the metric type on an existing check you have (Integrations -> Checks) by clicking the histogram icon.

Creating the Heatmap Panel

Panel Creation

In your Grafana instance, click the + sign on the left nav, then select Heatmap from the grid.

Data Source Selection

Select Edit at the top of the panel, and then under the Metrics tab, select your IRONdb data source from the drop down. Then to create a new metric, click the Histogram and CAQL boxes, and click the hamburger menu to the right and select Toggle Edit Mode.

Add Metrics

Now enter the check uuid and the metric name in the following CAQL (Circonus Analytics Query Language) format:

metric:histogram("<check_uuid>", "<metric_name>")

Online Sandbox Services Used to Exfiltrate Data: Researcher

Attackers can use online sandbox services to exfiltrate data from an isolated network, a SafeBreach security researcher has discovered.

Critical Infrastructure: Stop Whistling Past the Cyber Graveyard

An open letter to former colleagues in Homeland Security, peers in private sector cybersecurity firms, those who own and operate critical systems, academics, and politicians.

Toyota pauses automated driving testing on U.S. roads following Uber accident

Automaker Toyota has temporarily ceases its public road testing of its fully autonomous ‘Chauffeur’ system in the U.S. after an accident earlier this week saw an Uber self-driving test vehicle strike a pedestrian, which ultimately resulted in her death.

The new Dragon Ball game is powered by Google’s cloud

Bandai Namco Entertainment announced the latest entrant in its series of Dragon Ball games this week. Dragon Ball Legends is a player versus player (PvP) mobile game that has players from all over the world battle with each other in real time by using their move cards. From all I’ve seen, it looks like a pretty fun game, though I know nothing about Dragon Ball and I have an unreasonable disinterest in card-based games. What made me perk up, though, was when I heard that Bandai Namco opted to use Google’s Cloud Network to host all the infrastructure for the game and that one of the main components of this system is Cloud Spanner, Google’s globally distributed database.

Facebook Pulls Back Investigators as UK Launches Probe Into Cambridge Analytica

UK authorities will seek a warrant to probe the computer systems of Cambridge Analytica, the company blamed for covertly siphoning the data of over 50 million Facebook users.