Apache SkyWalking, CVE Fixes, Tetrate

TSB Log4j Security Announcement

Summary

A critical vulnerability (CVE-2021-44228, CVSS score 10) was identified in the Java logging library Apache Log4j 2. Apache Log4j2 2.14.1 and below are susceptible to a remote code execution vulnerability where a remote attacker can leverage this vulnerability to take full control of a vulnerable machine.

Apache Log4j is used in many Java-based applications, making this vulnerability potentially affecting lots of organizations. As we continue to gain a deeper understanding of the impact of this threat, we will publish technical information to help you detect, investigate, and mitigate attacks. We will provide updates with more information and protection details as they become available.

Update at 2021-12-14: New, related CVE-2021-45046 has been disclosed and mitigations are included in this post.

Read More
Apache SkyWalking

End-User Tracing in a SkyWalking-Observed Browser

Web application performance affects the retention rate of users. If a page load time is too long, the user will give up. So we need to monitor the web application to understand performance and ensure that servers are stable, available and healthy. Apache SkyWalking is an application performance monitoring (APM) tool designed especially for cloud native and container-based architectures. Its skywalking-client-js is a lightweight, client-side JavaScript exception, performance and tracing library.

Read More
Apache SkyWalking application performance monitoring tool
Apache SkyWalking, Open Source, Tetrate

SkyWalking 8.4 provides infrastructure monitoring for VMs

Apache SkyWalking– the APM tool for distributed systems–  has historically focused on providing observability around tracing and metrics, but service performance is often affected by the host. The newest release, SkyWalking 8.4.0, introduces a new feature for monitoring virtual machines. Users can easily detect possible problems from the dashboard– for example, when CPU usage is overloaded, when there’s not enough memory or disk space, or when the network status is unhealthy, etc.

Read More
SkyWalking
Apache SkyWalking, Open Source

What is Apache SkyWalking? Observing the Heterogenous Stack at Scale

The observability problem for modern DevOps is familiar: As enterprises move to microservices, containerization, multi-language RPC frameworks, and service meshes, there’s an increasing need for users to understand a highly complex, distributed architecture and the dependencies between applications. Apache SkyWalking, an application performance monitor (APM) and observability platform, is an open source project that addresses this need — with or without a service mesh.

Read More