DEV Community

Robertino
Robertino

Posted on • Edited on • Originally published at auth0.com

Custom Log Streaming Integrations

Original post written by Alexa Jacky for Auth0 blog.

Flexible streaming directly to your tools powered by Auth0 Marketplace integrations.


No matter industry or size, data collection and analysis can play a critical role in the success of your business. Without the right data or tools in place, it can be impossible to fully analyze performance and make the right user optimizations. The inability to monitor and react to security incidents can set organizations up for risk and brand consequences - with the average cost of a data breach rising to $4.35 million in 2022. But while real-time data monitoring and alerting is important, it can be difficult to scale - especially if you’re not in the business of data ingestion.

That’s where log streaming comes in. Log streaming allows you to ingest activity data and receive real-time monitoring and alerts, enabling you to react to security events, analyze performance, and understand user behaviors. We first introduced Auth0’s log streaming integrations in 2020, allowing you to easily integrate log streaming into your applications to monitor and keep track of events occurring within your Auth0 tenants. For a bit of a deeper dive into log streaming and our past log streaming integrations, be sure to check out our log streaming overview blog.

Investing in Log Streaming to Enable Rapid Customer Response

Account takeover attacks increased by approximately 90% from 2020 to 2021, adding pressure on IT admins to present better account monitoring and protection solutions for their users. Organizations need to be able to quickly see and react to abnormal events within their applications and find areas to improve efficiencies for better user experiences.

We’ve been offering both log streaming and log extensions as a monitoring solution, but as pressures to react and respond to real-time streaming data grows, we’ve decided to move away from log extensions and fully invest in log streaming. Log extensions delivered a once-viable solution, but we’ve found them difficult to scale to meet the growing needs. By refocusing our efforts, we’re able to launch custom log streaming solutions that are not bound by global management API endpoint limits and rate limits and, ultimately, deliver scalability. For users, this allows you to better react to real-time monitoring and alerts, analyze application performance, and understand your customer behaviors with real-time activity data.

Log Streaming Flexibility: Connect Directly to Your Third-Party Data Tools

We’re excited about our new launches for a few reasons. We’ve created a more efficient solution to export log events to your third-party data tools. By shifting our focus to only log streaming, we can continue to enhance our log stream features to make them more customizable for unique use cases.

A feature we recently implemented, Log Streaming Flexibility, allows users to select which log-type categories they want to stream. This means that instead of filtering the data you want to see at the end of the stream, you can now filter exactly what you want to see directly at the source. The result is better-defined log streams that only send relevant data and easier adoption of log streams with less volume to manage. This functionality also serves as one of the alternatives to the soon-to-be deprecated log extensions functionality.

Meet Our Log Streaming Partners

As we continue to fully invest in log streaming, we’ve partnered with Mixpanel and Segment to create custom log streaming integrations built on APIs for two-way communication between applications.

Segment

Built by Auth0, the Twilio Segment integration is a Customer Data Platform (CDP) log streaming solution that provides companies with the data foundation to help build complete customer profiles. Twilio Segment allows companies to collect, unify, and route customer data into any system to better understand their customers and create seamless, compelling experiences in real time.

Mixpanel

The Mixpanel integration gets engineering, product, and data teams the tools they need by providing fast, flexible, and easy-to-use product analytics. This custom log streaming integration allows you to create behavioral cohorts that can be routed to Mixpanel to create robust data profiles. Mixpanel’s reporting makes it easy to find root causes of user drop-off and growth in order to better serve your customers.

In addition to the above custom log streaming integrations built in collaboration with Mixpanel and Segment, some of our other partners have launched log streaming integrations in the Auth0 Marketplace. These partner-built integrations are built with custom webhooks to allow you to ingest and track event data within your Auth0 tenants.

Elastic

Elastic Security combines SIEM threat detection features with endpoint prevention and response capabilities in one solution. The Elastic Security log streaming integration for Auth0 uses custom webhooks to enable easy ingestion of Auth0 events to aid with threat detection and incident response. All Auth0 events are mapped to the Elastic Common Schema, allowing you to easily analyze, correlate, and visualize events right away.

Logz.io

The Logz.io Cloud SIEM integration for Auth0 allows you to centrally monitor your workflow logs to help rapidly identify, investigate, and remediate emerging threats. Combining the open-source visualization from Kibana with advanced security analytics backed by AI and Machine Learning, Logz.io enables you to inspect and investigate all of your relevant Auth0 event data. Using custom webhooks, Logz.io allows your team to quickly drill down into granular user data while inferring critical security intelligence to inform decision-making.

MDR ONE

Kudelski Security’s MDR ONE integration uses an advanced set of detection rules to provide widely recognized threat hunting, detection, and response capabilities for Auth0. By offering a unique combination of consulting, technology, and managed services, the MDR ONE integration enables organizations to continuously evaluate security posture and recommends solutions that will address business risk and compliance needs and assist with overall security effectiveness.

Read more...

Top comments (0)