Netlink reduces data volume for cost-effective insights
Founded in 2007, Netlink Voice specializes in simplifying communications like reliable broadband voice solutions at competitive prices.
Netlink prioritizes people over profits and offers boutique services and transparent, predictable pricing to prove it.
Netlink gathers your vendors under one roof and does it all, with only one number to call and one bill to pay so you never have to think to make your communication technology work.
Industry
- Telecommunications
Users
- SOC Manager
- SRE Team
Impacts
- Up to 96% Reduction in event file sizes
- Organized and consolidated view of Syslog events while staying within budget
- Reduced mental toil for users so they could investigate and identify issues faster.
Netlink monitors and collects Syslog events from Microsoft Windows Servers, which provide details of the users and background processes that authenticate into domains they manage, in order to identify bad actors or unauthorized access to servers. The problem is that these syslog events are very robust and lengthy, which make it impossible for Netlink to index and store everything. This resulted in the SOC team having to drop these security-related events on the server. However, dropping these events meant teams ran the risk of missing issues when they occurred, which would normally be sent outward to a monitoring platform to assess.
The solution was for Netlink to send its events through a Mezmo Telemetry Pipeline, which pre-processed the data before sending it to a downstream destination. Through event restructuring, they were able to reduce the file size of the events to contain only necessary fields, reducing the size to 1,000 bytes. In addition, they standardized the format and content within the events so they wouldn’t have to drop data. This made it easier for SREs to obtain a more curated data experience, and helped decrease the time spent sifting through irrelevant data to get what they need.
Finally, the Mezmo Telemetry Pipeline also reduced the amount of data that would then be saved and indexed in Mezmo Log Management, thus reducing the risk of overages, and allowing them to send all the syslog data from their Windows servers to Mezmo instead of just a subset – so they don’t miss anything important.
With Mezmo, the Netlink team is able to control the volume of their syslogs from the Windows server to manage costs and quicker resolution times, and can manage unexpected spikes in the data before they reach more expensive log management. This also ensures that they are making informed decisions on what data to keep, and what to discard, so that they have the right data for incident resolutions as well as for future audits.
Real quotes from Netlink Voice
"Mezmo helped us reduce our overall telemetry data volume by 50% by filtering and parsing data to ensure we only indexed the fields we actually needed."
— Travis Jones, SOC Manager
"Mezmo's telemetry pipeline is exactly what I'm looking for, it shows the necessary events variables for our team, and reduces the amount of data significantly"
— Travis Jones, SOC Manager
Get control of your telemetry
- ✔ Schedule a 30-minute session
- ✔ No commitment required
- ✔ Free trial available