UPDATED 14:00 EST / APRIL 01 2020


Zebrium bets on autonomous log monitoring for incident detection

Log management and observability is time-consuming and expensive, unless done autonomously. That’s the bet of 2017 startup Zebrium Inc., an autonomous monitoring platform that uses unsupervised machine learning to automatically detect and help resolve incidents.

“Zebrium was founded on the notion that we can just do all that automatically,” said Larry Lancaster (pictured), founder and chief technology officer at Zebrium. “We can take a pile of machine data, we can turn it into a database, and we can build stuff on top of that.”

Lancaster spoke with Dave Vellante, host of theCUBE, SiliconANGLE Media’s mobile livestreaming studio, during the virtual Vertica Big Data Conference. They discussed Zebrium’s belief that the future of monitoring is autonomous and how the startup is performing in this market. (* Disclosure below.)

To keep customers happy

Although the broader market for monitoring software has many participants, not all have the same approach. The market has been changing, and there is now an understanding that mean time to incident detection and resolution, which is a key metric for measuring the efficiency of cybersecurity, is what people need to focus on to keep their customers happy, according to Lancaster.

“If it is a known issue with a known symptom and a known root cause, then you can set up an automation for it,” he explained. “But the ones that really cost a lot of time in terms of service disruption are unknown unknowns.”

To face these unknowns resulting from the increasing complexity of applications, it is necessary to dig into a huge mass of data. “So, observability is about making tools to help you do that, but it’s still going to take you hours,” Lancaster pointed out. “And our contention is that you need to automate the eyeball; the bottleneck is now the eyeball.”

Making this monitoring effective depends on moving away from the notion that a person will be able to do it infinitely more efficiently and recognizing that it is necessary automated help. “When you get an alert agent, it shouldn’t be that: ‘Hey, something weird is happening; now go dig in,’” Lancaster explained. “It should be: ‘Here’s a root cause and a symptom,’ and that should be proposed to you by a system that actually does the observing.”

Zebrium is working mainly with two types of data: metrics and log files. After obtaining a stack of unstructured logs, the startup structures them into tables for event type and records every time it happens.

“If I have all my event types structured that way, everything changes and I can do real anomaly detection and incident detection on top of that data,” Lancaster said. “So that’s really how we go about being able to do autonomous monitoring in a way that is effective.”

Using Vertica’s column storage

To structure and load log data into tables, Zebrium uses Vertica‘s expanding relational column storage. At the same time, Vertica’s analytical performance and cloud-native flexibility allow Zebrium to scale up to meet demand, according to Lancaster.

“I think column stores are ubiquitous now in analytics,” he explained. “And being able to have ACID guarantees and everything else, like a normal mature database that can join lots of tables and still be fast, that is also necessary at scale.”

Zebrium is leveraging its business with a round of investments. The startup raised just over $6 million to invest in its operations. “In the last six to eight weeks, it’s just been this sort of pique of interest. It’s been an amazing start to the year,” Lancaster concluded.

Watch the complete video interview below, and be sure to check out more of SiliconANGLE’s and theCUBE’s coverage of the virtual Vertica Big Data Conference. (* Disclosure: TheCUBE is a paid media partner for the Vertica Big Data Conference. Neither Vertica, the sponsor for theCUBE’s event coverage, nor other sponsors have editorial control over content on theCUBE or SiliconANGLE.)

Photo: SiliconANGLE

A message from John Furrier, co-founder of SiliconANGLE:

Your vote of support is important to us and it helps us keep the content FREE.

One click below supports our mission to provide free, deep, and relevant content.  

Join our community on YouTube

Join the community that includes more than 15,000 #CubeAlumni experts, including Amazon.com CEO Andy Jassy, Dell Technologies founder and CEO Michael Dell, Intel CEO Pat Gelsinger, and many more luminaries and experts.

“TheCUBE is an important partner to the industry. You guys really are a part of our events and we really appreciate you coming and I know people appreciate the content you create as well” – Andy Jassy