Implementing flexible log viewing rights management and scalable monitoring

• 分析与建模 - 预测分析
• 应用基础设施与中间件 - API 集成与管理
• 平台即服务 (PaaS) - 数据管理平台

• 商业运营
• 质量保证

• 云规划/设计/实施服务
• 系统集成

Monitoring to support products such as mobile social games and service quality. As the organization has diversified and expanded, log viewing and rights can no longer be managed at the organizational level, but must be made stricter and assigned by product staff. At the same time, a large scale transition to the cloud made it necessary to ensure that the monitoring system, such as the log management and scalability, analysis functions, etc., be compatible with the cloud environment.

GREE, Inc. is the global leader in the development of mobile social games. In recent years they have expanded beyond games to include media and live entertainment representing VTubers. Because GREE continues to provide high-quality products and services, monitoring is one of its essential efforts. In the past, they used in-house auditing infrastructure to collect and analyze logs for use in application debugging and the investigation of the cause of defects. However, as their business environment changed, it was no longer possible to respond entirely with just the in-house auditing infrastructure. One of these changes was diversification of the organization. In the past, there was a small number of products, and they were almost entirely created in-house. The number of products has recently increased, and external outsourcing has been aggressively pursued. At the same time, as their own organization became bigger, the engineers managing the products and services were holding multiple posts or changing dynamically, complicating the situation.

With its enterprise-focused security functions, good compatibility with the cloud environment, and high-level analysis functions, Sumo Logic was adopted. All of the AWS account Cloud-Trail logs are collected, and only the absolute minimum of logs, such as error logs for error cause investigations, are stored. By using the Role-Based Access Control function, linkage to the company’s internal authentication system and the authorization approval application flow were also implemented. Sumo Logic was adopted in stages as the transition to AWS progressed. The CloudTrail logs for all of the targeted AWS accounts were collected in Sumo Logic, and only the bare minimum of logs (such as error logs) necessary for the investigation of the cause of failures are stored. A “right tool for the right job” approach was adopted with Sumo Logic being used mainly for application debugging and performance analysis, while user analysis continued to use the data analysis infrastructure. The authorization management system was configured using the Role-Based Access Control function in Sumo Logic.

• A flexible authorization system, independent of the organizational structure became possible, allowing only involved staff to view logs.
• Thanks to Sumo Logic’s SaaS-based flexibility, work such as capacity planning for the log receivers was no longer necessary, and the operation system could be adapted to the cloud environment.
• Sumo Logic’s functions such as LogReduce and Live Tail created an infrastructure that allows for efficient management, analysis and utilization of the logs.

• Transferred over 20 services running on several thousand on-premises servers to AWS.
• Reduced time spent on log management significantly.