Thoughts on Logging and Monitoring

Overview:  I mainly work in the Microsoft stack, so my default for logging as Azure Monitor.  Log Analytics/Workspace and Application Insights fall under the term Azure Monitor.  

Going forward MS are storing App Insight logging data within a Log analytics instance.

There are 4 options for displaying/analysis logs in Azure:

1. Azure Dashboards
2. Power BI
3. Grafana
4. Workspaces

SIEM tools take in logs from various sources such as Azure Log Analytics, Defender, other vendors Prometheus logs or Open Telemetry.  

Grafana can be used on most SIEMS including Dynatrace, NewRelic, Microsoft Sentinel, or Azure Monitor.  Grafana supports PromQL and has fantastic dashboarding.

Azure DDoS Sentinel Overview:

Microsoft has the "Azure DDoS Sentinel" service that can help protect your network endpoints from DDoS attacks.  Common DDoS attacks all basically use hundreds of bad actors to flood traffic into you architecture to overwhelm them.  Restricting traffic from the bad actor sources is key.  Mixing the Azure DDoS Sentinel Service with Azure WAF, allows us to identify the bad actions and just block these bad attackers.

DDoS - Increasing, multiple bad actors try overwhelm your resources.  Rate limiting can help, but ideally you want to let thru valid traffic and block bad traffic.  Azure DDoS Sentinel service can be coupled with WAF to protect correctly from DDoS attacks.  Normally UDP flood attacks, also protects HTTP(s) flood and TCP Flood attacks. Covers level 3-4 layer attacks.

Two SKU's:

• DDoS network protection: used on a VNet, service will work out and protect your public nodes.  Can put this in from for Azure WAF are Azure Firewall, After Front Door.  
• Cheaper Alternative is the DDoS IP protection, has most of the features and if only specific IP, like a web traffic IP it's a good option.

More Info:

Radimaging Ltd - Paul Beck's Technical Working Notes for Microsoft Technology: WAF Options (pbeck.co.uk)

Radimaging Ltd - Paul Beck's Technical Working Notes for Microsoft Technology: Azure Application Gateway Basics (pbeck.co.uk)

Mendix Overview

Overview: Mendix is a market leader in low-code app builders. While I predominantly use the Power Platform, Mendix can be a good option.  

The ALM has Version Control. This is intuitive and follows a local checkout version commit back to a main branch (simple version control). It allows you to use branches so comprehensively and flexibly. Checking in small and often is a good idea, or you run the risk of large, complex competing merges. I believe it is git, but from the Mendix Studio Pro IDE, it is seamless.  

Build a local Version using Mendix Studio Pro and deploy it to the cloud. There are several options, including on-prem. The free version is basic and has limitations, but it has proven helpful for learning.

Note: There is also a Mendix Studio (Not Mendix Studio Pro) but it is hardly used by anyone.

Mendix supports sprints and boards, so you can work with User Stories in the Developer Portal for ALM.

An App Package can be stored, and it is a good idea to use this as the base for all projects in your company so that basic branding and naming conventions are consistent.

Deployment anywhere such as on-prem. via Kubernetes deployment, as well as the major cloud platforms i.e. AWS, Azure, GCP, Oracle.

Marketplace - templates, connectors, and components to reuse. 

Domain Modelling is excellent. When creating an app, you can choose your database (not the canned version). Modelling and exposing via OpenAPI contract and generating CRUD screens are easy. 

Get Data Options

Types of Data Sources available in Mendix.

Logic/Programing: In Mendix, we use flows for logic; there is no programming language.

• Microsflows - Server-side logic.
• Nanoflows - Smaller basically client side (think JavaScript logic)

Tip: The variable state is typically stored within the local Postgres database for later use.

Publishing to cloud production versions is very easy, and the local version, which is being developed, is seen on localhost. Mendix has simple, great built-in source control.

Image 1. A high-level overview of the logical components making up Mendix.

Pros:

1. Easy to use.
2. The basics for Low code are included, such as version control, project management, and deployment/publishing.
3. Build native mobile apps.
4. Improve business processes efficiently.
5. Supporting multiple languages is unbelievably simple and easy.

Image 2. Add multiple Languages to your app

Simple exercise: Call a key-secured API and display it on a Mendix page after watching this 7-minute video on API Calls.

The running example has:

1. Various pages and forms show and persist database information. 
2. A REST Call to a 3rd party using the OAuth key.  
3. Publishing a REST API based on a table and an associated entity.
4. Displays an Azure Chatbot

Me playing around with a Mendix App:

1. Get a REST endpoint and verify using postman (using a key for secure access)

Image3. Postman showing the REST call to be used

2. Create a new "microflow" as shown below:

3. Add a new "Action" of type "REST Call"

4. Add a JSON Structure file

5. Decide which attributes to pull out

6. Create an "Entity" in the Domain model to hold the retrieved data.

7. Map Model to the Import as shown below

...

Mendix Series

1.  Overview of Mendix (this post)

2. Mendix - Part 2 - Diving deeper

3. Extensibility for Mendix Studio 

4. Building a Mendix Widget for the Mendix marketplace (Convert text to Audio using Azure AI)

5. Mendix Tips & Thoughts

6. Competitors

Dynamics & Power Platform browser extensions and tools

Key Tools and Browser Extensions for Dynamics and  Power platform Developers:

• Level up for Dynamics (extension)
• Dynamics 365 Power Pane (extension)
• Microsoft power automate Desktop (extension)