It’s not just Microsoft and Crowdstrike: Cloudflare, the internet infrastructure giant, experienced a major outage on November 14th, resulting in the irreversible loss of over half of its log data. The outage, which lasted for 3.5 hours, stemmed from a faulty software update that crippled the company’s log service, preventing it from delivering crucial data to customers.
Log services are essential for network operations, allowing businesses to analyze traffic patterns, troubleshoot issues, and detect malicious activity. Cloudflare’s log service, which processes massive volumes of data, relies on a tool called Logpush to package and deliver this information to customers.
However, an update to Logpush on November 14th contained a critical error. As Cloudflare explained in their incident report, the update failed to instruct auxiliary tools to forward the collected logs, leading to a situation where logs were gathered but never delivered. This data was subsequently erased from the cache, resulting in permanent loss.
“A misconfiguration in one part of the system caused a cascading overload in another part of the system, which was itself misconfigured. Had it been properly configured, it could have prevented the loss of logs,” Cloudflare stated in their report.
While engineers quickly identified the flaw and rolled back the update, this triggered a cascading failure. The system was flooded with an overwhelming influx of log data, including data from users who hadn’t even configured Logpush, further exacerbating the issue.
Cloudflare has issued an apology for the incident and the permanent loss of user data.
During the roughly 3.5 hours that these services were impacted, about 55% of the logs we normally send to customers were not sent and were lost.
Bullshit ass headline. They only lost 55% of logs generated during a three and a half hour stretch. The headline makes it read like they lost 55% of all their logs ever.
Still a big deal, a lot can happen in 3.5 hours, but not as big as a deal as the headline makes out.
ChatGPT-ass article. Is all news going to be like this now?
Here is the blog entry by Cloudflare itself:
https://blog.cloudflare.com/cloudflare-incident-on-november-14-2024-resulting-in-lost-logs
This article is a lot more clearly written, as expected from Cloudflare. For example, the other article makes it sound like 55% of all user data was lost. Cloudflare says:
During the roughly 3.5 hours that these services were impacted, about 55% of the logs we normally send to customers were not sent and were lost.
55% of logs during a 3.5h window is a lot less of a big deal.
Why compare a logging system outage to Cloudstrike?? Logging systems are important, but this article is just fluff.
Because this is a shit article that is just trying to push clickbait.
Unless I’m missing what they’re referring to, I don’t see why MS even comes up related to Crowdstrike. A software dev that deploys to Windows making a royally bad mistake doesn’t exactly make that MS’s fault.
If I use a third-party for delivering my service or product, you may assume that I am also responsible for the their mistake because it effects my own offering.
Did MS deliver a product through Crowdstrike? Maybe that’s what I’m missing here. I don’t use Crowdstrike myself, so I’m not sure how it relates at all to MS except that it works on Windows.
Microsoft doesn’t support secure ways of monitoring processes like Linux does
Clownstrike + Clownflare = Circus
Yeah, but Cloudlfare is also a MiTM.
