This project focuses on enhancing cyber defense capabilities through the deployment of intelligent AI agents that augment human expertise within Security Operations Centers (SOCs). Addressing key challenges such as alert fatigue, manual threat correlation, and high-volume event processing, the solution integrates seamlessly with existing infrastructure—including K3s clusters, Loki, Vector, and Security Onion. The core of the solution is a multi-agent architecture that automates tier-1 security analysis while escalating complex threats to human analysts with full contextual insight.

Explore the powerful capabilities behind Grafana dashboards, including metrics with Mimir, logs with Loki, and tracing with Tempo. Understand how to scale and integrate these tools effectively within your cloud-native ecosystem.

Half a year ago, my team at Trade Republic fully migrated our observability stack from Datadog to LGTM (Loki, Grafana, Tempo, Mimir). Operations after migration are as important as the migration itself, involving ongoing challenges such as performance and scalability issues, bugs, and incidents. In this talk, I’ll share our experiences from the past six months, detailing the challenges we faced and the valuable lessons we learned while using Grafana tools. Join us to gain insights into the practical aspects of managing and optimising an observability stack in a dynamic environment.