Tech Field Day

The Independent IT Influencer Event

  • Home
    • Gestalt IT
    • About Tech Field Day
    • FAQ
    • Staff
  • Sponsors
    • Sponsor List
    • Sponsor Tech Field Day
    • Results and Metrics
    • Preparing Your Presentation
      • Complete Presentation Guide
      • A Classic Tech Field Day Agenda
      • Field Day Room Setup
      • Presenting to Engineers
  • Delegates
    • Delegate List
      • 2023 Delegates
      • 2022 Delegates
      • 2021 Delegates
      • 2020 Delegates
      • 2019 Delegates
      • 2018 Delegates
    • Become a Field Day Delegate
    • What Delegates Should Know
  • Events
    • All Events
      • Upcoming
      • Past
    • Field Day
    • Field Day Extra
    • Field Day Exclusive
    • Field Day Experience
    • Field Day Live
    • Field Day Showcase
  • Topics
    • Tech Field Day
    • Cloud Field Day
    • Mobility Field Day
    • Networking Field Day
    • Security Field Day
    • Storage Field Day
You are here: Home / Videos / Enhancing Data Analysis and Anomaly Detection with Zerto’s API and Grafana Integration

Enhancing Data Analysis and Anomaly Detection with Zerto’s API and Grafana Integration



Cloud Field Day 17



This video is part of the appearance, “Zerto Presents at Cloud Field Day 17“. It was recorded as part of Cloud Field Day 17 at 8:00-9:30 on June 1, 2023.


Watch on YouTube
Watch on Vimeo


Zerto leverages Grafana to visually represent data extracted through its API, allowing for the analysis of various metrics. The API provides valuable insights into logical blocks, encrypted and unencrypted data, enabling the identification of trends and anomalies. By examining SCSI blocks, Zerto’s algorithms can detect abnormal levels of compression and encryption, alerting users to potential issues like increased encrypted traffic. Notably, Zerto prioritizes real-time analysis over data storage, ensuring efficient processing. The 10.0 API further expands data availability, providing statistics at the volume, VM, and VPG levels. While Zerto currently recognizes all SCSI traffic as encrypted if the volume is encrypted, efforts are being made to differentiate between normal and malicious encryption. Zerto’s dedicated team continuously improves machine learning algorithms, keeping pace with security standards and advancements made by VMware.

Justin Paul discusses the capabilities of Grafana and the data obtained from Zerto’s API. By utilizing the API data, it is possible to rebuild Zerto analytics and visualize it through graphs. The data includes the total number of logical blocks, encrypted data, unencrypted logical blocks, and their combined total. Anomalies in encrypted traffic can be identified, even for applications not intended to be encrypted. However, systems using specific encryption methods like Linux file systems or Windows BitLocker may not show anomalies as they are already encrypted. Zerto’s algorithms analyze the data at the block layer to detect compression or encryption, with plans to refine and improve the algorithms over time. The data is not stored for long, as Zerto aims to retrieve data quickly and not hold onto it due to high data rates. The analyzed stats are sent to ZVM, which triggers alerts and tag checkpoints when sufficient evidence of a security issue is found. Zerto aims to be one layer of security among others and provide real-time alerts without the need for analyzing previous backups. The newer 10.0 API provides additional statistics at the volume, VM, and VPG levels. The discussion also touches on the potential differentiation between normal and malicious encryption and Zerto’s commitment to improving its algorithms and keeping up with security standards.

Personnel: Justin Paul


  • Facebook
  • Instagram
  • LinkedIn
  • RSS
  • Twitter
  • YouTube

Event Calendar

  • Oct 4-5 — Edge Field Day 2
  • Oct 18-19 — Cloud Field Day 18
  • Oct 25-26 — Networking Field Day 33
  • Nov 8-9 — Security Field Day 10
  • Nov 15-16 — Mobility Field Day 10

Latest Links

Modernizing Aging Legacy Systems Without Cost Creep With AMD

TFDx With AMD: More Than Just a Bag of Chips! (Part2)

Rout Intruders With All New VMware NSX+ Network Detection and Response Service

VMware Explore 2023

Adopting a Standard Operating Format in Multi-Cloud With VMware NSX+

Recent Videos

Meeting the Demands of the Modern Datacenter with AMD

Solidigm Introduces D7-P5810 a New Ultra-Fast SSD

Trends in Storage and Data - New Directions for SNIA

AMD Discusses Rack Cooling at Tech Field Day Extra at VMware Explore

Watch Tech Field Day on YouTube

Best of Tech Field Day

Veeam Snapshot Hunter

802.11ac: The next generation of Wi-Fi with Mark Denny at Wireless Field Day 3

Cisco 5 - Network Troubleshooting with Wireshark and Mediatrace with Nikhil Sharma

Why do we have Wi-Fi controllers in the enterprise? Airespace co-founder Bob O'Hara explains at WFD1

Watch Tech Field Day on YouTube

Return to top of page

Copyright © 2023 · Genesis Framework · WordPress · Log in