Where are all those monitoring startups now?
Hint: Acquired or they raised a $200m Series C
Welcome back. I’m restarting this newsletter after a long break. Since the last post there have been dozens of acquisitions, fundraising rounds, emerging standards, new buzzwords, interesting trends, more complaining about Kubernetes, and analyst firms still trying really hard to make AIOps a thing.
So... what happened to the startups you never heard of in previous issues?
In the first post of this newsletter, I profiled a small number of monitoring-related companies that appeared in the startup sponsorship tier at KubeCon 2019. Here’s what happened to the dozen originally-profiled scrappy upstarts in the first issue, two years later:
Five were acquired
Two raised $200m+ Series C rounds in mid-2021
One raised a $40m Series B round in early 2021
… and everyone is still in business
Chronosphere raised a Series B and became generally available, Grafana Labs raised a big Series C, and Epsagon and Sensu were absorbed into larger software companies. The other companies are writing new new chapters in the previously-covered observability pipeline and eBPF posts. Several also got expensive-looking logo redesigns. Updates follow.
Observability pipelines redirect to /dev/money
It’s not just Cribl’s $210m Series C round: if we agree with the various people that claim to have first said that “data is the new oil” — who’s going to provide the specialized infrastructure to efficiently move around all of those logs and metrics, particularly in this era of egregious cloud egress costs and large Splunk bills?
Defined in the first newsletter as “a workflow for filtering and routing operational data”, observability pipelines now seem to be appearing in an enterprise software architecture PowerPoint deck near you.
In February 2021, DataDog acquired Timber Technologies, the company that built an observability pipeline called Vector. The press release explains why:
With the addition of Vector, we will be able to give our customers even more control over how their observability data is ingested, enriched, stored, and routed, so they can build fully capable, cost efficient data pipelines in both cloud and on-premise environments.
From posts on Confluent’s blog to an open-source project in the CNCF called Tremor that (wonderfully) calls itself “a kind of sophisticated /dev/null device with a few fancy knobs attached” — it seems likely we’ll be hearing more about this in 2022.
eBPF startups meet the Corporate Development team
eBPF was profiled in this newsletter as a deeply nerdy and technical emerging technology in the monitoring space that had a lot of promise. In hindsight, 2019 was a great year to be an engineer with deep expertise in eBPF and a check from a venture capitalist.
There’s still a lot of excitement and a growing community around eBPF, but take a look at what’s happened:
Flowmill, now part of Splunk, has open-sourced most of its technology and recently gave an early look about how it integrates with OpenTelemetry at the most recent eBPF Summit.
As noted in Elastic’s acquisition of cmd, some of the recent excitement around eBPF is also driven by security use-cases, specifically enabling customers “to detect, prevent, and respond to attacks on their cloud workloads”.
If that quote sounds familiar, you may have also read the press releases about acquisitions of some logging startups.
AppSec detects logging startups
Quiz time. Name the security vendor in their press release announcing the acquisition of a logging startup:
____(A)____ will further expand its eXtended Detection and Response (XDR) capabilities by ingesting and correlating data from any log, application or feed to deliver actionable insights and real-time protection.
____(B)____ will be able to ingest, correlate, search, and action data from any source, delivering the industry’s most advanced integrated XDR platform for realtime threat mitigation across the enterprise and cloud.
Answers: A) CrowdStrike acquires Humio on 2/18/21 and B) SentinelOne acquires Scaylr on 2/9/21.
The general theme, as articulated in the CrowdStrike press release, is a “unified data layer that powers the next generation of enterprise security and IT operations”. With these acquisitions, a reminder that the line (and IT budget) is getting blurrier between pure operational logging and application security solutions.
What’s in the next newsletters?
In the next few issues, this newsletter is going to explore late 2021’s emerging themes in the monitoring and observability startup space. Next issue will be all about the startups that want to help you optimize costs... for a price.
Subscribe to get the next issue in your inbox or follow on Twitter.
Why the long newsletter hiatus? I left consulting in mid-2020 and joined a startup in the observability space... then it got acquired by a much larger software company in mid-2021.
Disclosure: Opinions my own and not my employers. I am not a consultant, employed, or an investor in any of the companies mentioned. There are no paid placements, sponsorships, or advertisements in this newsletter.