 All right, wonderful. Please note everyone that we are recording the session and we're also live streaming. So say hello to the live stream as we go there and Igor will put that onto the chat and feel free to share it on social if you want others to join us today as well. So welcome everyone. Good morning, good afternoon and good evening depending on where you are zooming in from today for our final 2021 Hyperledger in-depth hour with members webinar. And today I am happy to have Chris Cordy who is a software engineer at Splunk join us. Splunk is a monitoring and analyzing machine-generated data company and Chris will provide you an overview of Splunk as well as his role there and then go into the discussion for today. So before we get started a couple of things, housekeeping that I'd like to do first any of you who have not been to any of our Hyperledger community webinars or meetings all are welcome in our community and we are committed to creating a safe and welcoming community for all. So please adhere to the standards of the Hyperledger Code of Conduct which is on our website. And if you have any questions, please let me know ultimately be good to one another and let's be productive and constructive with one another. A couple of other housekeeping rules just like any other Hyperledger community meeting all our meetings are under our anti-trust policy and that means that participation by industry competitors, we wanna make sure that all activities are conducted under that policy. Please review the policy if you have any questions on our website. And during this webinar, if you have any questions please direct message me and I'll be happy to assist you. As a reminder, once again, the webinar is being recorded and they'll be available after the fact and you can watch any of our webinars in our Hyperledger webinar library as well as on the YouTube channel where we have hundreds, sometimes it seems a week, presentations from our special interest groups, our working groups and our meetup community which continues to grow. The slides will be available for download after the presentation you'll get an email from Zoom directly with some links to that as well. So our goal is to have these as interactive as possible. So I'd like to take you through three ways that you can communicate with us during the session. Number one is if you're familiar with the raise hand feature in Zoom, you can go ahead and raise your hand when we open up for questions and answers and we will go ahead and unmute you and you can ask your question via voice. You can also use the ask questions feature in webinar in the Zoom webinar. So click on the Q and A and ask your question there and Chris and I will get to those when we open up for the Q and A as appropriate. And last but not least, feel free to talk and comment during the session in the chat. Once again, please be respectful of others and we would be happy to address any of those and if you wanna voice chat, we can as well. So once again, this webinar is for you. We wanna make sure that you get the best out of it. So without any further ado, I'd like to pass this over to Chris Cordy who's, as I said before, a software engineer at Splunk and one of our Hyperledger fabric experts in the field. So Chris, over to you. I'll go ahead and stop sharing and you can share your slides please. Wonderful. Yep, we could see them. Awesome. So thank you for the introduction. I'm Chris Cordy and I'm gonna talk about how you can secure your Hyperledger fabric deployments using Splunk app for fabric which helps you monitor all the security and infrastructure events happening on your Hyperledger network. Okay, so this is me. I look a little bit different right now, I guess. So I'm a software engineer on Splunk's blockchain team and there I work on a few of our integrations that enable you to pull data from different blockchains like Ethereum or Hyperledger fabric. So in particular work on Splunk Connect for Ethereum and Splunk Connect for fabric and I also am very involved in adding the features for detecting different security events happening on those networks. Prior to working at Splunk, I worked at Sandia National Labs where I was a cybersecurity researcher. So I've been interested in cybersecurity research and blockchains for a long time. So why Splunk blockchain? For those who aren't familiar, Splunk is a tool that allows you to turn data into doing. There's tons of machine-generated data created by organizations, all different endpoints, network devices and it's hard to make sense of all this data. So Splunk allows you to take all that data and correlate based on time between all these different sources to be able to make intelligent decisions for your business. So in particular for blockchain, blockchains generate tons of data. Blockchains are also often complex and organizations that are using blockchains often have a lot of other, a lot of other infrastructure that they wanna monitor as well. And they're really interested in monitoring the interactions between their traditional enterprise infrastructure and the blockchain infrastructure. So Splunk can help you get visibility between all the different components in your blockchain deployments. We support many different blockchain technologies and so you can take any sort of data source and throw it into Splunk and be able to make intelligent decisions. Cool, so just as an overview of what we'll be talking about today, hyperledger fabric, I'm sure everyone here is somewhat familiar with it, it's designed to enable secure collaboration between multiple organizations with limited trust between them. So notably hyperledger fabric has a slightly different security model than public blockchains, like public permissionless blockchains like Bitcoin or other cryptocurrency, hyperledger fabric, it's permissioned. So all the parties should be known and they can be accessed and built. So these security improvements can make it, in some ways make it easier to make secure deployments and to trust that your network will be operating correctly and reducing your risk of attack. But you still need to make sure you're carefully configuring a network and monitoring it to make sure that no attacks are happening. So we're gonna review some different types of threats and then some different types of threats than hyperledger fabric networks face and discuss how to mitigate them. Okay, so first it's always good to think about what assets you're trying to protect. Obviously data would be very important to protect like the intellectual property or other sensitive data, hardware and software or applications, which is very similar to data. And make sure that your software is running correctly and isn't being manipulated. As mentioned earlier, hyperledger fabric is a permissioned blockchain. So its threats can differ from popular permissionless chains. Still some attacks are common to all distributed systems like Nile Service or consensus manipulation. Other attacks target specific components in a hyperledger fabric network, such as a membership service provider. So for the first threat, we'll look at denial of service. Nile service attacks disrupt the network's availability and any distributed system is vulnerable to some extent to these. Many different attacks can also cause denial of service and it could be difficult to proactively prevent. For mitigation, it's good to be collecting performance metrics, such as transaction throughput and latency to help detect if an attack is happening early on. Consensus manipulation is another risk on a hyperledger fabric network. So hyperledger fabric doesn't quite have the risk of 51% of attacks in the same way that Bitcoin might because it's permissionless. Still there are attacks on network consensus that you can do including denial of service and transaction reordering attacks. So we wanna make sure that the consensus component seems to be acting correctly in our hyperledger fabric deployment and a way that we can try to make sure that it's happening is we can log some threat indicators like leadership elections and transaction lances to speed up detection of any malicious behavior. Basically, we wanna make sure that the consensus elections and decisions aren't being hampered in some way by one of the parties. Another threat is MSP compromised. So in hyperledger fabric there's a membership service provider for the MSP and the MSP is able to modify access control to the network. And if it's malicious, it can deny service to parties and perform civil attacks, which is not good. So the MSP can be compromised by Rogan Cider or through PradaKeitha, which are generally gonna be pretty difficult to detect until after exploitation happens. So to mitigate this threat, you're gonna wanna follow key management access control best practices. Don't share keys, make sure all accesses are logged and then also you're gonna wanna log an alert on your MSP actions, such as the creation and revocation. And then another threat is smart contract exploitation or chain code exploitation. So the risk in hyperledger fabric for smart contract exploits is that business logic can be compromised and so can network performance. Again, we're not worried necessarily about lots of money or it's not gonna be very obvious that lots of money was stolen, like it might be encrypted currencies, but we still wanna make sure our business logic is running correctly and that our services aren't gonna be down. So in addition to just smart contracts are often written by people and people like to make mistakes when they program, including me. So in addition to some of the ordinary logic bugs you might have, you can also have errors resulting from trying to handle concurrency or a nondeterminism, which can be difficult. So mitigations for this include like all other programs, smart contracts should be designed with security in mind and at the onset. Smart contract analysis tools like the hyperledger lab chain code analyzer can help scan for vulnerabilities before you deploy your smart contract. So you can proactively know that you're not putting out a vulnerable contract. It's also recommended to request an external security audit. And then finally, like all the other threats monitoring is key here. You should monitor performance and usage of your smart contract and detect any anomalous behavior. So to distill this a little bit, here are some of the key data sources for all the threats we just talked about. So for denial of service, we have transaction throughput latency, block latency, and the number of senders of connections. I'm not gonna read this whole table, but take a moment to look at it. Notably, we see that there are different data sources that we need to grab and be able to correlate between. So we have block headers, blocks, node metrics and logs and any results from a vulnerability scanner. Additionally, there are other threats that I didn't talk about that we potentially wanna be monitoring for. On the last, we see a list of even more threats and we see all the different data sources that we might wanna collect from. New from the categories before, we see we're gonna wanna bring in some threat intelligence information, peer-to-peer and network information. Maybe we wanna call some APIs on the node and collect some client or front-end information. So there's lots of data coming from off-chain and on-chain and from lots of different places. And this data can, these are many different types of data. They look different, so it can be difficult to try to make a correlation, especially if you don't know what the data would look like ahead of time. So that's why we have this data to everything platform where you can take all of your logs, metrics, traces and ledger data and throw it into Splunk and be able to make informed decisions for your IT, security and observability of your networks. So how do we do this? So in particular for Hyperledger Fabric, we have the Splunk app for Hyperledger Fabric. It lets you get visibility into what's happening on your network, so you can monitor, troubleshoot, investigate and take action on your Hyperledger Fabric components across organizations in different cloud environments. And this crucially allows you to reduce your main sign of recovery because now you have all this data in one place. And then now if you're trying to get the production faster, it's a lot easier to see what's going on, understand what's happening with your development changes and then monitor whenever you make changes what the effects are. So this app can be found on Splunkface and the app is also on GitHub and you can look at it. The link is accessible through the Splunkface page. Cool. So now how do we get started with the Splunk app for Fabric? We can easily ingest all these different data types by using the following tools. So we have the Splunk Connect for Hyperledger Fabric to grab ledger and metric data from the deployment. As an example, we can use a Splunk Docker login driver or Splunk Connect for Kubernetes to send container logs to Splunk. And then finally the Splunk app for Hyperledger Fabric is what allows you to visualize this data in Splunk. And it has example dashboards for infrastructure transaction analysis and security. So if you go to this GitHub page, then you can see some example networks that you can run in Docker Compose to get started. Cool. So we would have a very simple bare bones network. We might have a somewhat similar configuration to this. We have an organization that has two tiers in order. And then we have a collector here that grabs metrics from Fabric and the containers. We can use Splunk Connect for Kubernetes to grab container logs. And we can use Fabric Logger to Splunk Connector to grab Fabric events and block data. And we can throw it out on Splunk. So if we were to do that and then take a look at what the security monitoring dashboard looks like, we see the following metrics. We see transaction latency, throughput, number of unique senders, and then a few graphs of transaction count, number of GRXPC connections, and number of TLS connections with orders. We can also see some config updates, consensus leader changes, and whether any blocks have been orphaned, which meaning here, is there any block number that was, is there any block that had a different hash for the same number on the same channel, which would be very bad. So we can see that we have denial service indicators and our consensus manipulation indicators here. So let's see an example of what this data would look like if the denial service attack were to happen. So say we had a scenario where an authorized user has their keys compromised, the user begins spamming the network with transactions, what would we expect to see? So we should probably pay attention to the transaction latency, throughput, and number of open connections. So in order to get a baseline, let's look at a normal case where a single client is sending 10 transactions per second. So this is our baseline measurement. And in the normal case, single client sending 10 transactions per second, we see the following graphs. You see transaction latency is fairly small under 200 milliseconds. We have the throughput we were hoping for, 10 transactions per second. We see a nice constant slope here and for transaction count over time. And we see that net gRPC connections open by node is staying fairly small with no gRPC connections exceeding eight. So now let's look at an adversary scenario. If we have another client who tries to open up a thousand connections at once and it's performing one query per minute, and then we would expect to see a transaction latency starts to increase, transactions for second decrease, and the number of open connections increases. Basically, we have a client that is trying to stuff as many connections as possible and not closing them, which is gonna be exhausting the number of open connections available as well as exhausting CPU cycles on whichever period is connecting to. So we see this is what some adversary, this is what the results of that would look like. We see in transaction latency that the latency has started to increase from around 180 milliseconds earlier. You see transactions per second starts to decline. You see a bend in the transaction count over time graph. And you see that the number of open connections starts to balloon. So at this point it's difficult to determine do people really like to use our service? Do we just misconfigure something or is someone actively trying to attack our network? So we can drill down on the errors to try to figure out to get a better idea of what's going on. And if we do that, we can see that these error messages are caused by TLS handshakes and IO timeouts. And because we saw a large number of open connections, we can ask Splunk to tell us what does the distribution of these GRPC messages, message subjects, what does that look like? And in this very simple case, we can search all the GRPC messages, peer subjects, and group them by subject and count them. And when we do this, we see that one subject is responsible for the vast majority of these counts. So because of that, we might be inclined to think that this certificate is compromised or that something is misconfigured and should be investigated further. So now let me see if I can show what this looks like on a dashboard. Cool, so now I wanna show this on an actual dashboard. So this is what it looks like when you first start the app. You have all these different dashboards to choose from. And as a warning, this is a Splunk and Sins where the denial of service attack is currently happening. So we might see some weird results here. So if you click on the network architecture and channels tab, yeah, okay. So it's gonna love it slower than it would otherwise. I don't know if that's, let me close the keys. Okay, the demo guides always get us. Yeah, I know. All right, so that's fine for now. There are other screenshots that show this, but we can see the number of hosts, containers, peers on a network. This gets a very holistic view of what the network looks like. Okay, so actually this is that dashboard right now. Sorry about that. So it's a number of power hosts, Docker containers, which has a peers, catch UV instances running. She's a very holistic idea of what this network looks like. And then we can go to the infrastructure, health and monitoring tab. Here we can get some system metrics and some fabric metrics. So if we see these errors, we can drill down on them and so I was showing earlier and we can see what some of these error messages look like. And we see lots of IO timeouts and connections reset by peer. And we see transactions per second is not close to 10. And transaction latency is also significantly above 200 milliseconds. Okay, and then if you're trying to drill down a little bit more, if this were a security issue, what do some of these security threat indicators look like? You can go to the analysis service indicators and we see that the situation is just getting worse. Transaction latency is increasing even more. Transactions per second is now under one. And we're seeing a significant bend in the slope of these transactions count over time. And that your perceived connections is in the thousands. But we don't see any consensus manipulation indicators firing right now, just the analysis service ones. Okay, so finally, if we wanted to see what are the sources of all these transactions, we have the sources here and we can see that this user is responsible for most of these transactions and I'm sure if I drill down a little bit more recently, we would see that this is actually more than 90% of the transactions. So we would probably wanna look into this certificate, this user and see if that has been compromised or if this is expected behavior from here. Okay, so I think that is all I wanted to show you these dashboards right now, but people can feel free to ask further questions. And then for the last couple of slides here. So yeah, we showed how you can drill down on some of these errors, how you can get a holistic view of the infrastructure and then also the security dashboards to see these particular indicators, which ones are firing, but then what can you do from there further? So once you identify, should you do a little bit of triage to identify a little bit more narrowly where the issue might be, you can integrate this information with other tools like Splunk's APM or on-call to get your real-time observability metrics and then quickly dispatch alerts to staff whenever there is a service outage that they need to look at. Splunk Enterprise Security allows you to enrich and prioritize the different notables or security events that we're seeing based on risk. So those IO timeouts that we saw can be given away and whenever those happen or if some threshold of them happen that can be seen as more risky and we can act on that. And then finally, Splunk SOAR lets you automate parts of the incident response process. If you notice some certificate or some users seems to be compromised, then you can start taking automated actions to remediate that, such as changing firewall rules to prevent access. And for an example of who is using Splunk app for Hyperledger Fabric, we have this S&P as the case study with us and it's published on the Hyperledger website. And they're using that to make sure that their data is not, they want to use Hyperledger Fabric to make sure that their data is not being tampered with and then Splunk helps them get visibility as we're trying to build on top of that. And to have the confidence that's working correctly. Okay. And that's all I had for slides. You can go to splunkdlt.com if you want to learn more about all the different Splunk apps we have and integrations we have. And at this point, anyone has any questions? Please feel free to ask. Okay, everyone. And just as a reminder and I just put it into the chat as well, there's three different ways that you can use Splunk. There's three different ways that you can answer, ask your questions of Chris. You can raise your hand if you want to do a voice call. We'd love to hear from you and it's always great to, or even make a comment if you just have a comment or you're working on a project that you want to share some information with that you think is relevant to today's discussion, please go ahead and raise your hand and we'll unmute you. You can also ask any questions that you might have via the Q&A. So just click on the Q&A in the toolbar and go ahead and ask your question. And last but not least, feel free to use the chat as well if you want to make comments or ask any questions as well. So opening it up for any questions or comments that the audience might have today. Thank you, everyone, for sharing with my demo also. No, no, it was great. It was great. Chris, I have a question for you, specifically about the use cases, the use case that you mentioned, the case study that you mentioned, and maybe I don't know, Melanie, you're on the line as well and maybe you can address this. To talk a little bit about where S&P Global as their network, some of the benefits that they've seen in using Splunk. Sure, yeah. So yeah, potentially Melanie can answer this, we expand on this a little bit more, but essentially, data tampering is a very large threat that organizations face. And so that's a motivation for lots of organizations to want to use blockchains to help secure their data, especially when they're working with other organizations that they might not trust too much. So S&P, like other organizations, is interested in using blockchain for this data integrity problem. And essentially, it can be difficult because these are newer technologies to really understand what's going on. The tools aren't quite as mature as they are for regular software development stacks. And so it's very helpful for them to be able to easily have visibility into what's going on with their data to be able to see the logs and metrics for both the fabric network and the rest of their network and correlate between them. And then also to actually see the chain code events happening was also helpful. So basically, visibility and being able to understand what's actually going on with their network. But yeah, Melanie, from now, feel free to expand. Tristan did an amazing job. I think the only thing that I would add is probably the nature of the use case with S&P, which was multi-cloud and Splunk just being a partner of S&P for many decades now. And bigger than this particular use case, most of the infrastructure is automated with Splunk at S&P. The Arpillager use case that is being explored alongside with Splunk and S&P is interesting because of the complexity of the infrastructure and how Splunk easily provides a robust solution for everything monitoring and observability in that complex stack. Okay, great. And I posted the case study as well in the chat if anybody wants to go grab that during the session today. Excellent. I see a question, Chris, on the Q&A from Sinez around did you make any changes to the hyperledger fabric infrastructure or did you design the dashboards on the data? So this is pretty similar to the test network example in the hyperledger fabric docs, slightly modified. So for the chain code I'm running, there's an event that puts a message out or added X to this account. So that in the dashboard, we can see in the dashboard we can see those chain code event messages. So that's one change and not really too much more. A lot of this is just using or being able to grab the logs. So either through Splunk Kubernetes or some other connector and then hitting one of the peers endpoint, basically hitting the API on one of the peers and then fabric logger can grab chain code blocks, headers and events from there, but not too much. So the dashboards were mostly designed on the data generated from the example test network. And then in the GitHub page, you can see in the example, if you run that data being generated and put into the dashboards. So the answer is yes to both, but the dashboards are pretty accessible for if you end up changing your network further. Okay, great, thank you. So now as if you have any of the questions you can just add the additional comments onto the chat as well. Chris, I do have a question specifically, like as you think about, you know, critical KPIs that people are looking for and they should be monitoring, like what are the top things that you're seeing, your customers and the consortiums that they're putting together, wanting to monitor specifically? So, transactions for a second is probably always going to be the key one. It's very much, it gives you a good idea that something might be wrong, but obviously it doesn't quite tell you much about what might be wrong. So it's still good to know. Any hardware measurements, so like RAM or CPU utilization are also easy to collect. It can be very informative if nodes are starting to have trouble or going down. As well as connectivity, you wanna make sure that you're a network. There's no segmented parts of your network that would make it perform suboptimally. Those are the big ones. And then also, you certainly always wanna know if any of these services are spitting out errors. And those should probably propagate to errors. You shouldn't say, yeah, if one of your services is repeatedly erroring, you have IO timeouts, you're gonna wanna know that also. So being able to grab errors out of logs is also very important. Okay. And I do have another question around, obviously all these networks are consortiums, multiple companies. It seems like in order for it to get full support of the network that every participant would need to be on the app together or is that not the case? So, you get a lot more benefit if that is the case. You do get more visibility. But even without that, you have a lot of visibility into all the present network that you're able to see as a single participant. And then also again, yeah, with correlating between all of your organizations. Existing infrastructure, but yeah, certainly the benefit can be greatly increased if you can combine information from the different organizations. And have you seen that in production, sort of different companies working together, you know, basically sharing the analytics on the network? So I've seen companies working on that, yeah. Okay, great. Any other questions? I do have one additional question, but I just wanna, before I ask that one, if anybody has any questions, once again, just put into the chat or raise your hand and just make sure nobody has their hand raised to ask questions. So I will go ahead and ask mine. So obviously today's presentation was focused on Hyperledger Fabric as one of the supported DLT platforms. Can you talk us a little bit about what other Splunk support of other blockchains, either within the Hyperledger Foundation or outside of the Hyperledger Foundation as well? Sure, so within, so we have support for Bezu as well. So yeah, Hyperledger Fabric and Bezu support for Ethereum. So if you have any Ethereum and Corda, and you can see those on the Splunk DLT page, you can look at all of our existing integrations. But yeah, definitely those are the big ones. So in the Hyperledger community, primarily Hyperledger Fabric and Hyperledger Bezu as well, for those of you who are interested in this, or Bezu as well. For those of you on the phone who aren't familiar with Hyperledger Bezu, it is an Ethereum client. It's been in the Hyperledger Foundation since 2019 and provides the ability, it's a patchy licensed Java-based Ethereum client, provides the opportunity for people to do both permissioned and public networks as well. So I encourage you to take a look at that. Any other questions, doesn't seem so. Chris, if you were doing a side-by-side with potentially other providers in the marketplace, what would you say are some of the top things that Splunk offers that maybe others in the market might not have? Yeah, so touched on a few of the reasons already. But a major one is plenty of organizations are already using Splunk for other parts of their infrastructure monitoring or for their security monitoring. So you can get a lot of added value if you're going to be using Hyperledger Fabric, or you're thinking about using Hyperledger Fabric, now that you can easily integrate that with your existing infrastructure and security monitoring tools. And then also the other integrations with on-call or SOAR that I mentioned earlier also. Great, thank you. I don't see any other questions. I noticed somebody put a link to Unblock Splunk DLT. Can you tell us a little bit about what happens when we go to that link? Sure. So that's a public dashboard that all of you can go to and which shows what the view looks like for some of our different apps and the different use cases you might use them for, others monitoring and observability, infrastructure security, and then ledger analytics. All right, and yeah, it's pretty cool. Hey, do you want to show us that since- Sure. Because if people are on the video and they don't see the link, they can't see it. That'd be great. So when you go to Unblock, that's on DLT.com, so you'll see. Shows the different use cases and shows what the view of a dashboard would look like grabbing data from. So in this example, yeah, we're grabbing data from different organizations or monitoring the health of a consortium. In this one, we're trying to, I'm not too familiar with this one, but we're trying to detect any fraud happening on the network here. And then you can drill down and do even more rich ledger analytics also. So for examples in Ethereum, Quota, Fabric, yeah. Great, okay. So Chris, I think since we don't have any more questions, I'll go ahead and wrap this up. If anybody has questions for you specifically, Chris, how do they go about getting in touch with you? Yeah, it's probably easiest to, again, touch me over LinkedIn. So people can find you on LinkedIn. And obviously if people have questions specific to the Splunk offerings, they can contact Splunk directly. Chris, I wanna thank you for today's session and for the demo. And once again, this session was recorded, so we will provide the presentation via our webinar library and everyone can download the deck as well. So we really thank you for your time. As Chris mentioned, we did recently publish a case study that Splunk was kind to work with us on with S&P Global. So highly recommend downloading that. And you can just go to hyperledger.org, learn case studies. So pull learn from the top navigation bar and then go to case studies and you can download that full case study that is available there. So once again, thank you to the Splunk team for working with the Hyperledger Foundation team and the S&P Global to get that story out. It's been great to see. So once again, I want to just let everybody know this is the last of this year's Hyperledger in-depth member webinars. But we are starting to schedule webinars for 2022 and unbelievably we're ready with almost there. And the first ones that we're gonna be doing are actually some project workshops. These are gonna be a four hour workshop series for Hyperledger Ares and Hyperledger Indy. So for those of you who are interested in learning more and getting hands on with both of those projects, Hyperledger Indy is our DLT framework that is focused on digital identity and self-sovereign identity and Hyperledger Ares is a library also focused on SSI and digital identity work. So please visit our wiki at the top of the wiki page. You can actually go and register for those events. Registration is filling up pretty quickly. There's limited seats. So if you're interested, please make sure to sign up now. So once again, we'll see everybody in 2022. Just as a reminder, we have some great content from our Global Forum this year and you can go ahead and go to our YouTube library and watch many great sessions that were conducted in June with our community. We are an open community as I mentioned. So please do get involved for those of you who are new to our community. Go ahead and take a screenshot screen of that QRC code and you'll have a lot of resources there on how to get involved. And last but not least, thank you for watching today. We have a lot of great videos available in our YouTube library. So please do subscribe to that library to get all the up-to-date community and member webinars that we have available. So Chris, once again, thank you for joining us today and for conducting this webinar. Thank you all to the attendees and we will see you in 2022. Happy holidays to all and see you soon. Thank you. Thank you.