The Core Splunk platform is rightfully recognized as having sparked the log analytics revolution when viewed through the lenses of ingest, search speed, scale, and usability. Their original approach leveraged a MapReduce approach, and it still stores the ingested data on disk in a collection of flat files organized as “buckets.” These immutable buckets are not human-readable and largely consist of the original raw data, indexes (.tsidx files), and a bit of metadata.

Consumers expect their personal information to be safe in your hands as they use your apps, services, and stores. Even in-person retailers collect customer data for loyalty programs, shopping history, and more. In addition, regulators and auditors — and while we’re at it, let’s add investors, board members, and partners to the list of people who expect all customer data to be secure at all times.

In the last five years, Cribl has gone from 3 employees to more than 400 employees — it’s been an incredible, crazy, difficult, tiring, fucking awesome ride. It’s also been an emotional roller coaster with all the ups and downs, but despite all the challenges, things have been trending upwards.

Although we’ve encouraged employees to take plenty of time off this summer to relax, recharge, and enjoy time with family, Cribl certainly hasn’t been on a summer holiday as a company. After the big announcement in late May with Cribl Search and our Series D funding round, we moved right into the announcement of Cribl Stream 3.5, Cribl Edge 3.5, massive upgrades to Cribl.Cloud, and the launch of our Cribl Certified Observability Program.

CrowdStrike is a class-leading endpoint monitoring solution. It collects a wealth of activity data from each managed endpoint that can be fairly voluminous. This includes network connectivity, DNS request, process activity, health checks, and the list goes on. In fact, there are over 400 event types reported by CrowdStrike! These events are a gold mine for threat hunters and blue teams looking for unusual or malicious activity. It can be extremely costly to place all this data in a SIEM.

We announced Cribl Search in May, and customer reaction has been incredibly positive. We’ve heard for some time that organizations have data everywhere. They have data in their observability lakes, analytics tools, object stores, and at the edge. The big challenge facing enterprises is that existing search models require you to take all of this data that you don’t know is valuable or not, move it into one place, and then make decisions about whether this is valuable?

One of the things about Silicon Valley culture is the obsession around the technology that gets created and the idea of the engineer as the hero of the story. You see the same kind of thing with other professions — like with finance executives in New York, celebrities in Hollywood, or firefighters and police officers in different areas across the US.

Cribl Stream has supported external Lightweight Directory Access Protocol (LDAP) authentication since version 2.0 was released in late 2019. LDAP directories offer many features, and it’s up to clients to implement them for compatibility. Here is a non-exhaustive list of LDAP features that Cribl Stream does not support: This blog post explores how Cribl Stream implements LDAP for user authentication and assumes you have a working knowledge of the topic.

A few weeks ago, I did a live Cribl Edge demo for the Cribl Community, and I wanted to explain more about the importance of Cribl Edge for IT admins. Managing traditional log shipping agents is very time-consuming and brittle. Just the act of a once-a-year upgrade can require the help of a kind god! Admins need help to make this vital workflow easier and faster so they can focus time on delivering value to the business.

Building Packs is good. Sharing Packs is better! The Cribl Pack Dispensary is the go-to place to find, install and share Cribl Packs. What are Packs? A Cribl Pack is a collection of pre-built routes, pipelines, data samples, and knowledge objects. Packs enable sharing of best-practice configurations that route, shape, reduce and enrich the log source, Palo Alto Networks logs for example. And it’s the quickest, easiest way to get started with Stream and Edge supports Packs too.