Recently, we launched a new Sandbox focused on handling syslog at scale with Cribl. The marketing messaging behind the Sandbox has been done a couple times already; therefore I wanted to let y’all see what we as Cribl Technical Marketing Engineers(TMEs) actually do in our daily lives. I’ll try to keep it engaging, with tales of danger and subterfuge, but I can only take so much artistic license. What’s in a Sandbox and how the Sandbox platform functions (i.e.

Cribl’s internal metrics are very handy for seeing what Cribl is doing. And while there are many data points related to input vs output volumes, sometimes you need more control over what you’re tracking. This pack allows you to route arbitrarily defined traffic through a stats tracker to capture changes in event count and volume. Perhaps you are onboarding a new host, or trialing a new Pipeline.

Our previous post was all about dipping your toes into the wonderful world of API interaction. By leveraging Cribl’s API you can automate many parts of your event pipeline management and tasks. So we got that goin’ for us. Which is nice. One of the common use cases for the API I hear about is kicking off data collection automatically. Use cases include: Cribl gives you the tools to collect data when you want, from where you want, and to where you want.

Let’s be honest, working with Kubernetes (K8s) has never been the easiest tech to work with. As a seasoned Kubernetes professional, I find myself constantly looking for ways to set up collecting data from my clusters, only to find out that there is a new, more complicated way to get the data I’m looking for.

In this livestream, I talked to Ryan Saunders – Manager of Security Operations at SpyCloud, about how he used the Cribl Reference Architecture to build a scalable deployment. He explained how this approach enabled SpyCloud to grow alongside its evolving needs without requiring significant rework. The reference architecture also facilitated a repeatable data-onboarding process, reducing administrative time and allowing the team to focus on critical security and data analysis tasks.

In an era where cybersecurity threats are not just frequent but increasingly sophisticated (and becoming more costly), the need for robust defense mechanisms has never been more critical. Security Information and Event Management (SIEM) emerges as a cornerstone in this complex data environment. It’s not just another tool in your cybersecurity toolkit; it’s a solution designed to elevate your organization’s security posture.

In this Livestream conversation, I spoke with John Alves from CyberOne Security about the struggles teams face in modernizing a SIEM, controlling costs, and extracting optimal value from their systems. We delve into the issues around single system-of-analysis solutions that attempt to solve detection and analytics use cases within the same tool.

In an era where industry standards are as dynamic as the data they govern, Cribl’s core value of putting ‘Customers First, Always’ drives us to stay ahead of the curve. It’s with immense pride and excitement that we announce our strategic partnership with Elastic. This alliance isn’t just a meeting of minds; it’s a bold stride towards a future where flexibility in data management isn’t just a luxury – it’s the standard.

Wow, can you believe it’s been a year since we announced Cribl Search and redefined the search process for observability and security data? Even though the product is just wrapping up its first year, Cribl Search has achieved unrivaled growth in both user adoption and expansion of product capabilities. Why?

Datadog is a monitoring and analytics tool for information technology (IT) and DevOps teams that can be used to determine performance metrics as well as event monitoring for infrastructure and cloud services. The software can monitor services such as servers, databases, tools, and applications. Cribl Stream makes it easy to move data from anywhere, to anywhere. We take the saying to heart, and we also allow you to send our Cribl application metrics anywhere.

This blog demonstrates how to create “inputs” to Cribl Search dashboards. An Input is a control widget that we can add to our Dashboards to control how they execute. They allow the user to supply a range of inputs to customize one or many of the Searches in each of the panels on a given dashboard. Currently, there are four types of inputs: a time picker, a dropdown, a string, and a number. This blog shows how to create all four types of Inputs on a dashboard using built-in sample data.

Empty spaces, what are we searching for? Abandon queries, but do you know the score? On and on, Does anybody know what we are looking for? … Inspired by “The Show Must Go On”, Queen. Since we launched Cribl Search back in late 2022, we’ve been hard at work on adding features and functionality that continue to empower data engineers to do more with their data without needing to collect it first.

At Cribl, we give the people what they want. And what they want is to keep their data close to their sources and destinations. The less data has to travel, the better — lower latency and fewer security risks. This commitment to data locality is even more pronounced among our valued customers in the EMEA region, who are enthusiastically embracing cloud-first strategies.

Terry Mulligan, is a Splunk consultant with Discovered Intelligence (and Notre Dame’s biggest fan)— a data intelligence services and solutions provider that specializes in data observability and security platforms. He shares what Cribl has brought to the table for his organization and his clients, and how it’s changed their processes and the role of the Splunk data engineer.

In this conversation, Sanjay Shrestha, Principal Detection Engineer at Bayer, and Raanan Dagan, Principal Sales Engineer from Cribl, talk about the integration of Git in Cribl Stream. They discuss how to manage configuration files and pipelines as code, simplifying their deployment. They also share a demo and give best practices for optimizing your GitOps workflow. In the 10+ years that Bayer has worked with Splunk, they’ve gone from processing just 80 GB/day to more than 13 TB/day.

We continue our exploration of the fascinating world of Kubernetes, logs, and metrics. In our previous installment, we delved into the intricate tale of Cribl Edge and its role in unraveling the mysteries of logging and metrics in Kubernetes environments with the Cribl Edge native sources for Kubernetes Metrics and Logs. Today, we’re picking up where we left off, shining a spotlight on a new and powerful tool that has the potential to demystify this complex ecosystem further.

When Cribl Stream becomes the center of your data universe, your individual settings, routes, pipelines, and packs become a critical aspect of your work. What happens if you lose access to the UI? If you are on a licensed version of Cribl Stream backing up the work that you are in Sources, Destinations, Routes, Pipelines, and Packs would be done easily using the GitOps remote repo.