Operations | Monitoring | ITSM | DevOps | Cloud

February 2024

Cribl

Is Waiting for the Thaw Unbear-able?

Feb 29, 2024 By Perry Correll In Cribl
It’s not new news that organizations are producing more data than ever. But, in order to take advantage of this data, it needs to be collected, stored, retained, and then, at some point, analyzed. Most analysis tools also act as the retention point for this data. While this may (at first) appear to be the best option for performance, it quickly creates significant problems. First, those systems were never designed for the scale of today’s growing volume of data, currently at a 28% CAGR.
Read Post
Cribl

Cribl Search and Common Schema: Faster, More Accurate Detections

Feb 27, 2024 By Igor Gifrin In Cribl
Are you drowning in data from disparate sources? Are you struggling to analyze it efficiently, sift through different formats, and catch crucial signals? You’re not alone. Cribl Search and Cribl Stream is a powerful combo that lets you unlock insights from vast data volumes – regardless of their source or format. Say goodbye to siloed searches and hello to holistic analysis.
Read Post
Cribl

Data Here, Data There, Data Everywhere: the Benefits of Routing Data With Cribl

Feb 26, 2024 By Yasmin Hovakeemian In Cribl
As an organization, you likely have many choices on where to store, analyze, and correlate your data. Those choices may change or iterate over time, so having an easy way to route data is needed. Enter Cribl Stream, which can route your data where it needs to go and save some effort, time, and money. It can help with organizational-wide initiatives like migrations and consolidations but can also help with smaller-scale initiatives and your day-to-day tasks of simply getting data in.
Read Post
Cribl

How Cribl Stream Can Enhance Digital Operational Resilience Under DORA within Financial Services

Feb 23, 2024 By Danny Adamson In Cribl
In the swiftly changing digital realm of the finance and insurance sectors, sustaining operational resilience while complying with rigorous regulatory mandates is paramount. The Digital Operational Resilience Act (DORA) marks a significant regulatory milestone designed to ensure entities within the financial services sector are equipped to withstand, respond to, and recover from all types of ICT (Information and Communication Technology) related disruptions and threats.
Read Post
Cribl

Capturing Security and Observability Data From Oracle Cloud

Feb 22, 2024 By Ahmed Kira In Cribl
A couple of years ago, I wrote another blog on how Oracle Cloud Infrastructure (OCI) Object Storage can be used as a data lake since it has an Amazon S3-compliant API. Since then, I’ve also fielded several requests to capture logs from OCI Services and send them through Cribl Stream for optimization and routing to multiple destinations. There are two primary methods to achieve this.
Read Post
Cribl

Enhancing Log Analytics in Loki with Cribl Stream

Feb 20, 2024 By Kevin Morris In Cribl
First, when I mention Loki, I’m not talking about one of my favorite TV shows to binge-watch or the lead character played by Tom Hiddleston, who has arguably become one of my favorite characters in the Marvel universe. I’m talking about the Loki, which is a highly available, cost-effective log aggregation system that was inspired by Prometheus. While Prometheus is focused on metrics, Loki is focused on collection of logs.
Read Post
Cribl

Thou Shall Pass! Troubleshooting Common Amazon S3 Errors in Cribl Stream

Feb 19, 2024 By Yasmin Hovakeemian In Cribl
Data lakes are everywhere! With data volumes increasing, cost-effective storage is becoming a greater need. With Cribl Stream, you can route data to an Amazon S3 data lake and replay or search that data at rest. But nothing is more frustrating than something not working and those blasted error logs that pop up. In this blog, some common errors for your S3 sources or destinations are highlighted, and some potential root causes and solutions are highlighted.
Read Post
Cribl

Greater Control Over Windows Events for Qradar: Why Windows Events Matter

Feb 15, 2024 By Justin Hamblin In Cribl
Windows events provide a wealth of security-relevant information, especially when they are correlated and analyzed within a SIEM like IBM Qradar. Whether you rely on MITRE ATT&CK, NIST, or another security framework, Windows Events are likely one of your higher volumes (EPS – Events Per Second) and represent your largest-sized events (Gigs per day – Storage and Archive).
Read Post
Cribl

Get Swept Off Your Feet by Cribl Stream 4.5: Converting Dimensional Metrics to the OpenTelemetry Protocol Format with the OTLP Metrics Function

Feb 14, 2024 By Desi Gavis-Hughson In Cribl
In the dynamic world of observability and analytics, everyone’s looking for smarter, more efficient, and interoperable ways to handle their data. That’s where Cribl steps in, bringing you an exciting update to our product lineup. We’re thrilled to introduce the OTLP Metrics Function to Cribl Stream 4.5! This Function converts metrics into the OpenTelemetry Protocol (OTLP) format with ease!
Read Post
Cribl

Don't Slow Your Roll: Controlling Your Qradar Data Flow

Feb 13, 2024 By Justin Hamblin In Cribl
IBM Qradar is a Security Incident and Event Manager (SIEM) trusted by many organizations to provide threat detection, threat hunting, and alerting capabilities. Qradar SIEM is often integrated with complementary IBM tools or enhanced with extensions to meet the needs of organizations that wish to mitigate their risks.
Read Post
Cribl

Aggregate Data in Cribl Stream to Optimize Your SIEM Data and Its Performance

Feb 12, 2024 By George Merhej In Cribl
Cribl Stream offers different ways to optimize data, such as: In this blog, I will focus on the Aggregation use case using the Aggregations function and how you can practically use the Aggregations function to format the output in different ways.
Read Post
Cribl

Better Practices for Connecting Cribl Stream to Many Splunk Indexers

Feb 8, 2024 By Raanan Dagan In Cribl
Cribl Stream and Cribl Edge can send data to Splunk in several different ways. In this blog post, we’ll focus on the common scenario where you want to connect Cribl Stream’s Splunk Load Balanced Destination to many Splunk Indexers at once. (We’ll talk about Cribl Stream, but what we say applies to Cribl Edge, too.) Cribl Destinations settings default to reasonable values. Sometimes Cribl Support recommends changing those values for better results in a given situation.
Read Post
Cribl

Taming Tetragon With Cribl.Cloud

Feb 6, 2024 By Josh Biggley In Cribl
Did you know you can deploy Tetragon and parse high-volume logs with Cribl Edge? It’s true! Tetragon integrates seamlessly with Cribl Edge. This combination enhances monitoring capabilities in Linux environments. Have your cake and eat it, too. With a combined Cribl and Isovalent solution, you can deliver deep insights into your workloads, optimizing for your specific operational requirements with zero loss of data fidelity.
Read Post
Cribl

Monitoring Cribl Stream with Elasticsearch

Feb 5, 2024 By Robbert Hink In Cribl
Are you managing a Cribl environment? We love that for you; you’re at the forefront of complex data orchestration. As the steward of this dynamic data ecosystem, you have to manage and optimize the flow of information from diverse sources. As data volumes grow, the struggle gets even more real. No worries, though. You’ve got Cribl Stream. Monitoring Stream is critical.
Read Post
Cribl

Let's Put on a Show With Cribl's Search Sandbox!

Feb 1, 2024 By Harsha Goolya In Cribl
Remember when you were a kid and your school put on a production of the latest grade school drama? Maybe you didn’t get the lead role, but it was fun to put on (or watch) the show. Search Sandboxes are just like that! Except you get to be the stage manager when searching data. And Search Sandboxes offer you everything you need to make it an all-star performance.
Read Post

Delivering Value with a Flat Budget

Feb 1, 2024 By Cribl In Cribl
Join us for an important conversation with Cribl's Ed Bailey and Jackie McGuire, as we navigate the intricate balance of maximizing organizational value with a constrained budget. In today's challenging economic climate, where maintaining operations often means minimal to no additional spending, adaptive strategies become crucial. This is more than just a best-case scenario; it's a necessary approach for business resilience. Ed and Jackie will share innovative ideas and strategies to help leaders skillfully manage tight budgets while delivering significant value to their organizations.
View Video

Copyright © 2024 OpsMatters™. All rights reserved.