As an engineer, you know your company’s problems, and you know what to do about them. However, being heard within your organization and funding a project can be challenging. Top executives might not understand your job’s ins and outs of the tools you need to do it well. Still, you need people holding the purse strings to understand why investing in your idea is brilliant.
“Hasn’t everyone already migrated to the cloud?” is a question you might be considering now. For many businesses – sure, they’ve migrated workloads and operations to the major cloud providers like Amazon Web Service, Google Cloud Platform, and Microsoft Azure. Still, many businesses have just now worked through their due diligence and scalability concerns. While many businesses are “fully cloud,” there are just as many yet to migrate.
Understanding the expected behavior of the Splunk Load Balanced (Splunk LB) Destination when Splunk indexers are blocking involves complex logic. While existing documentation provides details into how the load-balancing algorithm works, this blog post dives into how a Splunk LB Destination sends events downstream and explains the intricacies of blocking vs. queuing when multiple targets (i.e., indexers) are involved.
While tuning isn’t strictly required, Cribl Support frequently encounters users who are having trouble getting data into Stream from Splunk forwarders. More often than not, this is a performance issue that results in the forwarders getting blocked by Stream. When they encounter this situation, customers often ask: How do I get data into Stream from my Splunk forwarders as efficiently as possible? The answer is proper tuning!
Cribl Stream is awesome at routing your server logs and making your job easier, but could it help you outside of work and potentially make your personal life easier? The short answer is: Yes. I’ve personally used Stream to build a notification system to inform me when certain products go on sale or when fully booked appointments become available. In this blog, I’m going to take this a step further and show you how to.
In this conversation, Cribl’s Carley Rosato talks to Aflac’s Shawn Cannon about his role as a Threat Management Consultant, and how he manages their SIEM environment, brings in new data as needed, and works to improve the ingestion process. Our customers are always coming up with new and exciting ways to implement Cribl tools — importing a 34 million-row CSV file into Redis and enriching events in Splunk might be one of the most impressive we’ve seen so far.
Google Workspace is a robust set of productivity applications with billions of users and millions of paying organizations. These include small mom-and-pop shops and the largest enterprises. Google provides the Google Reports API, “a RESTful API you can use to access information about the Google Workspace activities of your users.” This data is critical for establishing a solid security posture.
In the US, a recurring news topic is the state of the federal budget – and if we’ll get one signed. Government budgets have hundreds of thousands of line items; each bickered over to gain or lose political capital with one group or another. However, most government budgets aren’t up for debate. Only about 30% of the US federal budget is discretionary or flexible. Nearly two-thirds, or 63%, is mandatory spending required due to prior commitments.
Data is growing, and we are being asked to search larger and larger amounts of data. This puts larger and larger demands on Search resources. Reading all the data to find matching events is muscling through the data. Wouldn’t it be more efficient to be able to do filtering before reading the data? Cribl Search does precisely that by leveraging Parquet Pushdowns.
