Pleased to introduce our v1.2 release focused on expanding ingestion and delivery capabilities. It continues our promise to deliver added intelligence and control over your data in real-time by adding support for new sources and destinations, Windows deployments, new functions including machine learning powered timestamp recognition, and faster lookups. New Sources Apache Kafka This version adds support for picking up data … Continue reading Introducing Cribl LogStream v1.2 →

The recent massive data breach at Marriot's newly minted SPG (Simply Phucked Guests) program got me thinking about various data exfiltration techniques, including over DNS. Probably not related to this breach, but it was a completely random thought and I realized that Cribl can help security practitioners and threat hunters here. As you may know, data … Continue reading Using Cribl to Detect Data Exfil Over DNS Logs in Real-Time →

One constant in log use cases is that you can't plan for what you're going to find at customers. Whether it's multiple levels of encapsulation, like JSON-in-XML-in-Pipe-Separated (yes we've seen this), a need to radically transform the structure of events in a way we haven't seen, or a need to reach out to an external … Continue reading Extending Cribl: Building Custom Functions →

Organizations with AWS footprint have many options to get data in to their log and event management platforms. So did we. Up until recently we were using a pull based solution supplied from one of our vendors. Data collection worked, until it didn't and we were starting to run into problems: We had to operate … Continue reading Serverless data forwarding to Cribl for AWS Services →

We're pleased to unveil our v1.1 release with several new capabilities and a host of new features This version of Cribl LogStream continues our promise to deliver unique intelligence, control and compliance over your logs and metrics data in real-time. It puts the admins in control and gives users the right data, with the right context, delivered to the … Continue reading Introducing Cribl LogStream v1.1 →

A very popular use-cases for Cribl is routing of data to the best possible store. Given the types, costs and complexity of managing data at scale, there is no single store which is appropriate for all. Some events belong in a real-time system, some others may need to be routed to a batch analytics store, and yet another … Continue reading Routing Full Fidelity and Sampling Data with Cribl →

We're delighted to officially announce today the general availability of Cribl LogStream! Cribl LogStream delivers unique intelligence, control and compliance over your logs and metrics data in real-time. It puts the admins in control and gives users the right data, with the right context, delivered to the right systems to enable operations, security and analytics … Continue reading Introducing Cribl LogStream →