Engineering Deep Dive: Streaming Aggregations Part 2 – Memory Optimization

With Aggregations in Cribl LogStream 1.6, you can send your logs directly to Cribl and shape, extract, filter, drop, and now, aggregate!  This new, powerful capability allows users to easily transform logs into metrics while running real-time, tumbling window aggregate functions on them. If you missed Part 1 on aggregation time bucketing, feel free to … Continue reading Engineering Deep Dive: Streaming Aggregations Part 2 – Memory Optimization

Engineering Deep Dive: Streaming Aggregations Part 1 – Time Bucketing

With Aggregations in Cribl LogStream 1.6, you can send your logs directly to Cribl and shape, extract, filter, drop, and now, aggregate!  This new, powerful capability allows users to easily transform logs into metrics while running real-time, tumbling window aggregate functions on them. In this post I would like to share various engineering problems/challenges we … Continue reading Engineering Deep Dive: Streaming Aggregations Part 1 – Time Bucketing

Cribl LogStream 1.6: Logs to Metrics (Prometheus, Statsd, Graphite, Splunk Metrics)

Very early on in my career, I worked for AT&T Wireless, before it became Cingular and then AT&T Wireless again. As a young engineer, I remember running across various technical situations I couldn't explain. Why can't we connect this network to that one if there is a legitimate business need? Why must we always allocate … Continue reading Cribl LogStream 1.6: Logs to Metrics (Prometheus, Statsd, Graphite, Splunk Metrics)

Getting Smart and Practical With Dynamic Sampling

In the past we've written multiple posts about how Cribl helps you maintain visibility in high-volume/low-value scenarios without having to egregiously scale your analytics infrastructure. This problem usually stems from the fact that machine data emitted by your infrastructure is not all created equal. Some events are way less valuable than others but yet they consume … Continue reading Getting Smart and Practical With Dynamic Sampling

Streaming Data Deduplication with Cribl

The Problem It's not uncommon for machine data systems to send and receive duplicate or repeated events. This could be due to a variety of reasons, for example; Misconfiguration (a.k.a layer-8 problems) on the source, intermediary or aggregation systems may cause duplicate data to be sent out. Bugs or software defects may cause a data source to occasionally … Continue reading Streaming Data Deduplication with Cribl