Connecting Different Pipes: Ingesting ElasticSearch Data in Splunk

One of the more surprising realizations as we've started Cribl and started working with customers across all kinds of industry verticals is that nearly 100% of our customers and prospects are using multiple tools to solve their log analysis needs. Security alone can have 3 or more consumers of their log data. However, every log … Continue reading Connecting Different Pipes: Ingesting ElasticSearch Data in Splunk

Introducing Cribl LogStream v1.2

Pleased to introduce our v1.2 release focused on expanding ingestion and delivery capabilities. It continues our promise to deliver added intelligence and control over your data in real-time by adding support for new sources and destinations, Windows deployments, new functions including machine learning powered timestamp recognition, and faster lookups. New Sources Apache Kafka This version adds support for picking up data … Continue reading Introducing Cribl LogStream v1.2

Using Cribl to Detect Data Exfil Over DNS Logs in Real-Time

The recent massive data breach at Marriot's newly minted SPG (Simply Phucked Guests) program got me thinking about various data exfiltration techniques, including over DNS. Probably not related to this breach, but it was a completely random thought and I realized that Cribl can help security practitioners and threat hunters here. As you may know, data … Continue reading Using Cribl to Detect Data Exfil Over DNS Logs in Real-Time