Encrypting sensitive information in real-time with Cribl

If your machine data does¬†not¬†contain sensitive information, you don't really need to read this - you got it all figured out. Just top here and go back to surfing the interwebs or...maybe you want to check again?! ūüôā If you're still reading, you know that while your machine data is vital for your operations/security analytics, … Continue reading Encrypting sensitive information in real-time with Cribl

Announcing Cribl LogStream 1.3: Tap Those Pipes

If you've ever worked with a log analysis system before, data on-boarding is one of the most painful parts. Every system expects the data to look a little different, and getting that right generally involves a ton of trial and error. Make a configuration change, restart the cluster, try again. Send the data to a … Continue reading Announcing Cribl LogStream 1.3: Tap Those Pipes

Introducing Cribl LogStream v1.2

Pleased to introduce our v1.2 release¬†focused on expanding ingestion and delivery capabilities. It¬†continues our promise to deliver added intelligence and control over your data in real-time by adding¬†support for new sources and destinations,¬†Windows deployments, new¬†functions including machine learning powered timestamp recognition, and¬†faster lookups. New Sources Apache Kafka This version adds support for picking up data … Continue reading Introducing Cribl LogStream v1.2

Using Cribl to Detect Data Exfil Over DNS Logs in Real-Time

The recent massive data breach at Marriot's newly minted¬†SPG (Simply Phucked Guests) program got me thinking about various data exfiltration techniques, including over DNS. Probably not related to this breach, but it was a completely random thought and I realized that Cribl can help security practitioners and threat hunters here. As you may know, data … Continue reading Using Cribl to Detect Data Exfil Over DNS Logs in Real-Time

Serverless data forwarding to Cribl for AWS Services

Organizations with AWS footprint have many options to get data in to their log and event management platforms. So did we. Up until recently we were using a pull based solution supplied from one of our vendors. Data collection worked, until it didn't and we were starting to run into problems: We had to operate … Continue reading Serverless data forwarding to Cribl for AWS Services

Introducing Cribl LogStream v1.1

We're pleased to unveil our v1.1 release¬†with¬†several new capabilities and a host of new features This version of¬†Cribl LogStream¬†continues our promise to deliver unique intelligence, control and compliance over your logs and metrics data in real-time. It puts the admins in control and gives users the right data, with the right context, delivered to the … Continue reading Introducing Cribl LogStream v1.1

Routing Full Fidelity and Sampling Data with Cribl

A very popular use-cases for Cribl¬†is routing of data to the¬†best possible store. Given the types, costs and complexity of managing data at scale, there is no single store which is appropriate for all.¬†Some events belong in a real-time system, some others may need to be routed to a batch analytics store, and yet another … Continue reading Routing Full Fidelity and Sampling Data with Cribl