Routing Full Fidelity and Sampling Data with Cribl

A very popular use-cases for Cribl is routing of data to the best possible store. Given the types, costs and complexity of managing data at scale, there is no single store which is appropriate for all. Some events belong in a real-time system, some others may need to be routed to a batch analytics store, and yet another … Continue reading Routing Full Fidelity and Sampling Data with Cribl

Introducing Cribl LogStream

We're delighted to officially announce today the general availability of Cribl LogStream! Cribl LogStream delivers unique intelligence, control and compliance over your logs and metrics data in real-time. It puts the admins in control and gives users the right data, with the right context, delivered to the right systems to enable operations, security and analytics … Continue reading Introducing Cribl LogStream

Enriching Data in Motion with Ingest-Time Lookups

Adding context with lookups is an awesome way to enrich your operational data. Whether you're running simple searches or reporting on your events the more information they carry, the greater their utility. For example, if proxy or firewall logs indicate that an internal host is communicating with an external address that is known to be compromised, … Continue reading Enriching Data in Motion with Ingest-Time Lookups

Anonymizing Data with Cribl

One of the key problems with creating a centralized repository of logs is it also creates a single place where attackers can get to sensitive information. Whether that's implementation details like network traffic or sensitive information like usernames, API keys or social security numbers. A common requirement, especially in the context of regulations like GDPR, is to minimize … Continue reading Anonymizing Data with Cribl

Sampling for Added Visibility and Efficiency

The need for operational & performance visibility grows at least linearly with your infrastucutre sprawl; The more data your VMs, containers, APIs, apps, services, users, etc. emit, the greater the impact on the performance and the user experience of the analysis system. In theory this problem is easy to solve; simply scale the analysis system … Continue reading Sampling for Added Visibility and Efficiency

Cribl Beta Release

We're extremely excited to announce the availability of Cribl Beta! As mentioned in the other post, Cribl gives full access to the data in motion to lookup, enrich, redact, encrypt, transform, or sample data before indexing. This Beta release is focused on a tight integration with Splunk. It allows for net new, and previously prohibitive use cases; … Continue reading Cribl Beta Release

Analyzing AWS Fargate

AWS Fargate is an interesting service in that it allows you to run containers without having to think (much) about cluster management, task scheduling, instance provisioning etc. It transforms the application deployment process into one where the application is packaged into a container and resources (CPU, RAM, Networking, access policies etc) are defined as part … Continue reading Analyzing AWS Fargate