After our recent company-wide offsite in New Orleans, the Cribl employees are feeling like they’ve leveled up in more ways than one. Not only did we indulge in delicious beignets and king cakes, but we also came back motivated to create some kick-ass new product features with our 4.1 release. It’s like we soaked up all the good vibes and brought them back with us. Our teams are now spicier than Cajun Fries (sorry for disappointing you, Cajun crawfish boil fans, I am a vegetarian!) and ready to innovate like a squirrel with a jetpack. Staying with the food theme here, let me present you with the special menu for our 4-course set meal for celebrating our launch today.

What’s on the St(r)eaming Platter:

OTel Enhancements

OTel protocols are designed to be vendor-neutral, allowing for greater flexibility when selecting and integrating observability tools. With Cribl, customers achieve greater choice and control when sending o11y data, including OTEL data, to the right destinations, such as Splunk O11y cloud, Sumo Logic, HoneyComb, Dynatrace, AppDynamics, etc., with the newly supported OTLP-HTTP protocol.

New Data Lake>Amazon S3 Destination for Stream

Time-to-insights and cost-to-insights with existing analytics methodologies are prolonged and unaffordable. Customers have to compromise on search/analysis quality to balance cost. With Data Lake>Amazon S3 as a new destination in Cribl Stream, customers can easily send a copy or fraction of their data into this new optimized-for-Cribl-Search S3 destination. This offers reduced time-to-insights, allowing customers to search Cribl’ed data with minimal effort vs. existing analytics methods.

Expanded Access Control Options

Customers have the flexibility to use a SAML 2.0-supported Identity Provider of choice, such as Okta, Azure AD, Ping Identity, Shibboleth, etc., to log into Cribl Enterprise on-premises.

Enhancements to Windows Event Forwarder(WEF) Collector

A single management point for all Windows O11y needs across Windows Server environment and Windows endpoints with Cribl Stream WEF (with the newly added Kerberos authentication support in 4.1 as a bonus!) helps streamline processes and saves time and money.

Persistent Queuing Enhancements:

Finally, everyone’s favorite Persistent Queuing feature – ensuring that data is never lost, even during temporary disruptions or outages in downstream systems – is getting an upgrade. In 4.1, we have added throttles to ensure the destination is not overwhelmed by the data once it is able to receive data.

Experience the (W)Edge Salad

Expanded Container Support

Existing tools for container observability offer no centralized management, are unreliable for log collection and have poor data processing capabilities. With Cribl Edge 4.1, enjoy enhanced monitoring, troubleshooting, and analyzing for valuable insights into performance and resource utilization of stand-alone and Kubernetes container environments irrespective of Docker or containerd runtimes (we support stand-alone containerd environments in Cribl Edge 4.1 now).

New Journal Source

No ad-hoc workarounds to collect Linux journal data anymore. Seamlessly collect and analyze logs from a wide range of modern Linux machines such as Red Hat, Fedora, Ubuntu, Debian, Arch Linux, and others with a new native source for journal files. Lets customers explore systemd log files on any host directly via Edge through Cribl Search

(W)indows Enhancements

Frees up time to observe Windows environments and less time managing agents with a standardized MSI installer that makes deployments and maintenance a cakewalk with Microsoft tools such as Microsoft Intune Configuration Manager.

Enhanced Monitoring

Increased visibility into Edge nodes data collection to help optimize deployment, identify potential issues, and improve the overall performance of infrastructure.

Search and Devour: Time-to-insights and Cost-to-insights Experience Like Never Before

Query Target Expansion

Now search more datasets, in more formats closer to where your data is. Cribl Search 4.1 allows customers to search and summarize complex reports from AWS and other SaaS providers with data stored in Parquet format. Also, search and explore systemd log files on any host directly via Cribl Edge. Finally, we have also added the ability to directly explore and analyze cold/archived data without the need to re-ingest into Splunk enabling customers to observe more and spend less.

Search-Then-Forward

A continual request was for better integration between our flagship product Cribl Stream and Cribl Search. This 4.1 release added a Cribl Search-friendly S3 Destination in Stream. A Data Lake>Amazon S3 destination now optimized for Cribl Search appears as a destination in Stream. Using the send operator in Search, customers can send targeted results back to Stream and eventually to their destination of choice. With this functionality, the customer can perform a limited investigation in their analytics solution, and also isolate potential threat actors.

Enhanced User Experience

Easily perform queries with an intuitive Operator Preview, and enhanced results shaping – allowing for a superior user experience with Cribl Search.

Look out this space for a link to a detailed blog on Cribl Search enhancements (Please note: The link will be updated once we publish the blog in a couple of weeks’ time)

And Let’s End With Some Lip-Smacking Cribl.Cloud Confections

Multiple Worker Groups – Early Access!

Ability to create additional Cloud Worker Groups for greater granularity, security, and data isolation. Customers may want to segment data loads differently in configurations and processing requirements. And to do this effectively, you need to isolate data processing into other Cloud Worker groups. This allows teams to only work with data relevant to their job. This also means you can reduce transit costs and solve latency issues by managing their data sources and destinations in proximity within and across regions. This offers greater security since you’re preventing users from accessing data they don’t need to access and gives admins better control over permission settings and management of roles.

Multiple Worker Groups are now available to all customers through Early Access. If you want to be one of the first to start using this feature, make sure you have an Enterprise account and reach out to your dedicated SE or support person at Cribl, they’ll help turn it on in your organization. Multiple Worker Groups will be available to all customers in May 2023

Multiple Owners

The ability to assign many users within an org to owner-role privileges allows for greater management flexibility, speeds up processes and new user onboarding, and prevents delays with backup Owner support.

API Access Control Management

Enjoy a longer period of access when accessing Cribl Stream and Edge APIs. This new feature provides you with an access token — a client ID and secret pair — that doesn’t expire and can be used to automate and scale the creation of API keys.

Look out this space for a link to a detailed blog on Cribl.Cloud enhancements (Please note: The link will be updated once we publish the blog in a couple of weeks’ time)

Food’s Done, Now Let’s Level Up Our Dance Moves!

We are thrilled to announce the release of our latest features in 4.1 and cannot wait for you, our wonderful customers, to try them out! The current vibe at our company, especially after returning from our New Orleans offsite, is one of excitement and celebration as we continue to level up and achieve our goals. From the sound of our employees singing the level-up song to the enthusiasm in the air, it’s clear that we’re all in this together and pushing each other to be our best. We invite you, our customers, to join in on the fun. Let’s all level up together!

If you want to learn more about our Spring release, make plans to join our webinar on 3/22!

—-

Level up, level up, level up, level up, level up

Level up, level up, level up, level up, level up!

On the Cribl Stream, on the Cribl Edge

Searchin’ for that Cloud so I can pledge

I won’t stop until I reach the top

Gonna level up and never ever flop!

Level up, level up, level up, level up, level up

Level up, level up, level up, level up, level up!

via GIPHY