x
Messy cloud migration

Overcoming Messy Cloud Migrations, Outdated Infrastructures, Syslog, and Other Chaos

January 22, 2024
Written by
Categories: Cribl Stream, Learn

As businesses grapple with increasing data volumes, the need for practical tools to manage and use this data has never been greater. High-quality tools are great — but imagine what you could accomplish with one that made all the others in your toolbox even better?

That’s exactly how we design every Cribl solution — we exist to help IT and Security teams get more out of their existing infrastructure. Here are some ways our customers are getting the choice and control they want over their data and preparing themselves for a future with more data growth than ever before.

Turning Unusable Data Into Usable and Actionable Data

Computacenter is an independent technology and services provider that sees so much value from Cribl Stream that they recommend it to each of their clients from the start. Whether a customer is starting with Splunk from scratch or their system is outdated, Computacenter presents Stream as a welcome addition to any infrastructure.

Bjorn Hanson, a Principal Technology Specialist at Computacenter, shows clients how to use Cribl Stream as an intermediate forwarder, a replacement for Syslog collectors, and more. Because Stream can accommodate a mix of Splunk, Elastic, and other systems, their team can show customers how to easily clean up messy data on the way to its destination — no matter where it’s coming from.

“Data quality is a lot better because we can filter, restructure, reparse, and pretty much do everything that we need. Before [Cribl Stream], a lot of that data was unusable.” – Bjorn Hanson, Principal Technology Specialist

The versatility of Cribl Stream gives users higher quality data, making data management tasks easier and more efficient.

Wrangling Syslog Challenges with Cribl

Once Stream is in place and high-quality data is being sent where it needs to go, it can also address any backlog of outstanding issues. Shawn Cannon, a Threat Management Consultant at Aflac, recently shared his experiences using Cribl Stream to fix their syslog environment and address the limitations of their existing system in capturing incoming sources.

The syslog environment they rolled out worked well for a long time but eventually ran into problems after adding too many data sources. If a source wasn’t set up, data wouldn’t make it to their catch-all index. The Aflac team used Stream as a reliable last-resort index, ensuring no data went missing.

When the previous application they used to onboard CrowdStrike FDR data stopped bringing it on in a timely manner, they moved over to Cribl Stream to continue getting real-time insights without delays.  Cribl Stream’s intuitive GUI made it easy to set up routes and manage the flow of Aflac’s data.

“[Cribl Stream] makes it easier to bring in the data that you need from multiple different sources. If I described Cribl as a person, it would be as my best friend — it’s something that you can’t live without.” – Shawn Cannon, Threat Management Consultant

Seamless Cloud Migration With Cribl

Making small, incremental adjustments to your existing infrastructure will pay huge dividends over time — but if the time comes for a big change, our solutions are uniquely positioned to assist with those as well.

One global financial services company in particular used Cribl Stream to pull off a smooth Splunk Cloud migration. They transitioned with minimal disruptions for their 400 active users and extensive applications.

“We brought Cribl in mainly to help us with this one cloud migration. I’m not sure how we would have pulled that off without [it]. By the time we cut everyone over, I think we only got one ticket — because we were able to use Cribl to fork the data to both places. It was all very, very seamless.” – SVP, Global Financial Services Company

They’ve also used Cribl to replace their aging syslog architecture and evolve their entire data infrastructure. Instead of going the traditional route and dumping everything right into their SIEM, they now route data to the right data stores for each of their use cases.

Looking ahead, they plan to use Cribl Edge to replace the universal forwarder they have deployed on tens of thousands of hosts. Fleet management and upgrades will be much easier, and they can continue to optimize for efficiency and cost savings.

If your data foundation is lacking something, Cribl Stream might be the missing piece. Check out some quick tutorials in our Sandbox or register for a free Cribl.Cloud instance to have us quickly spin up and manage a fully functioning copy of Cribl Stream for you.

Cribl Stream Sandbox Quick Courses


 

Cribl, the Data Engine for IT and Security, empowers organizations to transform their data strategy. Customers use Cribl’s suite of products to collect, process, route, and analyze all IT and security data, delivering the flexibility, choice, and control required to adapt to their ever-changing needs.

We offer free training, certifications, and a free tier across our products. Our community Slack features Cribl engineers, partners, and customers who can answer your questions as you get started and continue to build and evolve. We also offer a variety of hands-on Sandboxes for those interested in how companies globally leverage our products for their data challenges.

.
Blog
Feature Image

Cribl and CrowdStrike Partner to Transform Data Management for SIEM Solutions

Read More
.
Blog
Feature Image

Mastering Tail Sampling for OpenTelemetry: Cost-Effective Strategies with Cribl

Read More
.
Blog
Feature Image

The Stream Life Podcast 110: Microsoft Azure + Cribl – Better together

Read More
pattern

Try Your Own Cribl Sandbox

Experience a full version of Cribl Stream and Cribl Edge in the cloud with pre-made sources and destinations.

box

So you're rockin' Internet Explorer!

Classic choice. Sadly, our website is designed for all modern supported browsers like Edge, Chrome, Firefox, and Safari

Got one of those handy?