Announcing LogStream 2.4

Written by Bryan Turiff

January 12, 2021

Log data is chock-full of information.  It contains insights about the health, security, and performance of your IT infrastructure.  It may also hold sensitive personal information like social security numbers or credit card details.  Add to this the power of Cribl LogStream, which allows you to filter, capture live events, and change log and metric data, and you may want to restrict who can access different classes of data and what LogStream functions they can access.

For these and many other reasons, we are proud to announce the general availability of LogStream 2.4. LogStream has always given you more control over your data. With the addition of Role-Based Access Control (RBAC), you’re now empowered to delegate that control to others on your team or other teams. LogStream 2.4 gives you more control over your data, more ways to shape it, more data sources, and more destinations for your data.  In short, LogStream 2.4 is even more qualified to power enterprises’ efforts to create and optimize a pipeline for observability and security data.

LogStream Role-Based Access Control

RBAC is available in distributed deployments with an Enterprise license.  This allows you to assign access policies at both the worker group level and the role level. You can customize roles and add individual users into a role. This gives organizations much more control over who can access particular types of data and what level of functionality they can use in LogStream.  We’ve also added an audit trail so that you can easily see who has made changes to your environment, and update access policies accordingly.  By assigning teams and individuals to worker groups, you can more easily direct the flow of only the data and features needed to do their jobs.

New Features and Functions

One of the most exciting new features in LogStream 2.4 is the ability to integrate with Redis.  Redis is a powerful in-memory caching system. In LogStream 2.4, you will be able to PUT data into a Redis cache and GET data from it. This, coupled with the ability to collect data  from REST APIs, allows users to create very large lookup databases (much larger and more flexible than CSV files).  This allows our customers to enrich log data with far less manual and time-consuming effort.

As assets created in LogStream continue to grow, navigating and accessing them can be time consuming.  To help make these objects easier to find, reuse, and refine,  we’ve added CTRL+K (CMD+K on Mac) which allows you to quickly search across LogStream objects using keywords. 

Customers loved the Live button so much in the product that we’ve rolled it out throughout the UI.  This allows you to retrieve Sources, Destinations, Collectors, Routes, Pipelines, Functions, etc., and is subject to access rules according to a user’s RBAC Role.

We know how critical performance is to your organization’s success.  LogStream was already the fastest, easiest way to get data into the destinations that matter most, and now it’s even faster.   With each release of LogStream, we strive to provide continuous performance improvements, and this release is no different.  LogStream 2.4 brings a 15-20% performance boost over the previous release.

New Sources and Destinations

Cribl continues to add new data sources for LogStream, to make your observability efforts more comprehensive. In LogStream 2.4, you can now pull timeseries metrics from Prometheus targets on configurable time intervals. LogStream processes, shapes, and routes data to a variety of destinations for storage and further analysis. With LogStream 2.4, we’ve added support for sending events out to the New Relic Log and Metric APIs, as well as Datadog and Sumo Logic. We’ve also added support for sending objects and events to Google Cloud Storage buckets.

Also New in LogStream 2.4

A few of the other highlights in this release include:

  • Collectors provide a new, configurable Throttling threshold.
  • Collection jobs (scheduled and ad hoc) provide new options for automatic reschedule upon failure, maximum number of retries, and timeout interval.
  • A new C.Text.parseWinEvent method parses a Windows event XML string, returning a compact, prettified JSON object.
  • Multiple non-streaming Destinations (S3 Compatible Stores, Filesystem/NFS, MinIO, Azure Blob Storage, and Google Cloud Storage) now provide an Add Output ID option. This gives each staging location a unique file path. This also ensures that each configured Destination writes only to its own bucket.

There are many other exciting things to uncover in the latest release.  For a complete list of everything new, read the LogStream 2.4 changelog.

Wrapping Up

As always, we rely on your feedback to continue to make LogStream as useful as possible.  What should we add next? Your feedback drives some of our best innovations. Here are some other ways to engage with us:

  • Download Cribl LogStream 2.4 today and process up to 5 TB of data per day at no charge
  • Join our community Slack and interact with other LogStream users 
  • Follow us on LinkedIn
  • Experience LogStream for yourself in our interactive, self-guided sandbox courses
  • If you have any questions about anything Cribl, use the chat widget here on the site

The fastest way to get started with Cribl LogStream is to sign-up at Cribl.Cloud. You can process up to 1 TB of throughput per day at no cost. Sign-up and start using LogStream within a few minutes.

Questions about our technology? We’d love to chat with you.

So you're rockin' Internet Explorer!

Classic choice. Sadly, our website is designed for all modern supported browsers like Edge, Chrome, Firefox, and Safari

Got one of those handy?