Unlock the value of all your data TODAY Free Sign Up

Living the Stream

The Cribl blog covers Observability, Big Data Analytics, Data Streams Processing... and anything else we feel like writing about!

Filter by: Reset

Brendan Dalpe Jun 29, 2021

SOAR to New Heights with LogStream

When I worked as an information security practitioner, I spent most of my time responding to and investigating alerts. These alerts were from various tools such as next-generation malware detection and prevention systems, web proxies, firewalls, and email filtering appliances. Occasionally, as part of triage, I’d need additional context surrounding the users’ or machines’ activity […]

Global Keyword Search CLUI

Łukasz Wilk Jun 23, 2021

Internal Express.js requests powering CLUI

Global Keyword Search (aka CLUI) was introduced in LogStream 2.4.0. This feature enables the user to press Ctrl+K (all platforms) or Cmd+K (MacOS) and search across LogStream objects by keyword. This article describes how we built it and the engineering choices we made.

Harry Gardner Jun 17, 2021

Securing LogStream with HashiCorp Vault

Key Management System (KMS) support was added in LogStream 3.0. In this version, integration with HashiCorp Vault was added, along with the default local filesystem KMS option. This integration allows customers to offload management of secrets used by Cribl LogStream to an external KMS provider   The KMS feature can be used to improve the security posture of your LogStream deployment.

Gonzalo Romano Jun 10, 2021

LogStream: Automated Upgrades for Distributed Deployments

On distributed LogStream deployments that can span hundreds of nodes, it becomes a critical feature to be able to upgrade all the nodes to the latest version in an automated fashion – without having to upgrade each node one by one, or leverage bash scripts to automate the upgrades. Here, we discuss how we leveraged our internal jobs framework to automate worker node upgrades.

Ledion Bitincka Apr 30, 2021

Comparing Intel, AMD, and Graviton2

In this post, we’ll compare the performance-price ratio of compute-optimized AWS instances built on: Intel, AMD, and Graviton2 (ARM64). Let’s start with the results.

Ledion Bitincka Apr 1, 2021

How AppScope helped resolve a DNS problem

This is a short blog post about how we used AppScope to identify and resolve a DNS-related problem reported by one of our customers … and it is a fact that it’s always a DNS problem, except when it isn’t :).

Donn Rochette Apr 1, 2021

AppScope: Analyzing gRPC and Protobuf

Previous experience with Protobuf was just painful, to be honest. How complicated is this? Worth doing? All of which caused me to think about how to analyze gRPC. Since AppScope extracts payloads from network activity, could we see gRPC and Protobuf details?

Donn Rochette Apr 1, 2021

AppScope: Interposition Mechanisms

This article is an overview of interposition mechanisms used to build AppScope - it will be of particular interest to developers who love to maximize their apps' performance. 

Donn Rochette Apr 1, 2021

AppScope Design

AppScope is an application-centric instrumentation and data collection mechanism. With one instrumentation approach for all runtimes, AppScope offers ubiquitous, unified instrumentation of any unmodified Linux executable. It's equally useful for single-user troubleshooting or monitoring distributed deployments. So how does it work?

Ledion Bitincka Dec 23, 2020

Cribl Engineering Manifesto

As 2020 comes to a close, I have spent some time reflecting on some of our engineering achievements and, more importantly, lessons of the past few years. I am documenting them openly as much for our current Criblanians but also for those who are considering joining us. 

LogStream Sandbox

Learn about the features of Cribl LogStream in our interactive sandboxes!