LogStream is now available as a Cloud service! Learn More

Living the Stream

The Cribl blog covers Observability, Big Data Analytics, Data Streams Processing... and anything else we feel like writing about!

Filter by: Reset

Steve Litras Oct 23, 2020

Firewall Logs, not just for breakfast anymore…

Have you ever spent a day picking through firewall logs, looking for the useful bits to help diagnose a reported issue? Firewall logs provide a rich data set, but in and of themselves, they’re a bit hard to read and understand, which makes them even harder to get insights from. Not to mention they are […]

L Tang Sep 2, 2020

Backpressure Behavior in Cribl LogStream

In this quick dive into backpressure topics in Cribl LogStream, we will also touch upon persistent queueing, how Cribl LogStream sends information out to destinations when backpressure options are selected, and how to approach troubleshooting systems with non-responsive destinations.  Sizing is an art and a science, born of expectations from back-of-napkin math, and refined through […]

Steve Litras Sep 2, 2020

Logging in a Multi-Account AWS Environment

You Kids! Get Off My Lawn! At the risk of sounding all “back in my day,” I’ve been working with AWS services since probably about 2009, at first in testing and development, and later in many production environments. Back then, AWS recommended that companies should use multiple accounts for their environments, but the only real […]

Dritan Bitincka Jul 27, 2020

Integrating Cribl LogStream and Zoom in Minutes

Video conferencing usage, especially on Zoom, has exploded in the last few months, and companies small and large are using it extensively to enable and connect their now mostly-remote employees. And, as with any other critical technology, especially when interconnecting infrastructure, it’s important that administrators get real-time visibility and insights into it, such as:  Average […]

Steve Litras Jul 23, 2020

Prepping your Data for Data Collection

With the advent of data collection, new logging data workflows become possible. If your retention requirements are served by archiving data off to a cheap storage mechanism like S3 or Glacier, you can drastically reduce what’s in your logstore to just what you need for normal troubleshooting, or even only metrics, using data collection to […]

Steve Litras Jul 7, 2020

LogStream 2.2 Management Features

With the release of LogStream 2.2, while so much of our excitement is focused on the data collection feature, we’ve also rolled out a number of improvements for distributed management, as well as in the observability of the product itself. In this post, I’m going to share some of the improvements that I’m most excited […]

Steve Litras Jun 23, 2020

Data Collection for Security Investigations

According to a 2018 study by the Ponemon Institute, the average time from the occurrence of a security breach to detection is 197 days (with the entertainment industry on the high side – 287 days, and the Energy sector at the low end – 150), but with stories like the Marriott breach (occurred in 2014, […]

Dritan Bitincka Mar 16, 2020

A Simple Guide to Scalable Data Collection from Amazon S3

Scalable data collection from Amazon S3 was introduced back in Cribl LogStream 2.0 and has been a real workhorse providing essential capabilities to many of our AWS customers. In this post we’ll take a look at how it works and how to configure it. If you’re new to Cribl LogStream you may want to take our sandbox for a […]

Dritan Bitincka Mar 12, 2020

Cribl LogStream Global Variables: A Practical Introduction

Global Variables were one of the most important features introduced with Cribl LogStream 2.1. In this short post we’ll take a look at what they are, how they work and how to use them to build more effective pipelines. If you’re new to Cribl LogStream it may make sense to take our sandbox for a drive before reading further. LogStream Global […]

Dritan Bitincka Feb 23, 2020

How to Easily Generate Sample Data

Working with data in Cribl LogStream is best done when live events flow through the system. In this post we’ll walk through how to generate sample data for the purposes of iterating through routes, pipelines, functions configurations as well as troubleshooting general issues. In version 2.1 we introduced a new purpose-built feature called Datagens. Datagens replay template files a given rate […]

LogStream Sandbox

Learn about the features of Cribl LogStream in our interactive sandboxes!