Cribl Search Unlocks The Value of ALL Data

We announced Cribl Search in May, and customer reaction has been incredibly positive. We’ve heard for some time that organizations have data everywhere. They have data in their observability lakes, analytics tools, object stores, and at the edge. The big challenge facing enterprises is that existing search models require you to take all of this data that you don’t know is valuable or not, move it into one place, and then make decisions about whether this is valuable? What else do I do with it? What do I do with it next? Do I keep it? This model is fundamentally flawed and doesn’t scale to meet modern challenges. Recently, Ed Bailey and I talked more in-depth about Cribl Search on one of our live streams, and we’ve embedded it below.

Cribl Search Unlocks The Value of ALL Data

Search is obviously not a new concept. When it gained popularity 15+ years ago, some might argue it was a true innovation – a new technology that solved a real problem. It was simple but powerful. Ship the data to the system of record within the data center, which would, in turn, normalize the data and help make disparate pieces of information searchable and valuable. The problem in some respects hasn’t changed – you still need to be able to search disparate pieces of information and have intelligent systems connect the dots. The problem is that the world changed around one critical assumption of the model from the early 2000s – the assumption that shipping the data to the system of record was easy. At the time that Search revolutionized operations, systems were relatively centralized.

The world has raced to the cloud. Application architectures are becoming more and more distributed, making operations more complicated and security threats easier to disguise. Three little words from the advent of Search have suddenly become the most complex part of legacy search systems – “ship the data”. Not a small feat anymore with modern application architectures.

With search-in-place, Cribl Search lets you use the data without shipping it. Instead, you can query it and leave out the most complex and expensive parts. Then, you can ship useful parts to another system for further analysis or long-term storage. With volumes of data increasing and distributed architectures proliferating, it becomes critical to search in place to find ALL useful data.

That doesn’t mean abandoning the current centralized system but deciding on the data before shipping it – it’ll save you time, money, and headaches while making the tools you leverage even better! For example, let’s say you’re working with debug logs. They’re USELESS, except if you’re actually debugging an app right then. If you are debugging it, you can search it immediately without moving it first. Otherwise, leave it where it’s at.

Cribl Search enables administrators to deploy a single, system-agnostic search capability to search anywhere, for any data type, and hosted in object storage or system of analysis without having to collect the data first.

To sum it up: Cribl Search unlocks a SCALE of data usable for administrators that didn’t previously exist.

Cribl Search is coming in late 2022, and we will have a lot more to share as we get closer to release. Tap the button below to join our email list.