Route data to multiple destinations
Enrich data events with business or service context
Search and analyze data directly at its source, an S3 bucket, or Cribl Lake
Reduce the size of data
Shape data to optimize its value
Store data in S3 buckets or Cribl Lake
Replay data from low-cost storage
Collect logs and metrics from host devices
Redact or mask sensitive data
Optimize data for better threat detection and response
Streamline infrastructure to reduce complexity and cost
Simplify Kubernetes data collection
Optimize logs for value
Control how telemetry is stored
Easily handle new cloud telemetry
Ensure freedom in your tech stack
Accelerate the value of AIOps
Effortlessly search, collect, process, route and store telemetry from every corner of your infrastructure—in the cloud, on-premises, or both—with Cribl. Try the Cribl Suite of products today.
Learn moreGet started quickly without managing infrastructure
Get telemetry data from anywhere to anywhere
Streamline collection with a scalable, vendor-neutral agent
Easily access and explore telemetry from anywhere, anytime
Store, access, and replay telemetry. Point. Click. Done.
AI-powered tools designed to maximize productivity
Instrument, collect, observe
Get hands-on support from Cribl experts to quickly deploy and optimize Cribl solutions for your unique data environment.
Work with certified partners to get up and running fast. Access expert-level support and get guidance on your data strategy.
Get inspired by how our customers are innovating IT, security, and observability. They inspire us daily!
Read customer storiesFREE training and certs for data pros
Log in or sign up to start learning
Step-by-step guidance and best practices
Tutorials for Sandboxes & Cribl.Cloud
Ask questions and share user experiences
Troubleshooting tips, and Q&A archive
The latest software features and updates
Get older versions of Cribl software
For registered licensed customers
Advice throughout your Cribl journey
Connect with Cribl partners to transform your data and drive real results.
Join the Cribl Partner Program for resources to boost success.
Log in to the Cribl Partner Portal for the latest resources, tools, and updates.
On June 10th more than 800 Cribl users came together at the Caesar’s Palace in Las Vegas to celebrate each other and the power of learning at CriblCon. Our attendees discovered exactly how to make their data management unstoppable. Solved that mystery at CriblCon. Find clues to how the data engine for IT and Security helps them analyze, collect, process, and route all their data. At any scale. Uncover more value from your SIEM, AI Ops, and analytics tools, too.
CriblCon provided a unique platform for users of the data engine for IT and Security to delve into the world of Cribl and witness firsthand how we “Do different.” Participants were captivated by engaging customer presentations, immersive hands-on labs, and insightful discussions on how Cribl and our users are revolutionizing the industry. While the excitement of an in-person event is hard to recreate online, we have done our best below, bringing you presentations with tips and best practices that you can start using today.
Speakers:
Clint Sharp, CEO and Co-Founder, Cribl
Dritan Bitincka, CPO and Co-Founder, Cribl
Ledion Bitincka, CTO and Co-Founder, Cribl
Abby Strong, CMO, Cribl
Data growth, data formats, emerging tools and AI wreaking havoc in your organization? At Cribl, we’re here to help you wreak order. We’ll walk you through how building a Data Engine for IT and Security, powered by Cribl will help you clean up data disasters, conquer compliance, power your people and prepare your organization for automation and AI.
Curating high-quality data, bringing in unstructured data under management and establishing data literacy need to come first. These efforts can often be justified within innovation budgets while driving immediate impact through visibility, knowledge-sharing and better decision-making.
Speakers:
Chris Affleck, Senior Cyber Security Engineer, Epiq Global
Dan Wilson, Cyber Security Engineer, Epiq Global
Sidd Shah, Staff Solution Engineer, Cribl
In this session, we’re going to dig into how Epiq transitioned our security infrastructure from on-premise to cloud with the help of Cribl. We’ll talk about the challenges we faced in learning how to parse and shape Microsoft Sentinel data, and the victories we achieved by simplifying our infrastructure for cost savings and to streamline our data processes. We’ll share some valuable lessons we learned along the way helping others navigate similar digital transformations successfully.
Speakers:
Chanda Pulliam, Senior Information Security Engineer, Synopsys
In this session, we’ll explore the transition from traditional syslog and Logstash setups to the dynamic capabilities of Cribl. We’ll share our firsthand experiences, from scalability issues to performance challenges, how we navigated these obstacles, to effectively transition to Cribl and Elastic.
Speakers:
Aaron Wilson, SRE Manager, iHerb
Jon Rust, Staff Solutions Engineer, Cribl
In the quest to turn our outdated and disorderly SIEM into a modern, streamlined and manageable solution, we turned to Cribl. Together we develop a centrally managed environment that empowered our teams to manage multiple data sources and destinations with improved time-to-value, reducing data flow steps, and increasing sustainability. Join this session to learn how we used Cribl to modernize and streamline our SIEM operations into a single point of management solution.
Speakers:
Raanan Dagan, Staff Solutions Engineer, Cribl
Learn how one of the largest U.S. financial institutions handles a diverse and high-volume logging ecosystem while supporting a multi-cloud integration across on-prem, SaaS, and public cloud. Serving approximately 70 million customers, this financial institution follows an Infrastructure-as-code approach to manage their logging platform and deliver dashboards, alerts, and queries across multiple lines of businesses. You’ll see how to care for sensitive data with the utmost care, minimizing risk and maximizing peace of mind with Cribl, the data engine for IT and Security. From logs to business insights in a matter of clicks, you are sure to rethink the power of logs!
Speakers:
Nick “Tank” Tankersley, Cribl
Cribl offers a suite of tools designed to optimize data pipelines, with different components tailored for managing and orchestrating data flows at scale across different teams and data sources. One of the biggest problems with building and running a multi-team data engine is isolation. This presentation will cover how we at Cribl have handled the challenge of data, configuration, and access isolation for growing teams through features such as Cloud Workspaces, Worker Groups, and Stream Projects, and how they provide isolation and crafted experiences for different levels of data access and control.
Speakers:
Jacob Gorney, Cribl
Josh Biggley, Cribl
Learn how Cribl uses its own purpose-built data engine for IT and Security capable of discovering and collecting data from any source, processing billions of events per second, automatically routing data to optimized storage, and analyzing any data, at any time, in any location to drive the Cribl.Cloud team’s observability practice, make quick decisions, and continuously improve Cribl Stream, Edge, and Search from the inside.
Speakers:
John Lim, Lead Systems Engineer, Cox Automotive
Grease the wheels of adoption and step on that pipelining gas pedal! Integrating Cribl Stream into your existing data engine can be a challenge for large organizations with well-established processes. Learn how Cox Automotive is methodically incorporating Stream through the extensive use of packs and data forks, and how stakeholders can realize the value of Cribl Stream with minimal impact to their day to day operations. Furthermore, learn how Cox Automotive is using data tiering and replay to ensure high availability and accelerated resolution times.
Speakers:
BhoopeshKumar Jayasekaran, AutoDesk
This proposal aims to investigate the correlation between traces in OpenTelemetry (Otel) and logs in Splunk, two widely used tools in the field of observability and log management. The objective of this research is to explore how the integration of trace data from Otel and log data from Splunk can provide a comprehensive understanding of application performance and behavior. By analyzing the relationship between these two data sources, we aim to identify patterns, uncover hidden dependencies, and gain insights into system bottlenecks and potential issues. Through this correlation, we hope to enhance troubleshooting capabilities, optimize system performance, and improve overall observability of distributed applications. The findings of this study will contribute to the development of effective monitoring and analysis techniques, enabling organizations to proactively address performance challenges and deliver more reliable and efficient software systems.
Speakers:
Chris Talbott, Cyber Security Manager, Amex GBT
Adam McLaughlin, Cyber Security Engineer, Amex GBT
This session explores how our team utilized Cribl Stream to navigate a complex SIEM landscape. We faced several challenges: evaluating new SIEMs, managing high-volume data in our current SIEM, and ultimately migrating to a new solution – all without disrupting ongoing security operations.
Speakers:
Clint Sharp, CEO and Co-Founder, Cribl
Dritan Bitincka, CPO and Co-Founder, Cribl
CriblCon 2024 demo of Cribl Copilot, an AI-powered engineering partner that puts decades of engineering experience at the fingertips of every user, streamlining the efficiency of IT and security data management at scale. Cribl Copilot is fully integrated across Cribl’s portfolio of products, enabling customers to seamlessly tackle the most complex IT and security data challenges with the ability to build robust, efficient operations across Cribl Edge, Cribl Stream, Cribl Search, and Cribl Lake.
Speakers:
Ledion Bitincka, CTO and Co-Founder, Cribl
Cribl Edge brings the heat this summer with some sizzling updates. This season, you can handle even bigger deployments with support for a whopping 250K Nodes. Plus, Cribl Edge now runs on Windows 10 and 11 (64-bit only), giving you more flexibility. On top of that, the update brings improvements in licensing management, on-premise access controls, and enhanced support for Google SecOps and OpenTelemetry, making your data management this summer a breeze.
What a kickoff to the summer! That’s right, in the past two weeks, we got to welcome a lot of our ecosystem back with hugs, high fives, fist bumps, and air fives! It has been a great way to get welcomed into my new work family. That’s right, there’s no better feeling than getting to meet customers and THEY are the ones educating me on what Cribl does well, what would be awesome to see, AND more importantly, what Cribl would be like if it was a person (or a GOAT… shoutout to Ian, our mascot!)
If you didn’t get a chance to join us at our first ever CriblCon, I’d say skip all the way to the end of this blog to get the links, or else this might trigger a bit of FOMO! I’m only kidding, but it will only get you more excited about what we’re bringing to you at BlackHat and later this year.
Alright, let’s kick things off with a little recap. Earlier this year, YOU told us you wanted choice and control for your data AND for your live Cribl experience, so we went to work on delivering. After a little brainstorming, we realized that you probably already had other conferences planned and we didn’t want to “lock you in” if we decided to “roll our own” (just a pun to make sure you check out our Roll Your Own Pack contest), so we decided to bring the action to you! So, we set out to get you together with other Criblers to learn about what’s next and share best practices. No death by PowerPoint, just ways to collaborate, solve problems, share ideas, say ‘Hi’ in person, and have fun!
How did we do? Well, keeping in line with our ‘Customers First, Always’ value, let me quote a customer who said, “It was fun! It was packed! It was a wall of people… Clint gave a talk and it was one of the best talks ever because it didn’t ramble on and it was not very salesy, it was just perfect! Now, I’m biased, however, I will agree with this customer–he also happens to lead the Cribl User Group, if you’d like to catch up with us virtually! The whole event was awesome, but since the NHL playoffs are about to wrap-up (which means I might gain a bunch of time back in a week), let’s do a quick ESPN-style breakdown by the numbers of the event. We had over 280 attendees made up of folks who were curious about Cribl, folks who are just starting out their journey, those looking to see what the goats are all about, and seasoned Criblers there to share better and best practices with each other. It was great to see the community in action. What you can’t see in the pictures is the fire marshall making sure we didn’t create an unsafe situation since we were the HOTTEST TICKET in Vegas on that Monday evening! Now for folks who didn’t get a chance to stop by, let’s jump into a recap and get people excited to join us on our next stop!
Let’s dive into CEO Clint Sharp’s talk. As Rich said, it was efficient and not too salesy. Clint reminded us of Cribl’s purpose which is to create breakthrough enterprise software that takes tech professionals from “THIS SUCKS” to “HELL YEAH!” Now in typical Clint fashion, he might have used a different vocabulary, but details, details. He then jumped to the topic of continuously delivering value through our vision. From Cribl Stream to Edge, and Search in the near future. At Cribl, we want to unlock ALL of your observability data and we will not rest until we do. He also reminded us that building the functionality of this platform is important to you, therefore it’s important to Cribl as we focus on our first-principles approach to developing and delivering solutions.
Clint also covered one of my favorite customer stories. The one about Geneva Trading, a leading proprietary trading firm that completed dual ingestion, tagging, and index renaming within the first week of deployment. The rest of the 6 week migration timeline was focused on data integrity, field enrichment, and alert validation. If that’s not an amazing return on investment, I don’t know what is. For more Cribl + Splunk goodness, check out TransUnion’s presentation: TransUnion Teams Up with Cribl Stream to Drive Greater Efficiency.
After the presentation, we unleashed the masses back to the tee boxes for a little bit more fun and a whole lot more conversations. As I said before, I AM biased, but I really think this was an awesome event. It was especially amazing to me to see our community out in full force interacting with each other and sharing knowledge to help each other succeed. I hope to meet more of you at our second event next month!
Now if you aren’t part of the community yet, don’t delay any longer. Head on over to our Community page for more information.
See you at Blackhat!
Classic choice. Sadly, our website is designed for all modern supported browsers like Edge, Chrome, Firefox, and Safari
Got one of those handy?