Cribl Stream is a vendor-agnostic observability pipeline that gives you the flexibility to collect, reduce, enrich, normalize, and route data from any source to any destination within your existing data infrastructure.
Cribl Edge provides an intelligent, highly scalable edge-based data collection system for logs, metrics, and application data.
Cribl Search turns the traditional search process on its head, allowing users to search data in place without having to collect/store first.
The Cribl.Cloud platform gets you up and running fast without the hassle of running infrastructure.
Cribl.Cloud Solution Brief
The fastest and easiest way to realize the value of an observability ecosystem.
AppScope gives operators the visibility they need into application behavior, metrics and events with no configuration and no agent required.
Explore Cribl’s Solutions by Integrations:
Explore Cribl’s Solutions by Industry:
Try Your Own Cribl Sandbox
Experience a full version of Cribl Stream and Cribl Edge in the cloud.
Get inspired by how our customers are innovating IT, security and observability. They inspire us daily!
Sally Beauty Holdings
Try Your Own Cribl Sandbox
Experience a full version of Cribl Stream and Cribl Edge in the cloud.
Cribl Corporate Overview
Cribl makes open observability a reality, giving you the freedom and flexibility to make choices instead of compromises.
Cribl’s leadership team has built and launched category-defining products for some of the most innovative companies in the technology sector, and is supported by the world’s most elite investors.
Join the Cribl herd! The smartest, funniest, most passionate goats you’ll ever meet.
Want to learn more about Cribl from our sales experts? Send us your contact information and we’ll be in touch.
September 28, 2022
What is an observability engineer? Is it your SIEM admin? How about your application performance monitoring admin? Neither? Both? Observability engineering is more than administering a tool. There is more to it than data onboarding, writing parsers, and getting data in. As an observability tool admin, you work with data producers and consumers to get data in a human-readable and searchable format from the source to the analytics system. Too frequently, a tool admin knows only a fraction of the critical business use cases. Not knowing your data’s uses leads to challenges when asking for budget, headcount, and infrastructure. It leads to challenges when notifying internal stakeholders of outages, upgrades, and changes. It is difficult to inform critical customers, such as the SOC and NOC, of potential new gains and insights available from newly onboarded data.
As an observability engineer, you are responsible for being a data steward and bridging the gap between the data producer and data consumer. You know data. You know how to discuss data to suggest and refine use cases and enrichment opportunities. You know how to decompose a use case into the component data sources and fields. This skill set takes time, practice, and talent. Recently, I had a chance to discuss this topic on a Cribl live stream that I’ve embedded below if you want to watch.
How can we empower observability tool admins to become observability engineers? Cribl Stream. Stream changes the types of conversations that you can have between producers, consumers, and the observability team. You now have a choice. You have the choice of what data needs to go to which system. You have the choice of which fields you need in your data for your multiple use cases. You have the choice of enrichment on the fly. You have the choice of data format.
The observability tool admin, now the observability engineer, can have a genuine conversation about the use case. No longer is the conversation simply, “what is the source?” “What is the destination?” “What retention do you require” “By when do you need it?”. Now, when the engineer has a conversation about the use case, they can talk about reducing unnecessary fields going to high-cost systems of analysis while still sending full-fidelity data to inexpensive archival storage. They can ease concerns when they show how easily data can be replayed from the archive back to the system of analysis when needed.
Now that the engineer is talking to data producers and consumers about use cases, they can document them. With well-documented use cases, a data dictionary starts to write itself. A data dictionary becomes a force multiplier for the organization. The c-suite knows the critical use cases. The SOC knows what is available (perhaps more importantly, what isn’t available) for threat hunting and detection engineering. All your stakeholders know what data is available, where it is, and available use cases.
The observability engineer now has the tool to become a responsible steward of the organization’s data. Moving from, “nope. we are going to hit our license cap.” to “yes! Let’s look at that data, see what’s valuable, and think about where you want to send it.”. The engineer can capture the reduction wins and show how their stewardship of the data has enabled many more use cases due to the choices they now have with the data.
The fastest way to get started with Cribl Stream and Cribl Edge is to try the Free Cloud Sandboxes.
Jess Manning McCarthy Sep 27, 2023
Nick Heudecker Sep 26, 2023