New to observability? Find out everything you need to know.
Cribl Stream is a vendor-agnostic observability pipeline that gives you the flexibility to collect, reduce, enrich, normalize, and route data from any source to any destination within your existing data infrastructure.
Learn More >Cribl Edge provides an intelligent, highly scalable edge-based data collection system for logs, metrics, and application data.
Learn More >Cribl Search turns the traditional search process on its head, allowing users to search data in place without having to collect/store first.
Learn More >The Cribl.Cloud platform gets you up and running fast without the hassle of running infrastructure.
Learn More >Cribl.Cloud Solution Brief
The fastest and easiest way to realize the value of an observability ecosystem.
Read Solution Brief >AppScope gives operators the visibility they need into application behavior, metrics and events with no configuration and no agent required.
Learn More >Explore Cribl’s Solutions by Integrations:
Explore Cribl’s Solutions by Industry:
Get this Gartner® report and learn why telemetry pipeline solutions represent a robust and largely untapped source of business insight beyond event and incident response.
Download Report >Observability Pipelines: Optimize Your Cloud with Exabeam and Cribl
It’s not about collecting ALL the data; it’s about collecting the RIGHT data.
Watch On-Demand >Try Your Own Cribl Sandbox
Experience a full version of Cribl Stream and Cribl Edge in the cloud.
Launch Now >Get inspired by how our customers are innovating IT, security and observability. They inspire us daily!
Read Customer Stories >Sally Beauty Holdings
Sally Beauty Swaps LogStash and Syslog-ng with Cribl.Cloud for a Resilient Security and Observability Pipeline
Read Case Study >Experience a full version of Cribl Stream and Cribl Edge in the cloud.
Launch Now >Take Control of Your Observability Data with Cribl
Learn More >Cribl Corporate Overview
Cribl makes open observability a reality, giving you the freedom and flexibility to make choices instead of compromises.
Get the Guide >Stay up to date on all things Cribl and observability.
Visit the Newsroom >Cribl’s leadership team has built and launched category-defining products for some of the most innovative companies in the technology sector, and is supported by the world’s most elite investors.
Meet our Leaders >Join the Cribl herd! The smartest, funniest, most passionate goats you’ll ever meet.
Learn More >Want to learn more about Cribl from our sales experts? Send us your contact information and we’ll be in touch.
Talk to an Expert >Psst, hey pal, would you like to buy a time machine?
I am not talking about some H.G. Wells monstrosity where you somehow end up being chased by dinosaurs or become your own grandparent. But a time machine for your observability data.
License costs and tool performance often keep organizations from ingesting all their data or require them to limit data retention time. Security incidents are often discovered long after these retention times are exhausted or require data that was never ingested. Leaving teams without the full story.
A massive advantage of Cribl Stream is the ability to store full-fidelity data in low-cost storage solutions like Amazon S3, and Azure Blob for long-term retention. This is great for compliance, but what if you need that data later for an investigation? That’s where our Replay solution shines. With Replay in Cribl Stream, you can efficiently collect data from object storage and “replay it” through a pipeline and into your destinations. Giving you an affordable way to retain more data for more extended periods of time, while still having it accessible for investigations.
A multinational conglomerate that has been innovating across industries since 1892, needed this exact functionality. Their observability engineers use Amazon S3 to store petabytes of data, as their first destination before sending it to Splunk for security and operations teams. They often get requests to Replay data for use in investigations. With the sheer amount of data they are storing, this could be like finding a needle in a haystack.
By using path segmentation in Amazon S3, they target the data they need–usually a data range, from a few days to 13 months–and replay it through Cribl Stream and into Splunk, SIEM tools, or any destination of their choosing. Allowing end users to quickly resolve breaches or potential threats, while still having an affordable way to store data for years, if not indefinitely if they wanted.
From an architecture perspective, they have a leader node for each environment and use a microserver architecture using between 200-300 worker nodes.
“The leader node is able to distribute the workload across workers very nicely,” said A Senior Cyber Security Software Engineer. “When we send a spike of data, like in this case when we had to Replay 1.335 PB of data, the workers can handle it. It’s economical too, because we use several small instances vs. big instances, and it doesn’t require much memory.”
It took about 2 hours to collect the metadata and then an additional 4 hours to process the data. With Cribl Stream, they reduced that data from S3 to output just 3.69GB to Splunk. (That’s a 99.9999972% reduction.)
See the power of Replay yourself, and try your hand at observability time travel in our Replay Sandbox or with a free Cribl.Cloud account
Experience a full version of Cribl Stream and Cribl Edge in the cloud with pre-made sources and destinations.