Cribl puts your IT and Security data at the center of your data management strategy and provides a one-stop shop for analyzing, collecting, processing, and routing it all at any scale. Try the Cribl suite of products and start building your data engine today!
Learn more ›Evolving demands placed on IT and Security teams are driving a new architecture for how observability data is captured, curated, and queried. This new architecture provides flexibility and control while managing the costs of increasing data volumes.
Read white paper ›Cribl Stream is a vendor-agnostic observability pipeline that gives you the flexibility to collect, reduce, enrich, normalize, and route data from any source to any destination within your existing data infrastructure.
Learn more ›Cribl Edge provides an intelligent, highly scalable edge-based data collection system for logs, metrics, and application data.
Learn more ›Cribl Search turns the traditional search process on its head, allowing users to search data in place without having to collect/store first.
Learn more ›Cribl Lake is a turnkey data lake solution that takes just minutes to get up and running — no data expertise needed. Leverage open formats, unified security with rich access controls, and central access to all IT and security data.
Learn more ›The Cribl.Cloud platform gets you up and running fast without the hassle of running infrastructure.
Learn more ›Cribl.Cloud Solution Brief
The fastest and easiest way to realize the value of an observability ecosystem.
Read Solution Brief ›Cribl Copilot gets your deployments up and running in minutes, not weeks or months.
Learn more ›AppScope gives operators the visibility they need into application behavior, metrics and events with no configuration and no agent required.
Learn more ›Explore Cribl’s Solutions by Use Cases:
Explore Cribl’s Solutions by Integrations:
Explore Cribl’s Solutions by Industry:
Try Your Own Cribl Sandbox
Experience a full version of Cribl Stream and Cribl Edge in the cloud.
Launch Now ›Get inspired by how our customers are innovating IT, security and observability. They inspire us daily!
Read Customer Stories ›Sally Beauty Holdings
Sally Beauty Swaps LogStash and Syslog-ng with Cribl.Cloud for a Resilient Security and Observability Pipeline
Read Case Study ›Experience a full version of Cribl Stream and Cribl Edge in the cloud.
Launch Now ›Transform data management with Cribl, the Data Engine for IT and Security
Learn More ›Cribl Corporate Overview
Cribl makes open observability a reality, giving you the freedom and flexibility to make choices instead of compromises.
Get the Guide ›Stay up to date on all things Cribl and observability.
Visit the Newsroom ›Cribl’s leadership team has built and launched category-defining products for some of the most innovative companies in the technology sector, and is supported by the world’s most elite investors.
Meet our Leaders ›Join the Cribl herd! The smartest, funniest, most passionate goats you’ll ever meet.
Learn More ›Whether you’re just getting started or scaling up, the Cribl for Startups program gives you the tools and resources your company needs to be successful at every stage.
Learn More ›Want to learn more about Cribl from our sales experts? Send us your contact information and we’ll be in touch.
Talk to an Expert ›May 4, 2023
In part 1 of this post, we talked about how Cribl is empowering security functions by giving our customers freedom of choice and control over their data. This post focuses on their experiences and the benefits they are getting from our suite of products.
In a past life, I was in charge of security and operational logging at Transunion — around 2015, things started going crazy. The amount and complexity of data, the lack of staffing, and global deployment were causing me to pull out hair that had been turning gray for the same reasons. It seemed impossible to manage — we were looking for solutions to simultaneously manage our data, get it where it needed to go, and control our costs.
Cut to two years later — I have an initial meeting with the founders of Cribl, and they manage to knock a half million dollars off my analysis license during a demo. So naturally, I download the pre-1.0 installable shortly after and start managing data on my own in 15 minutes, without going to the command line or having to figure out my own regexes. With my code, I could see my raw data and what it looked like after I transformed it, without having to build an entire dev stack.
This was my first introduction to some of the first principles that Cribl works from — ease of use, rapid adoption, and fast time to value. So many of the pain points I had with other tools were gone. I was finally in control of my data and able to choose what I wanted to do with it.
This was all with limited displacement costs — I could use all of my existing agents without deploying any new ones. I didn’t have to stop using Splunk, but I was able to get more value from it. From there, we were able to start carving out massive chunks of our license and start saving even more money. My boss couldn’t believe how fast the changes were delivering value.
Since I joined Cribl, I’ve become accustomed to hearing similar responses from customers. An executive said to me recently, “So you’re going to help me have better data, control my cost, lower my run rate, and scale my staffing all at the same time? You don’t see that every day.” He probably doesn’t see it daily, but these results are standard for our clients.
We’re seeing more and more companies move to a best-of-breed strategy since they no longer have to be at the mercy of any specific vendor. Organizations can now use tools from one vendor for their SIEM, a different vendor for their UEBA, and even a third for their SOAR solution. This approach will become even more common because of how much simpler integrations are with Cribl.
In my previous company, my CISO wanted to bring Exabeam into the mix of our analysis tools. Using Cribl Stream, we got what would have normally been a six to nine-month integration process done in three weeks. I was happy because we were done fast, and he was happy because he got back the large chunk of change that he had budgeted for the months-long deployment. We could also put the saved engineering hours towards innovation instead of this and other business-as-usual tasks.
Another example of the power of Stream is the ability to perform data migration with minimal risk. One CISO we worked with was using a particular SIEM that many would prefer not to, but don’t want to get off of because the perceived risk of moving away from isn’t worth the cost.
Weakening their security posture was a valid concern, so we worked with this customer to put Stream in place and keep data going into the legacy SIEM while also forking data to the new one. As a result, he was able to migrate his detections and dashboards and make an A/B comparison to make sure his new SIEM was working as well as the old one. He even kept the old one running for 30 days after the cutover, taking all the risk out of the migration and speeding it up at the same time.
Our first principles guided us to build Stream using Javascript and build Search on an enhanced version of Cousteau, so they could be easily implemented. Search is also lambda-based and serverless. You can take sigma rules and convert them — allowing you to search and easily port over your threat rules and search algorithms. If you need to move to a more specific analytics package, you can do that as well.
All of these choices were made with the customer in mind, and by putting ease of use, rapid adoption, and fast time to value at the top of the priority list. You can give Cribl Stream, Edge, and Search a try with Cribl.Cloud and process up to 1TB/day for no charge.
Get more details on this and how Cribl is Operating at the nexus of Observability & Security data in Episode 22 of the Ink8r podcast!
Judith Silverberg-Rajna Sep 10, 2024
Felicia Dorng Sep 3, 2024
Classic choice. Sadly, our website is designed for all modern supported browsers like Edge, Chrome, Firefox, and Safari
Got one of those handy?