Cribl puts your IT and Security data at the center of your data management strategy and provides a one-stop shop for analyzing, collecting, processing, and routing it all at any scale. Try the Cribl suite of products and start building your data engine today!
Learn more ›Evolving demands placed on IT and Security teams are driving a new architecture for how observability data is captured, curated, and queried. This new architecture provides flexibility and control while managing the costs of increasing data volumes.
Read white paper ›Cribl Stream is a vendor-agnostic observability pipeline that gives you the flexibility to collect, reduce, enrich, normalize, and route data from any source to any destination within your existing data infrastructure.
Learn more ›Cribl Edge provides an intelligent, highly scalable edge-based data collection system for logs, metrics, and application data.
Learn more ›Cribl Search turns the traditional search process on its head, allowing users to search data in place without having to collect/store first.
Learn more ›Cribl Lake is a turnkey data lake solution that takes just minutes to get up and running — no data expertise needed. Leverage open formats, unified security with rich access controls, and central access to all IT and security data.
Learn more ›The Cribl.Cloud platform gets you up and running fast without the hassle of running infrastructure.
Learn more ›Cribl.Cloud Solution Brief
The fastest and easiest way to realize the value of an observability ecosystem.
Read Solution Brief ›Cribl Copilot gets your deployments up and running in minutes, not weeks or months.
Learn more ›AppScope gives operators the visibility they need into application behavior, metrics and events with no configuration and no agent required.
Learn more ›Explore Cribl’s Solutions by Use Cases:
Explore Cribl’s Solutions by Integrations:
Explore Cribl’s Solutions by Industry:
Watch On-Demand
Transforming Utility Operations: Enhancing Monitoring and Security Efficiency with Cribl Stream
Watch On-Demand ›Try Your Own Cribl Sandbox
Experience a full version of Cribl Stream and Cribl Edge in the cloud.
Launch Now ›Get inspired by how our customers are innovating IT, security and observability. They inspire us daily!
Read Customer Stories ›Sally Beauty Holdings
Sally Beauty Swaps LogStash and Syslog-ng with Cribl.Cloud for a Resilient Security and Observability Pipeline
Read Case Study ›Experience a full version of Cribl Stream and Cribl Edge in the cloud.
Launch Now ›Transform data management with Cribl, the Data Engine for IT and Security
Learn More ›Cribl Corporate Overview
Cribl makes open observability a reality, giving you the freedom and flexibility to make choices instead of compromises.
Get the Guide ›Stay up to date on all things Cribl and observability.
Visit the Newsroom ›Cribl’s leadership team has built and launched category-defining products for some of the most innovative companies in the technology sector, and is supported by the world’s most elite investors.
Meet our Leaders ›Join the Cribl herd! The smartest, funniest, most passionate goats you’ll ever meet.
Learn More ›Whether you’re just getting started or scaling up, the Cribl for Startups program gives you the tools and resources your company needs to be successful at every stage.
Learn More ›Want to learn more about Cribl from our sales experts? Send us your contact information and we’ll be in touch.
Talk to an Expert ›February 2, 2021
Building your observability pipeline requires tools with awareness of your environment, data, and priorities.
Today’s ITOps and SecOps teams struggle to select the right technologies when implementing their observability pipeline. Many teams default to open source options, believing they can build out the capabilities they need. Others may lean on tooling offered by an incumbent log analytics vendor.
We’ve seen our customers try each of these. Here’s why we believe Cribl Stream is the right choice for your observability platform.
We love open source at Cribl (if you do too, we’re hiring!), but it’s not always the right fit for ITOps and SecOps teams. Open source projects, like Kafka, Pulsar, and Flink, provide a foundation for you to build upon. That’s great for engineering teams crafting new products, or for data managers creating yet another big data environment. It’s less than ideal for busy operations teams.
The critical challenge in building on open source is awareness of the data types operations teams have to collect, refine and manage. Data floods in from firewalls, containers, SNMP traps, and HTTP sources. You also need to fetch data from object stores, multiple activity hubs, Kafka, and other messaging sources. No open source project supports the variety and volumes of data required in a modern observability pipeline.
Using open source means building every element of the data processing pipeline. Adding to the complexity, projects like Kafka and Pulsar push around bytes. Converting those bytes to events is code that must be written for each source. You’ll also need essential features like per-source backpressure, support for a range of protocols, role and permission management, and so on. That massive investment of people and time has little hope of showing meaningful returns.
Cribl Stream, on the other hand, knows the data you’re struggling with. It knows events. It understands every field and allows your operations team to enrich, refine, and place that data wherever you need it. And if you want to replay that data to ask new questions, LogStream lets you do that too.
The common pattern for operations teams experimenting with open source is:
At roughly the six-month mark, most teams haven’t made much progress. Some data-related challenges have been solved, but bigger challenges around manageability, operations, governance and security remain unresolved.
Open source projects don’t ship with these capabilities for two reasons. First, they’re hard to build. Implementing management, security and governance is tedious. Second, open source commercializers build these features as proprietary add-ons because enterprises willingly pay for them.
Those “open core” companies wrapping things like Flink or Spark Streaming might be an option for the initial adoption phase. While initially appealing, these tools aren’t designed with operations teams in mind, leaving all of the previously stated data challenges unresolved.
The talent and skills poured into creating an enterprise solution are expensive. Depending on the market, data engineers with a few years of experience can have salaries ranging from $90,000 to $180,000. DevOps engineers or infrastructure experts with experience in Apache Kafka, Flink, Nifi, or Spark are often more expensive. Salaries of $200,000 or more are common, and that’s if you can even find that talent in your local market.
Three to four engineers, at a minimum, spending six months creating an internal product that isn’t competitively differentiating is a poor use of time. Add in hardware costs or cloud infrastructure expenses, and you’re easily looking at $300,000-400,000 for your open source observability pipeline. Add in ongoing maintenance, and financial costs really add up.
Money aside, the real impact on your company is the opportunity cost of building an observability pipeline. That time is better spent on competitively differentiating work for your enterprise, not on infrastructure.
LogStream is built by a team with over 30 years of combined experience creating products for operations teams. It provides visibility into the data, supports role-based access control and fine-grained management. If you can’t observe your observability pipeline, what value can it really offer?
With the abundance of log analytics tools available in the market, another option for operations teams is using a product from their incumbent log analytics vendor. This can be a great option if:
It’s unlikely either of those are true. If your log volumes aren’t growing, neither is your business (and you have bigger problems). Every one of our customers faces uncontrolled growth of logging data, but many turn off log aggregation because budgets aren’t keeping pace with logging expansion.
Processing observability data for insight is a critical priority, and processing options come in a variety of shapes and sizes. The days of dropping every log, metric and trace into a single data store are over. Today’s enterprises want to use multiple data and observability platforms to serve a growing number of data consumers. Data warehouses provide targeted, optimized analytics for a broadest possible set of data consumers, while data lakes support exploration and what-if scenario planning.
A common refrain from log analytics vendors is their pipelines use machine learning to determine what logs are trash and which are treasure, saving you money on ingestion volume cost. Those machine learning algorithms exist in a black box. You have no influence over what they keep or reject. The data you were counting on may suddenly stop flowing, crippling analysis.
And since ingest volume is how these companies make money, it’s unlikely they’ll reject much data. This keeps infrastructure and licensing costs high.
Contrast that with LogStream, which puts you in charge of what to keep or reject, what to enrich or reduce. LogStream works with your existing log analytics platform, but allows you to design and implement your observability pipeline your way, for your data.
Data is the single largest untapped asset in most companies. Being data-driven means having accessible data. Choosing a single observability platform for your pipeline and your log analytics tool locks your data into a single silo. That data might be accessible to the operations team, but it is cut off from other data consumers, like DevOps teams analyzing application performance or finance teams planning budgets.
Cribl Stream manages log, metric and trace data for the operations team and any other team that needs access to it – without creating another impenetrable data silo.
Bill Chung Sep 12, 2024
Tomer Shvueli Sep 5, 2024
Classic choice. Sadly, our website is designed for all modern supported browsers like Edge, Chrome, Firefox, and Safari
Got one of those handy?