CriblCon 2024 - Agenda

Products
Product Portfolio

Cribl puts your IT and Security data at the center of your data management strategy and provides a one-stop shop for analyzing, collecting, processing, and routing it all at any scale. Try the Cribl suite of products and start building your data engine today!
Learn more ›

Evolving demands placed on IT and Security teams are driving a new architecture for how observability data is captured, curated, and queried. This new architecture provides flexibility and control while managing the costs of increasing data volumes.
Read white paper ›

Cribl Stream

Cribl Stream is a vendor-agnostic observability pipeline that gives you the flexibility to collect, reduce, enrich, normalize, and route data from any source to any destination within your existing data infrastructure.
Learn more ›

Vodafone Case Study

Vodafone Dials up Business Insights with Cribl Stream
Read Case Study ›

Cribl Edge

Cribl Edge provides an intelligent, highly scalable edge-based data collection system for logs, metrics, and application data.
Learn more ›

SpyCloud Edge Story

Listen to how SpyCloud uses Cribl Edge at scale.
Watch Video ›

Cribl Search

Cribl Search turns the traditional search process on its head, allowing users to search data in place without having to collect/store first.
Learn more ›

Happy 1st Birthday Cribl Search!
Read Blog ›

Cribl Lake

Cribl Lake is a turnkey data lake solution that takes just minutes to get up and running — no data expertise needed. Leverage open formats, unified security with rich access controls, and centralize access to all IT and security data.
Learn more ›

Navigating the future of IT and Security Data management white paper
Read white paper ›

Cribl.Cloud

The Cribl.Cloud platform gets you up and running fast without the hassle of running infrastructure.
Learn more ›

Cribl.Cloud Solution Brief

The fastest and easiest way to realize the value of an observability ecosystem.
Read Solution Brief ›

AppScope

AppScope gives operators the visibility they need into application behavior, metrics and events with no configuration and no agent required.
Learn more ›

Sandbox

Launch an AppScope Sandbox today!
Launch Now ›
Solutions
Use Cases

Explore Cribl’s Solutions by Use Cases:

Supercharge Security Insights ›

Accelerate Cloud Migration ›

Avoid Vendor Lock-in ›

Free Up Space for High-Value Data ›

Route From Any Source To Any Destination ›

Replay Data from Low-Cost Storage ›

Reduce Log Volume & Pay Less for Infrastructure ›
Integration

Explore Cribl’s Solutions by Integrations:

Amazon ›

Google ›

CrowdStrike ›

Microsoft ›

Elastic ›

Splunk ›

Exabeam ›

View All Integrations ›

Seamless Integrations for Your Observability Data
Learn More ›
Industries

Explore Cribl’s Solutions by Industry:

AIOps ›

Financial Services ›

Healthcare ›

Managed Security Services ›

Manufacturing and Logistics ›

Communications and Media ›

Public Sector ›

Retail ›
Resources
Resources

Resource Library ›

Documentation ›

Guides ›

AppScope Docs ›

Blog ›

Glossary ›

Podcasts ›

Telemetry 101

Understanding the Basics of Telemetry and Its Benefits
Learn More ›
Events & Webinars

Events ›

Webinars ›

CriblCon24
Las Vegas // June 10, 2024
Register Now ›

Watch On-Demand

3 ways to fast-track your data lake strategy without being a data expert
Watch On-Demand ›
Learning

Try the Sandboxes ›

Self Guided Trials ›

Cribl University ›

Cribl Community ›

Cribl Curious Forum ›

What is Observability? ›

Try Your Own Cribl Sandbox

Experience a full version of Cribl Stream and Cribl Edge in the cloud.
Launch Now ›
Tools & Pricing

Download Library ›

Past Releases ›

Pricing Plans ›

Stream ROI Calculator ›

Download Library

Download Cribl’s suite of products for free to get started.
Download ›
Customers
Customer Stories

Get inspired by how our customers are innovating IT, security and observability. They inspire us daily!
Read Customer Stories ›

Sally Beauty Holdings

Sally Beauty Swaps LogStash and Syslog-ng with Cribl.Cloud for a Resilient Security and Observability Pipeline
Read Case Study ›
Customer Experience

Support & Success ›

Professional Services ›

Service Delivery Partners ›

Documentation ›

AppScope Docs ›

Professional Services

Check out our new Professional Services offering.
Learn More ›
Learning

Try the Sandboxes ›

Self Guided Trials ›

Cribl University ›

Cribl Community ›

Cribl Curious Forum ›

Try Your Own Cribl Sandbox

Experience a full version of Cribl Stream and Cribl Edge in the cloud.
Launch Now ›
Company
About Cribl

Transform data management with Cribl, the Data Engine for IT and Security
Learn More ›

Cribl Corporate Overview

Cribl makes open observability a reality, giving you the freedom and flexibility to make choices instead of compromises.
Get the Guide ›

Cribl Newsroom

Stay up to date on all things Cribl and observability.
Visit the Newsroom ›

Press Releases

Read our most recent press releases.
Recent Press Releases ›

Leadership

Cribl’s leadership team has built and launched category-defining products for some of the most innovative companies in the technology sector, and is supported by the world’s most elite investors.
Meet our Leaders ›

Careers

Join the Cribl herd! The smartest, funniest, most passionate goats you’ll ever meet.
Learn More ›

Cribl Named to the Inc. 5000 List of Fastest Growing Private Companies
Learn More ›

Cribl for Startups

Whether you’re just getting started or scaling up, the Cribl for Startups program gives you the tools and resources your company needs to be successful at every stage.
Learn More ›

Contact Us

Want to learn more about Cribl from our sales experts? Send us your contact information and we’ll be in touch.
Talk to an Expert ›

Try Cribl Talk to an expert

LAS VEGAS, NV // June 10, 2024

Agenda

Monday June 10, 2024
Tuesday June 11, 2024
Wednesday June 12, 2024

Time	Agenda		Location	CooLAB
8:00-9:00 AM	Registration / Breakfast		TBD	Closed
9:00-10:30 AM	Welcome Keynote		TBD	Closed
10:30-11:15 AM	Break		TBD	Open*
11:15-12:00 AM	Session	Session	TBD	Open*
12:00-1:30 PM	Lunch		TBD	Open*
1:30-2:15 PM	Session	Session	TBD	Open*
2:15-2:30 PM	Break		TBD	Open*
2:30-3:15 PM	Session	Session	TBD	Open*
3:25-4:10 PM	Session	Session	TBD	Open*
4:15-5:00 PM	Session	Session	TBD	Open*
5:00-8:00 PM	Demo Stations and Herd Hullabaloo Networking Reception	Git Your Goat @ CriblCon	TBD	Open*

* Cribl Product Demos + Architecture Whiteboarding + Collaboration Stations + Partner Sponsor Tables

Time	Agenda	Location	CooLAB
10:00-10:30 AM	CooLAB	TBD	Open*
10:30-11:15 AM	CooLAB	TBD	Open*
11:30-12:15 PM	CooLAB	TBD	Open*
12:15-1:30 PM	CooLAB	TBD	Open*
1:30-2:15 PM	CooLAB	TBD	Open*
2:30-3:30 PM	CooLAB	TBD	Open*

* Cribl Product Demos + Architecture Whiteboarding + Collaboration Stations + Partner Sponsor Tables

Time	Agenda	Location	CooLAB
10:00-10:30 AM	CooLAB	TBD	Open*
10:30-11:15 AM	CooLAB	TBD	Open*
11:30-12:15 PM	CooLAB	TBD	Open*
12:15-1:30 PM	CooLAB	TBD	Open*
1:30-2:15 PM	CooLAB	TBD	Open*
2:30-3:30 PM	CooLAB	TBD	Open*

* Cribl Product Demos + Architecture Whiteboarding + Collaboration Stations + Partner Sponsor Tables

Keynote

Wreak Order in the Midst of Chaos: Future Proofing Your IT + Security Data Strategy

AI, Data Growth, Compliance: How can you scale to advise and grow your organization
Clint Sharp, CEO and Founder, Cribl
Ledion Bitincka, Co-Founder and CTO, Cribl
Dritan Bitincka, Co-Founder and Head of C021, Cribl
Abby Strong, CMO, Cribl

Data growth, data formats, emerging tools and AI wreaking havoc in your organization? At Cribl, we’re here to help you wreak order. We’ll walk you through how building a Data Engine for IT and Security, powered by Cribl will help you clean up data disasters, conquer compliance, power your people and prepare your organization for automation and AI.

Curating high-quality data, bringing in unstructured data under management and establishing data literacy need to come first. These efforts can often be justified within innovation budgets while driving immediate impact through visibility, knowledge-sharing and better decision-making.

Breakout Sessions

How Cribl saves us 400k per year

Category: Best practices / tips and tricks
Speakers:

Chris Affleck, Senior Cyber Security Engineer, Epiq Global
Dan Wilson, Cyber Security Engineer, Epiq Global
Sidd Shah, Staff Solution Engineer, Cribl

Abstract:
In this session, we’re going to dig into how Epiq transitioned our security infrastructure from on-premise to cloud with the help of Cribl. We’ll talk about the challenges we faced in learning how to parse and shape Microsoft Sentinel data, and the victories we achieved by simplifying our infrastructure for cost savings and to streamline our data processes. We’ll share some valuable lessons we learned along the way helping others navigate similar digital transformations successfully.
What you’ll learn:

Best practices for Syslog
How to best leverage prebuilt packs
How available resources accelerate adoption

Navigating Transition: From Syslog and Logstash to Cribl

Category: Best practices / tips and tricks
Speakers:

Chanda Pulliam, Senior Information Security Engineer, Synopsys

Abstract:
In this session, we’ll explore the transition from traditional syslog and Logstash setups to the dynamic capabilities of Cribl. We’ll share our firsthand experiences, from scalability issues to performance challenges, how we navigated these obstacles, to effectively transition to Cribl and Elastic.

We’ll cover how we identified the size of events in Elasticsearch and the pivotal role it played in measuring total storage usage and savings post-Cribl implementation. We’ll delve into the intricacies of this methodology, showcasing how it enabled us to gain granular insights into our log data, optimize storage utilization, and realize significant cost savings.
What you’ll learn:

Identifying Bottlenecks: Learn about the bottlenecks encountered during the transition from syslog and Logstash to Cribl and how we addressed them
Measuring Storage Usage and Savings: Learn about the method we used to identify event sizes in Elasticsearch and how we estimated total storage usage and quantify the savings post-Cribl migration.
Real-world Implementation Insights: Learn from our mistakes–including best practices, lessons learned, and practical tips for maximizing the benefits of transitioning to Cribl.

s/Chaos/Control/g -> Modernizing the Data Pipeline with Cribl

Category: Cribl.Cloud / Cloud Migration
Speakers:

Jon Rust, Staff Solutions Engineer, Cribl
Aaron Wilson, SRE Manager, iHerb

Abstract:
In the quest to turn our outdated and disorderly SIEM into a modern, streamlined and manageable solution, we turned to Cribl. Together we develop a centrally managed environment that empowered our teams to manage multiple data sources and destinations with improved time-to-value, reducing data flow steps, and increasing sustainability. Join this session to learn how we used Cribl to modernize and streamline our SIEM operations into a single point of management solution.
CriblCon Session Preview >

Migrating Cribl to a Hybrid Model

Category: Architecting with Purpose
Speakers:

Terry Mulligan, Discovered Intelligence
Anoop Ramachandran, Discovered Intelligence Inc.

Abstract:
Do you have both Cribl on-prem and Cribl. Cloud? Or are you thinking about extending your on-prem environment into Cribl. Cloud? If so, you have probably wondered about operating Cribl in a hybrid model. We recently migrated a large pharmaceutical customer to a hybrid model, and the good news is it wasn’t that difficult! In this session, we will share the benefits, concerns, challenges, lessons learned, and the best practices we adopted in moving to a hybrid model. Plus how this helps us to take advantage of emerging Cribl products like Edge, Search and Lake to find answers faster.

Delivering Observability for Highly Available Services with Cribl (aka How Cribl Makes Better Products with Cribl)

Category: O11y
Speakers:

Jacob Gorney, Cribl
Josh Biggley, Cribl

Abstract:
Learn how Cribl uses its own purpose-built data engine for IT and Security capable of discovering and collecting data from any source, processing billions of events per second, automatically routing data to optimized storage, and analyzing any data, at any time, in any location to drive the Cribl.Cloud team’s observability practice, make quick decisions, and continuously improve Cribl Stream, Edge, and Search from the inside.
CriblCon Session Preview >

Tune your Data Engine: How Packs and Forks Supercharge Value

Category: Best practices / tips and tricks
Speakers:

John Lim, Lead Systems Engineer, Cox Automotive

Abstract:
Grease the wheels of adoption and step on that pipelining gas pedal! Integrating Cribl Stream into your existing data engine can be a challenge for large organizations with well-established processes. Learn how Cox Automotive is methodically incorporating Stream through the extensive use of packs and data forks, and how stakeholders can realize the value of Cribl Stream with minimal impact to their day to day operations. Furthermore, learn how Cox Automotive is using data tiering and replay to ensure high availability and accelerated resolution times.

Exploring the Synergy: Correlating Traces with Logs for Enhanced Observability

Category: Best practices / tips and tricks
Speakers:

BhoopeshKumar Jayasekaran, AutoDesk

Abstract:
This proposal aims to investigate the correlation between traces in OpenTelemetry (Otel) and logs in Splunk, two widely used tools in the field of observability and log management. The objective of this research is to explore how the integration of trace data from Otel and log data from Splunk can provide a comprehensive understanding of application performance and behavior. By analyzing the relationship between these two data sources, we aim to identify patterns, uncover hidden dependencies, and gain insights into system bottlenecks and potential issues. Through this correlation, we hope to enhance troubleshooting capabilities, optimize system performance, and improve overall observability of distributed applications. The findings of this study will contribute to the development of effective monitoring and analysis techniques, enabling organizations to proactively address performance challenges and deliver more reliable and efficient software systems.

Great Scott! Doc Brown's Guide to Weaponizing the SOC

Category: Hands-On Lab
Speakers:

Andre “Dre” Tucker, Cribl

Abstract:
In an era where security incidents are as inevitable as the ticking clock, we embrace the wisdom of Henry Ford: “The only real mistake is the one from which we learn nothing.” Imagine a world where every security incident becomes a stepping stone to greater resilience. With the powerhouse trio of Cribl Search, Cribl Stream, & Cribl Lake as our “DeLorean”, we’ll harness the lessons of the past & transform them into an arsenal for the future. With this innovative approach, you’ll learn an automated way to turn your old incidents into dynamic, interactive training modules that empower your SOC to navigate incident triage with the agility Marty McFly on a hoverboard, test SIEM correlations with the precision of Doc Brown, and bring your security tooling skills from Biff to buff.
CriblCon Session Preview >

Cribl Search: From Zero to Hero in 30 Minutes (Seriously!)

Category: Hands-On Lab
Speakers:

Roman Trusov, Cribl

Abstract:
Ever feel like untangling log data takes forever? Us too. That’s why we built Cribl Search – a supercharged federated search engine for IT and security data. Join this hands-on lab and see Cribl Search in action! We’ll throw a massive 1TB dataset (think common log format) at you and show you how Cribl Search cuts through the noise to get you the answers you need – fast. In this session, you’ll:

Play with a real dataset: We’ll configure a giant dataset live, showing you how Cribl Search tackles data with ease.
Be an Incident Response Pro: We’ll simulate a real-world IT issue and show you how Cribl Search helps you solve it in record time. Learn search tricks to become a data investigation ninja!
See the Time-Saving Magic: We’ll reveal how Cribl Search helped us resolve an incident in just 30 minutes, with minimal resources. Imagine the possibilities for your team!

Walk away from this session with the skills to unleash the power of Cribl Search in your organization. No more data dead ends – just lightning-fast insights!
CriblCon Session Preview >

Git Your Goat @ CriblCon

Category: Hands-On Lab
Speakers:

Jenna Eagle, Staff Solutions Engineer
Yasmin Hovakeemian, Staff Solutions Engineer
Jon Rust, Staff Solutions Engineer

Abstract:
Git Your Goat is a jeopardy-style capture-the-flag-esque hands-on exercise where participants use Cribl, the data engine for IT and Security—and other tools—to go from WTF to FTW! It’s designed to emulate how real observability incidents look in the wild and the type of questions YOU have to answer day-to-day.
CriblCon Session Preview – Jenna Eagle >
CriblCon Session Preview – Yasmin Hovakeemian >

CriblCon CooLAB

Get ready to get your collab(oration) on in the CooLAB. That’s right, we’re bringing experts to collaborate with YOU and answer questions you might have about all things Cribl. Get ready to see the latest features in action in our product demos of Stream, Edge, and Search. But that’s not all! You have some architecture questions, our best and brightest architects will be there with whiteboards in hand ready to tackle some of your specific scenarios. We’ll also have Criblanians ready to tackle specific use case discussions like Syslog replacement / WEC replacement / SIEM enrichment / Cloud migration / Observability tool evaluation. And if you don’t see it on this list, don’t worry, drop by the #criblcon channel in our community Slack or the CriblCon usergroup group on Cribl.Curious and let us know what you’d like to see in Las Vegas. After all, this isn’t a mirage!

Hands-on Labs

Take your skills to the next level by attending hands-on labs at CriblCon! You’ll have the opportunity to learn from experts and get hands-on experience with Cribl’s product suite. Practice in a safe and supportive environment while getting valuable tips from instructors and peers. Whether you’re an old goat or just starting out, the hands-on labs at CriblCon will help you take your Cribl powers to the next level and make you more valuable to your organization.

CriblCon Herd Hullabaloo

Wait… What’s a Herd Hullabaloo? Well, a hullabaloo is a commotion, disturbance, uproar or fuss used to describe some kind of noisy argument. The CriblCon Herd Hullabaloo is your place to unwind, discuss, agree, disagree, inquire, share thoughts, eat, drink, and be merry with the rest of the GOAT herd. At Cribl, we believe in the power of getting together IN PERSON to share ideas, swap stories with friends new and old and build relationships. That’s what this part-HAY is all about. If the rest of the event doesn’t sound like your cup of tea (or type of grass to graze), come on over after 6pm for the happiest hour we can offer! P.S. this part of the event is free.

Product Portfolio

Cribl Stream

Cribl Edge

Cribl Search

Cribl Lake

Cribl.Cloud

AppScope

Use Cases

Integration

Industries

Resources

Events & Webinars

Learning

Tools & Pricing

Download Library

Customer Stories

Customer Experience

Learning

Try Your Own Cribl Sandbox

About Cribl

Cribl Newsroom

Leadership

Careers

Cribl for Startups

Contact Us

Agenda

Keynote

Wreak Order in the Midst of Chaos: Future Proofing Your IT + Security Data Strategy

Breakout Sessions

CriblCon CooLAB

Hands-on Labs

CriblCon Herd Hullabaloo

So you're rockin' Internet Explorer!

You’re awesome. We want your experience to be equally so.

We’d love your thoughts on our website. Tell us your feedback and leave here knowing you’ve helped improve the lives of IT & Security pros everywhere!