x
LAS VEGAS, NV // June 10, 2024

Agenda

Time
Agenda
 
Location
CooLAB
8:00-9:00 AM
Registration / Breakfast
TBD
Closed
9:00-10:30 AM
Welcome Keynote
TBD
Closed
10:30-11:15 AM
Break
TBD
Open*
11:15-12:00 AM
Session
Session
TBD
Open*
12:00-1:30 PM
Lunch
TBD
Open*
1:30-2:15 PM
Session
Session
TBD
Open*
2:15-2:30 PM
Break
TBD
Open*
2:30-3:15 PM
Session
Session
TBD
Open*
3:25-4:10 PM
Session
Session
TBD
Open*
4:15-5:00 PM
Session
Session
TBD
Open*
5:00-8:00 PM
Demo Stations and Herd Hullabaloo Networking Reception
Git Your Goat @ CriblCon
TBD
Open*
* Cribl Product Demos + Architecture Whiteboarding + Collaboration Stations + Partner Sponsor Tables
Time
Agenda
Location
CooLAB
10:00-10:30 AM
CooLAB
TBD
Open*
10:30-11:15 AM
CooLAB
TBD
Open*
11:30-12:15 PM
CooLAB
TBD
Open*
12:15-1:30 PM
CooLAB
TBD
Open*
1:30-2:15 PM
CooLAB
TBD
Open*
2:30-3:30 PM
CooLAB
TBD
Open*
* Cribl Product Demos + Architecture Whiteboarding + Collaboration Stations + Partner Sponsor Tables
Time
Agenda
Location
CooLAB
10:00-10:30 AM
CooLAB
TBD
Open*
10:30-11:15 AM
CooLAB
TBD
Open*
11:30-12:15 PM
CooLAB
TBD
Open*
12:15-1:30 PM
CooLAB
TBD
Open*
1:30-2:15 PM
CooLAB
TBD
Open*
2:30-3:30 PM
CooLAB
TBD
Open*
* Cribl Product Demos + Architecture Whiteboarding + Collaboration Stations + Partner Sponsor Tables

Keynote

Wreak Order in the Midst of Chaos: Future Proofing Your IT + Security Data Strategy

AI, Data Growth, Compliance: How can you scale to advise and grow your organization
Clint Sharp, CEO and Founder, Cribl
Ledion Bitincka, Co-Founder and CTO, Cribl
Dritan Bitincka, Co-Founder and Head of C021, Cribl
Abby Strong, CMO, Cribl

Data growth, data formats, emerging tools and AI wreaking havoc in your organization? At Cribl, we’re here to help you wreak order. We’ll walk you through how building a Data Engine for IT and Security, powered by Cribl will help you clean up data disasters, conquer compliance, power your people and prepare your organization for automation and AI.

Curating high-quality data, bringing in unstructured data under management and establishing data literacy need to come first. These efforts can often be justified within innovation budgets while driving immediate impact through visibility, knowledge-sharing and better decision-making.

Breakout Sessions

Category: Best practices / tips and tricks
Speakers:
  • Chris Affleck, Senior Cyber Security Engineer, Epiq Global
  • Dan Wilson, Cyber Security Engineer, Epiq Global
  • Sidd Shah, Staff Solution Engineer, Cribl
Abstract:
​​In this session, we’re going to dig into how Epiq transitioned our security infrastructure from on-premise to cloud with the help of Cribl. We’ll talk about the challenges we faced in learning how to parse and shape Microsoft Sentinel data, and the victories we achieved by simplifying our infrastructure for cost savings and to streamline our data processes. We’ll share some valuable lessons we learned along the way helping others navigate similar digital transformations successfully.
What you’ll learn:
  • Best practices for Syslog
  • How to best leverage prebuilt packs
  • How available resources accelerate adoption
Category: Best practices / tips and tricks
Speakers:
  • Chanda Pulliam, ​​Senior Information Security Engineer, Synopsys
Abstract:
In this session, we’ll explore the transition from traditional syslog and Logstash setups to the dynamic capabilities of Cribl. We’ll share our firsthand experiences, from scalability issues to performance challenges, how we navigated these obstacles, to effectively transition to Cribl and Elastic.

We’ll cover how we identified the size of events in Elasticsearch and the pivotal role it played in measuring total storage usage and savings post-Cribl implementation. We’ll delve into the intricacies of this methodology, showcasing how it enabled us to gain granular insights into our log data, optimize storage utilization, and realize significant cost savings.
What you’ll learn:
  • Identifying Bottlenecks: Learn about the bottlenecks encountered during the transition from syslog and Logstash to Cribl and how we addressed them
  • Measuring Storage Usage and Savings: Learn about the method we used to identify event sizes in Elasticsearch and how we estimated total storage usage and quantify the savings post-Cribl migration.
  • Real-world Implementation Insights: Learn from our mistakes–including best practices, lessons learned, and practical tips for maximizing the benefits of transitioning to Cribl.
Category: Cribl.Cloud / Cloud Migration
Speakers:
  • Jon Rust, Staff Solutions Engineer, Cribl
  • Aaron Wilson, SRE Manager, iHerb
Abstract:
In the quest to turn our outdated and disorderly SIEM into a modern, streamlined and manageable solution, we turned to Cribl. Together we develop a centrally managed environment that empowered our teams to manage multiple data sources and destinations with improved time-to-value, reducing data flow steps, and increasing sustainability. Join this session to learn how we used Cribl to modernize and streamline our SIEM operations into a single point of management solution.
Category: Architecting with Purpose
Speakers:
  • Terry Mulligan, Discovered Intelligence
  • Anoop Ramachandran, Discovered Intelligence Inc.
Abstract:
Do you have both Cribl on-prem and Cribl. Cloud? Or are you thinking about extending your on-prem environment into Cribl. Cloud? If so, you have probably wondered about operating Cribl in a hybrid model. We recently migrated a large pharmaceutical customer to a hybrid model, and the good news is it wasn’t that difficult! In this session, we will share the benefits, concerns, challenges, lessons learned, and the best practices we adopted in moving to a hybrid model. Plus how this helps us to take advantage of emerging Cribl products like Edge, Search and Lake to find answers faster.
Category: O11y
Speakers:
  • Jacob Gorney, Cribl
  • Josh Biggley, Cribl
Abstract:
Learn how Cribl uses its own purpose-built data engine for IT and Security capable of discovering and collecting data from any source, processing billions of events per second, automatically routing data to optimized storage, and analyzing any data, at any time, in any location to drive the Cribl.Cloud team’s observability practice, make quick decisions, and continuously improve Cribl Stream, Edge, and Search from the inside.
Category: Best practices / tips and tricks
Speakers:
  • John Lim, Lead Systems Engineer, Cox Automotive
Abstract: Grease the wheels of adoption and step on that pipelining gas pedal!

Integrating Cribl Stream into your existing data engine can be a challenge for large organizations with well-established processes. Learn how Cox Automotive is methodically incorporating Stream through the extensive use of packs and data forks, and how stakeholders can realize the value of Cribl Stream with minimal impact to their day to day operations. Furthermore, learn how Cox Automotive is using data tiering and replay to ensure high availability and accelerated resolution times.
Category: Best practices / tips and tricks
Speakers:
  • BhoopeshKumar Jayasekaran, AutoDesk
Abstract:
This proposal aims to investigate the correlation between traces in OpenTelemetry (Otel) and logs in Splunk, two widely used tools in the field of observability and log management. The objective of this research is to explore how the integration of trace data from Otel and log data from Splunk can provide a comprehensive understanding of application performance and behavior. By analyzing the relationship between these two data sources, we aim to identify patterns, uncover hidden dependencies, and gain insights into system bottlenecks and potential issues. Through this correlation, we hope to enhance troubleshooting capabilities, optimize system performance, and improve overall observability of distributed applications. The findings of this study will contribute to the development of effective monitoring and analysis techniques, enabling organizations to proactively address performance challenges and deliver more reliable and efficient software systems.

Category: Hands-On Lab
Speakers:

  • Andre “Dre” Tucker, Cribl

Abstract:
In an era where security incidents are as inevitable as the ticking clock, we embrace the wisdom of Henry Ford: “The only real mistake is the one from which we learn nothing.” Imagine a world where every security incident becomes a stepping stone to greater resilience. With the powerhouse trio of Cribl Search, Cribl Stream, & Cribl Lake as our “DeLorean”, we’ll harness the lessons of the past & transform them into an arsenal for the future. With this innovative approach, you’ll learn an automated way to turn your old incidents into dynamic, interactive training modules that empower your SOC to navigate incident triage with the agility Marty McFly on a hoverboard, test SIEM correlations with the precision of Doc Brown, and bring your security tooling skills from Biff to buff.

Category: Hands-On Lab
Speakers:
  • Roman Trusov, Cribl
Abstract:
Ever feel like untangling log data takes forever? Us too. That’s why we built Cribl Search – a supercharged federated search engine for IT and security data.

Join this hands-on lab and see Cribl Search in action! We’ll throw a massive 1TB dataset (think common log format) at you and show you how Cribl Search cuts through the noise to get you the answers you need – fast. In this session, you’ll:
  • Play with a real dataset: We’ll configure a giant dataset live, showing you how Cribl Search tackles data with ease.
  • Be an Incident Response Pro: We’ll simulate a real-world IT issue and show you how Cribl Search helps you solve it in record time. Learn search tricks to become a data investigation ninja!
  • See the Time-Saving Magic: We’ll reveal how Cribl Search helped us resolve an incident in just 30 minutes, with minimal resources. Imagine the possibilities for your team!
Walk away from this session with the skills to unleash the power of Cribl Search in your organization. No more data dead ends – just lightning-fast insights!
Category: Hands-On Lab
Speakers:
  • Jenna Eagle, Sr. Solutions Engineer
  • Yasmin Hovakeemian, Staff Solutions Engineer
  • Jon Rust, Sr. Solutions Engineer
Abstract:
Git Your Goat is a jeopardy-style capture-the-flag-esque hands-on exercise where participants use Cribl, the data engine for IT and Security—and other tools—to go from WTF to FTW! It’s designed to emulate how real observability incidents look in the wild and the type of questions YOU have to answer day-to-day.

CriblCon CooLAB

Get ready to get your collab(oration) on in the CooLAB. That’s right, we’re bringing experts to collaborate with YOU and answer questions you might have about all things Cribl. Get ready to see the latest features in action in our product demos of Stream, Edge, and Search. But that’s not all! You have some architecture questions, our best and brightest architects will be there with whiteboards in hand ready to tackle some of your specific scenarios. We’ll also have Criblanians ready to tackle specific use case discussions like Syslog replacement / WEC replacement / SIEM enrichment / Cloud migration / Observability tool evaluation. And if you don’t see it on this list, don’t worry, drop by the #criblcon channel in our community Slack or the CriblCon usergroup group on Cribl.Curious and let us know what you’d like to see in Las Vegas. After all, this isn’t a mirage!

Hands-on Labs

Take your skills to the next level by attending hands-on labs at CriblCon! You’ll have the opportunity to learn from experts and get hands-on experience with Cribl’s product suite.  Practice in a safe and supportive environment while getting valuable tips from instructors and peers. Whether you’re an old goat or just starting out, the hands-on labs at CriblCon will help you take your Cribl powers to the next level and make you more valuable to your organization.

CriblCon Herd Hullabaloo

Wait… What’s a Herd Hullabaloo? Well, a hullabaloo is a commotion, disturbance, uproar or fuss used to describe some kind of noisy argument. The CriblCon Herd Hullabaloo is your place to unwind, discuss, agree, disagree, inquire, share thoughts, eat, drink, and be merry with the rest of the GOAT herd. At Cribl, we believe in the power of getting together IN PERSON to share ideas, swap stories with friends new and old and build relationships. That’s what this part-HAY is all about. If the rest of the event doesn’t sound like your cup of tea (or type of grass to graze), come on over after 6pm for the happiest hour we can offer! P.S. this part of the event is free.