The team at Accenture Federal Services (AFS) are working on a large scale data project at a major federal agency, and they’re using Cribl Stream to help them deliver the high standard of reliability, speed, and flexibility required by their client to power fast, accurate decision making, reducing Mean Time To Detect (MTTD) and Mean Time To Respond (MTTR).
Gared Seats is a Security Engineer at AFS, with a specialization in Splunk. His deep expertise in Splunk data ingestion is especially crucial to the team’s project. Getting the correct data into Splunk quickly means their client can identify and solve issues of potentially national importance more quickly as well.
As part of the project, the primary federal client is aggregating data feeds from several other agencies across 90 separate sites, including Bro/Zeek, Palo Alto Networks, and InfoBlox traffic as well as a variety of types of custom sensor data. Current traffic levels are at around 5TB a day, and are expected to increase significantly during the project implementation. The team at AFS are using Stream to ensure the quality of the data coming in is clean and formatted as required for the client’s use. Stream’s internal metrics mean they can confirm the fidelity of that data with visibility into the integrity of the content being acquired and processed.
When it’s literally a matter of national security, rapid identification and resolution of issues is of critical importance. Analysts at many federal agencies use Splunk to dig into and clarify potential anomalies, and AFS brings Stream into the mix to ensure those analysts get the best performance possible.
Cribl makes open observability a reality for today’s tech professionals. The Cribl product suite defies data gravity with radical levels of choice and control. Wherever the data comes from, wherever it needs to go, Cribl delivers the freedom and flexibility to make choices, not compromises. It’s enterprise software that doesn’t suck, enables tech professionals to do what they need to do, and gives them the ability to say “Yes.” With Cribl, companies have the power to control their data, get more out of existing investments, and shape the observability future. Founded in 2017, Cribl is a remote-first company with an office in San Francisco, CA. For more information, visit www.cribl.io or our LinkedIn, Twitter, or Slack community.