Solutions

Use Cases

Initiatives

Technologies

Industries

Route
Route data to multiple destinations

Enrich
Enrich data events with business or service context

Search
Search and analyze data directly at its source, an S3 bucket, or Cribl Lake

Reduce
Reduce the size of data

Transform
Shape data to optimize its value

Store
Store data in S3 buckets or Cribl Lake

Replay
Replay data from low-cost storage

Collect
Collect logs and metrics from host devices

Universal Receiver
Centrally receive and route telemetry to all your tools

Redact
Redact or mask sensitive data

Interactive Demos See all Integrations

Supercharge Security Insights
Optimize data for better threat detection and response

Agent Consolidation
Streamline infrastructure to reduce complexity and cost

Tackle Application Infrastructure Sprawl
Simplify Kubernetes data collection

Reduce Log Volume
Optimize logs for value

Slash Storage Costs
Control how telemetry is stored

Accelerate Cloud Migration
Easily handle new cloud telemetry

Avoid Vendor Lock-In
Ensure freedom in your tech stack

AIOps Optimization
Accelerate the value of AIOps

Interactive Demos See all Integrations

See all Integrations

Seamless Integrations to Power All Your Tools See all Integrations

Interactive Demos See all Integrations

Healthcare

Managed Security Services

Manufacturing & Logistics

Media & Entertainment

Public Sector

Retail

Financial Services

Interactive Demos See all Integrations
Products

Overview

Products

Services

Cribl Products Overview

Effortlessly search, collect, process, route and store telemetry from every corner of your infrastructure—in the cloud, on-premises, or both—with Cribl. Try the Cribl Suite of products today.
Learn more

Interactive Demos Pricing Support

Cribl.Cloud
Get started quickly without managing infrastructure

Stream
Get telemetry data from anywhere to anywhere

Edge
Streamline collection with a scalable, vendor-neutral agent

Search
Easily access and explore telemetry from anywhere, anytime

Lake
Store, access, and replay telemetry.

Copilot
AI-powered tools designed to maximize productivity

Appscope
Instrument, collect, observe

Interactive Demos Pricing Support

Activation Services
Get hands-on support from Cribl experts to quickly deploy and optimize Cribl solutions for your unique data environment.

Service Delivery Partners
Work with certified partners to get up and running fast. Access expert-level support and get guidance on your data strategy.

Interactive Demos Pricing Support
Customers

Customer Stories

Customer Highlights

Customer Stories

Get inspired by how our customers are innovating IT, security, and observability. They inspire us daily!
Read customer stories

Watch now

In Action!
See how our customers use Cribl as their data engine for IT and Security
Watch now

Sally Beauty
Replacing LogStash and Syslog-ng with a resilient pipeline
Learn more

Yale New Haven
Reducing SIEM burden and revamping security infrastructure
Learn more

Aflac
Gotta catch 'em all! Simplifying data onboarding across sources
Learn more

SAP
Accelerating SAP Enterprise Cloud Services' security initiatives
Learn more

Autodesk
Metrics, OTel and more: Modernizing an enterprise data pipeline
Learn more

Nutanix
Reducing firewall log volume by 50%
Learn more
Learning & Resources

Learning

Cribl University
FREE training and certs for data pros

Cribl University LogIn
Log in or sign up to start learning

Docs

Tech Docs
Step-by-step guidance and best practices

Self Guided Trials
Tutorials for Sandboxes & Cribl.Cloud

Community

Slack
Ask questions and share user experiences

Curious Knowledge Base
Troubleshooting tips, and Q&A archive

Downloads

Download Library
The latest software features and updates

Past Releases
Get older versions of Cribl software

Support

Support Portal
For registered licensed customers

Customer Success
Advice throughout your Cribl journey

Blog & Podcasts

Events

Webinars

Briefs & Papers

Packs

GitHub Repos

Docker Hub

Glossary

Telemetry 101

Observability 101
Pricing

Plans

ROI calculator
About

Cribl

Partners

About Cribl

Transform data management with Cribl, the Data Engine for IT and Security.
Learn more

Company Careers News Contact Leadership Cribl for Startups

Learn more

Featured News Story
Cribl closes $319M oversubscribed Series E at $3.5B valuation!
Learn more

Find a Partner
Connect with Cribl partners to transform your data and drive real results.

Partner Program
Join the Cribl Partner Program for resources to boost success.

Partner Login
Log in to the Cribl Partner Portal for the latest resources, tools, and updates.

Case Study

Fast Food Chain Cuts Data Egress Costs, Resolves Data Compatibility Issues and Transforms Observability Strategy

“HAVING CRIBL JUST ELIMINATES A LOT OF COMPLEXITIES AND ALLOWS YOU TO BE MORE CREATIVE. IT MAKES EVALUATING AND ONBOARDING NEW TOOLS FASTER AND MAKES YOUR OTHER TOOLS BETTER.”

“WE TESTED TWO NEW VENDORS BY FEEDING THEM THE SAME DATA WITH CRIBL STREAM, AND SAVED A TON OF TIME ON TESTING AND DEPLOYMENT.”

This global fast food chain, with over 35,000 locations in 100 countries, started a global observability initiative to streamline data collection, standardize logging, and reduce storage costs. The network infrastructure and operations team focuses on global monitoring at scale, managing thousands of sites, data centers, and platforms around the world–and need maximum efficiency when handling such a vast scale.

By sending IT and security logs to multiple tools, the team found most of their time consumed by repetitive data onboarding tasks. They saw an opportunity to optimize by implementing a unified observability pipeline, leveraging Cribl Stream to centralize and streamline their data flow. Cribl quickly became more than just a tool; it was a strategic partner, reshaping their observability approach.

Powering Multiple Observability and Security Tools with a Unified Telemetry Data Pipeline

As a multinational enterprise, there are various stakeholders for the company’s observability data, Stream ensures the right data gets to the right place.

“We need to ship our security logs to at least three different teams, all with different security platforms. We also put the logs in Amazon S3 for long-term data retention and storage. Using Cribl reduces the complexity of that deployment, making it easy to stream the data to multiple destinations.”

Senior Technical Product Manager

Before implementing Cribl, the organization was spending valuable resources to stream multiple copies of the same data to all of their monitoring tools.

“Since we brought on Cribl, we no longer have to send the same copy of our syslog data from the source to multiple places. Our log volume has been reduced essentially by two-thirds.”

Senior Technical Product Manager

The network infrastructure and operations team also uses Cribl to handle their volume-intensive firewall logs, consolidating all the data from their restaurants into a single, daily integration. This process reduces bandwidth even further — consolidated data is sent to AWS and then pushed to necessary destinations from there, streamlining data egress from 600 MBps to 200 MBps–equating to a log volume reduction in the neighborhood of 131 TB/ month.

Reduced Costs of Compliance and Data Storage

Reductions in data volume have also had some downstream effects. Since they can keep full-fidelity copies of their data in low-cost storage like S3, the costs and complexity associated with meeting compliance requirements have dropped significantly.

“After we use Cribl to stream data to S3, the only costs are for AWS storage, which is much cheaper compared to other platforms. We're talking about a reduction from 20-30 cents per gigabyte to just 2 cents per gigabyte.”

Senior Technical Product Manager

When one internal group switched from storing logs in New Relic to sending them through Cribl Stream to S3, they saw a significant reduction.

“We had a situation where one team was spending $70,000/month for log storage. When we optimized and routed that data with Cribl, we were able to send only what was relevant for New Relic monitoring and dashboards, and send the rest of the data to S3. We’re saving $40K per month because of Cribl from this one use case.”

Senior Technical Product Manager

As they move forward from the beginnings of their Cribl deployment, the organization expects to see more use cases and success.

Kicking Off a Global Security Operations Center Initiative

The benefits of Cribl extend beyond just the network infrastructure and operations team. The incident management team uses Stream to correlate all the data moving through its AIOps platform, and the security team plans to use it to deploy their global Security Operations Center (SOC) initiative.

“We’ll use Google Chronicle to integrate all the logs and data sources for our global SOC project. The plan is to move all the data through Cribl Stream so we can make use of all of the capabilities that other tools lack.”

Senior Technical Product Manager

Having all the data in one centralized location has simplified the process of sending data to different internal teams and onboarding data from new applications.

“Cribl has really helped us deploy new tools faster. It takes away the complexity of onboarding data and new tools, and if another team is interested in a data source, we can just create a feed for them.”

Senior Technical Product Manager

Improved Data Compatibility for a Diverse Tool Set

They also use Cribl Stream to improve the operational efficiency within the organization. When data needs to be cleaned up before it’s stored or shared, it’s easy to get rid of the noise.

“Cribl helps us solve standardization issues like incorrect host names or timestamps. We can fix log names, get rid of duplicate IDs, and shape or transform the data for better compatibility between our tools.”

Senior Technical Product Manager

The formatting capabilities have come in handy for a number of different projects, allowing the team to come up with creative solutions to unique problems.

“When our Palo Alto Networks log collector was showing the collector name as the host instead of the firewall name, we used Cribl to correct it. We also transformed DNS logs from .csv to another format that was more compatible with our security analytics platform.”

Senior Technical Product Manager

Enriching Data for Troubleshooting; Transforming Data for Compatibility

The fast food chain also uses Cribl Search to examine historical logs when they encounter network issues. If the security team needs information about specific IPs or users, the network infrastructure and operations team find it using Search and generate a file to pass along. Querying the data in place before deciding which (if any) data to move eliminates noisy data thus accelerating the performance of their AIOps platform.

To make that data as useful as possible for troubleshooting, they use Cribl Stream to add relevant tags to events.

“The biggest value we see from Cribl is being able to transform data in flight. We can add city, region, or country names so that data is enriched and normalized before it's ingested into another platform and used for correlation analysis. Other platforms just aren’t designed for this level of enrichment.”

Senior Technical Product Manager

These enrichments allow their AIOps tools to correlate issues across different sites and regions. For example, if multiple sites in the same city experience problems simultaneously, the AIOps software can use the Cribl-added enrichments to identify and analyze the situation, significantly speeding time to resolution.

The organization has also benefited from real-time data visualization within Cribl Stream.

“Tapping into the logs to see real-time volume and events per second really helps us with troubleshooting. Being able to see bytes per second now vs the weekend or other times has been helpful for trending and planning.”

Senior Technical Product Manager

TL;DR

Cribl enabled efficient data streaming to multiple destinations, reducing log volume by two-thirds, saving network bandwidth, and reducing egress costs.
Creating a data pipeline improved overall data standardization and compatibility across diverse tools.
Easier to visualize logs, volume, and events per second for better network management.
Using Cribl Search to examine historical logs when troubleshooting network issues, helping them save on ingestion costs by only pulling relevant data.

About Cribl

Cribl makes open observability a reality for today’s tech professionals. The Cribl product suite defies data gravity with radical levels of choice and control. Wherever the data comes from, wherever it needs to go, Cribl delivers the freedom and flexibility to make choices, not compromises. It’s enterprise software that doesn’t suck, enables tech professionals to do what they need to do, and gives them the ability to say “Yes.” With Cribl, companies have the power to control their data, get more out of existing investments, and shape the observability future. Founded in 2017, Cribl is a remote-first company with an office in San Francisco, CA. For more information, visit cribl.io or our LinkedIn, Twitter, or Slack community.

Case Study

How Siemens Simplifies Security Operations with Cribl

Case Study