Route data to multiple destinations
Enrich data events with business or service context
Search and analyze data directly at its source, an S3 bucket, or Cribl Lake
Reduce the size of data
Shape data to optimize its value
Store data in S3 buckets or Cribl Lake
Replay data from low-cost storage
Collect logs and metrics from host devices
Centrally receive and route telemetry to all your tools
Redact or mask sensitive data
Optimize data for better threat detection and response
Streamline infrastructure to reduce complexity and cost
Simplify Kubernetes data collection
Optimize logs for value
Control how telemetry is stored
Easily handle new cloud telemetry
Ensure freedom in your tech stack
Accelerate the value of AIOps
Effortlessly search, collect, process, route and store telemetry from every corner of your infrastructure—in the cloud, on-premises, or both—with Cribl. Try the Cribl Suite of products today.
Learn moreGet telemetry data from anywhere to anywhere
Get started quickly without managing infrastructure
Streamline collection with a scalable, vendor-neutral agent
AI-powered tools designed to maximize productivity
Easily access and explore telemetry from anywhere, anytime
Instrument, collect, observe
Store, access, and replay telemetry
Get hands-on support from Cribl experts to quickly deploy and optimize Cribl solutions for your unique data environment.
Work with certified partners to get up and running fast. Access expert-level support and get guidance on your data strategy.
Get inspired by how our customers are innovating IT, security, and observability. They inspire us daily!
Read customer storiesFREE training and certs for data pros
Log in or sign up to start learning
Step-by-step guidance and best practices
Tutorials for Sandboxes & Cribl.Cloud
Ask questions and share user experiences
Troubleshooting tips, and Q&A archive
The latest software features and updates
Get older versions of Cribl software
For registered licensed customers
Advice throughout your Cribl journey
Connect with Cribl partners to transform your data and drive real results.
Join the Cribl Partner Program for resources to boost success.
Log in to the Cribl Partner Portal for the latest resources, tools, and updates.
Case Study
“THE IMPROVED ANALYTICS AND VISIBILITY WE GET BY INCORPORATING CRIBL ARE FOUNDATIONAL. WE GET A LEVEL OF GRANULARITY THAT IS DIFFICULT OR IMPOSSIBLE WITHOUT IT.”
Ryan Pinga
Vice President of Managed Services
“WITH CRIBL STREAM, WE CAN EASILY SEND FULL RAW LOGS TO S3 FOR COMPLIANCE PURPOSES AND SEND REDUCED, NORMALIZED VERSIONS TO OUR SIEM PLATFORM.”
Ryan Pinga
Vice President of Managed Services
“OUR CONFIDENCE IN THE CRIBL STREAM PLATFORM, ITS ROADMAP, AND FOCUS GIVES US A LOT OF CONFIDENCE TO DO THINGS AT SCALE.”
Ryan Pinga
Vice President of Managed Services
Share:
When Ryan Pinga, Presidio’s Vice President of Managed Services, was brought in to help overhaul the security operations center (SOC) providing the organization’s Managed Detection and Response (MDR) offering, he started by evaluating different log pipeline solutions on the market. His goal was to shift towards a more flexible and modular setup enabling Presidio to support multiple technologies with a scalable and flexible platform that would exceed customer expectations
Ryan and his team started by looking at the classic solutions (mostly open source), but noticed that each of them had too much overhead or required deep (and costly) engineering expertise to get running at scale. Then, they stumbled across Cribl.
“About 45 minutes into researching, we knew we wanted Cribl. It was an immediate no-brainer. It had everything we needed from a technical and architectural perspective to enhance our managed service offering, with the perfect balance of flexibility without massive engineering overhead.”
Ryan Pinga
Vice President of Managed Services
Cribl Stream is now Presidio’s behind-the-scenes engine that powers all log collection for their MDR clients. They use it to collect customer data from Syslog, API collectors, Beats agents, leading security tools, and other sources. Each client has dedicated worker nodes which send raw data to S3 buckets, then routes normalized and shaped data to a multi-tenant SIEM.
“Cribl Stream does all of our log source reduction, standardization, and normalization for every one of our data sources. It gives us a clean UI, making it easy to do all of our parsing, rewrites, and transforms on various data sources across the board.”
Ryan Pinga
Vice President of Managed Services
“Instead of being beholden to other vendors to build and maintain parsers or index certain things, everything is now completely within our control with Cribl Stream. It’s a big differentiator for us to tell clients that there’s no data source we can’t work with — and Cribl makes that possible for us.”
Ryan Pinga
Vice President of Managed Services
Ryan and his team can now accelerate data onboarding and provide clients with immediate functionality and value — something that other providers who are not using Crbil Stream aren’t able to do nearly as easily. The team uses Cribl Packs to help customers quickly get a handle on managing risk. Packs bundle up knowledge related to a given data source along with pre-built routes and pipelines making it easy to port configurations from one worker group to the next. Since most of Presidio’s MDR clients have similar security data sources, utilizing Cribl Packs and leveraging scalable pipelines saves a lot of time.
“Since we put Stream in place and started leveraging Cribl Packs, we basically moved from an average onboarding time of 60-90 days to about 15-30 days.”
Ryan Pinga
Vice President of Managed Services
Cribl Packs enable scalability that didn’t exist before. They allow Ryan and his team to onboard data simply by reusing pipelines, making modifications only to credentials, authentication, and IPs. This results in minimal delays when onboarding a new client, instilling confidence in the product’s functionality and their onboarding process.
Many Packs in the Cribl Dispensary are Open Cybersecurity Schema Framework (OCSF) compliant, meaning they can be deployed to easily utilize this standard schema, and take advantage of the schema event class to more accurately interpret the information contained in the record, and often accelerating performance of downstream tools for detection, monitoring, and analytics.
“Building and maintaining alternative solutions would take three to five engineers to do at scale. I can operate Cribl Stream with half the amount of engineering resources because it’s such a solid, well-maintained, and extremely flexible product.”
Ryan Pinga
Vice President of Managed Services
Classic choice. Sadly, our website is designed for all modern supported browsers like Edge, Chrome, Firefox, and Safari
Got one of those handy?