Route data to multiple destinations
Enrich data events with business or service context
Search and analyze data directly at its source, an S3 bucket, or Cribl Lake
Reduce the size of data
Shape data to optimize its value
Store data in S3 buckets or Cribl Lake
Replay data from low-cost storage
Collect logs and metrics from host devices
Centrally receive and route telemetry to all your tools
Redact or mask sensitive data
Optimize data for better threat detection and response
Streamline infrastructure to reduce complexity and cost
Simplify Kubernetes data collection
Optimize logs for value
Control how telemetry is stored
Easily handle new cloud telemetry
Ensure freedom in your tech stack
Accelerate the value of AIOps
Effortlessly search, collect, process, route and store telemetry from every corner of your infrastructure—in the cloud, on-premises, or both—with Cribl. Try the Cribl Suite of products today.
Learn moreGet telemetry data from anywhere to anywhere
Get started quickly without managing infrastructure
Streamline collection with a scalable, vendor-neutral agent
AI-powered tools designed to maximize productivity
Easily access and explore telemetry from anywhere, anytime
Instrument, collect, observe
Store, access, and replay telemetry
Get hands-on support from Cribl experts to quickly deploy and optimize Cribl solutions for your unique data environment.
Work with certified partners to get up and running fast. Access expert-level support and get guidance on your data strategy.
Get inspired by how our customers are innovating IT, security, and observability. They inspire us daily!
Read customer storiesFREE training and certs for data pros
Log in or sign up to start learning
Step-by-step guidance and best practices
Tutorials for Sandboxes & Cribl.Cloud
Ask questions and share user experiences
Troubleshooting tips, and Q&A archive
The latest software features and updates
Get older versions of Cribl software
For registered licensed customers
Advice throughout your Cribl journey
Connect with Cribl partners to transform your data and drive real results.
Join the Cribl Partner Program for resources to boost success.
Log in to the Cribl Partner Portal for the latest resources, tools, and updates.
Case Study
“WITHOUT CRIBL, DATA WE NEED DOESN'T MAKE IT INTO SPLUNK, AND WE LOSE ACCESS TO CRITICAL INTEL.”
PEDRO BORGES,
SENIOR SECURITY ENGINEER
“CRIBL HAS BECOME PART OF OUR CRITICAL PATH, BUT WE'RE JUST KIND OF SCRATCHING THE SURFACE OF WHAT WE CAN DO. WE'RE LEVERAGING SO MUCH MORE AS EACH WEEK GOES BY.”
SCOTT SCHWARTZ,
SOFTWARE ENGINEERING SENIOR MANAGER
“THE PLAN IS FOR ANY NEW APPLICATIONS AND LOG SOURCES TO GO THROUGH CRIBL, SO THAT WE CAN TRANSFORM THE DATA AND REPLAY IT WHENEVER WE NEED TO.”
PEDRO BORGES,
SENIOR SECURITY ENGINEER
Share:
One of the team’s goals is to continuously improve the security monitoring of their environment. Gaining more visibility into VPC flow logs and other high volume data sources had been a top priority for a while, but they were held back by the financial restrictions from their SIEM license.
The combination of Cribl and Amazon Security Lake finally opened up the possibility for getting the data they needed into Splunk.
“Ingesting that much data straight up from our different accounts wasn’t possible — until we learned about Cribl Stream. Now we have the flexibility to transform the data from Amazon Security Lake on its way to Splunk.”
Pedro Borges
Senior Security Engineer
Managing, onboarding, and routing logs from all these accounts used to require set up time from both the Cloud Security Operations (CSO) team and their internal clients. Now, Siemens uses Amazon Security Lake to aggregate logs from all accounts and regions into one central place and adjust data lifecycles as necessary.
But without a way to easily get that data to Splunk, the switch to Amazon Security Lake wouldn’t have been as beneficial.
“Cribl Stream came to our rescue by letting us simplify the ingestion into our SIEM. We no longer have to take time away to set up infrastructure to accommodate the passing of data from one environment to the next — we just use Cribl to send it right to our Splunk environment..”
Scott Schwartz
Software Engineering Senior Manager
Since Amazon Security Lake supports Open Cybersecurity Schema Framework (OCSF) formatting, large, detailed file sizes are the norm, as are extra fields that don’t really have any relevance to Siemens and the security detections they implement. The ability to easily reduce this data made Cribl Stream the perfect complement to their Amazon Security Lake integration.
“We use the Cribl pipelines to take this massive JSON log format and just extract the fields that are critical to us. If we only really care about 10 specific fields, we reduce events to those 10 and that’s it.”
Pedro Borges
Senior Security Engineer
“We’re also using Cribl Stream to combine events. From a security detection standpoint, it's great because our analysts can just see if an endpoint was hit, instead of seeing the same event multiple times in a Splunk search. Then we can pivot into when and how many times, or dive into the raw data if we need to.”
Pedro Borges
Senior Security Engineer
“We had all the data in Amazon Security Lake, but I wasn't ready to start setting up Athena to start reading it. I decided to use Cribl Search instead, and within 5-10 minutes, I was able to start searching. It was relatively easy to implement, and I was able to get the data that I needed quickly.”
Scott Schwartz
Software Engineering Senior Manager
“We’ve struggled with WAF logs in the past, just due to the sheer volume. Using Cribl to do some similar reductions and summarizations is going to allow us to bring that data in and run it against the threat Intelligence detections that we have in place.”
Scott Schwartz
Software Engineering Senior Manager
“With our previous process, it was great that we were able to get those logs, but sometimes they contained a lot of noise. We've updated our process so that instead of going directly to Splunk HEC, they'll be going through the Cribl-Splunk HEC input, and we’ll get a lot of that space back.”
Pedro Borges
Senior Security Engineer
Classic choice. Sadly, our website is designed for all modern supported browsers like Edge, Chrome, Firefox, and Safari
Got one of those handy?