Route data to multiple destinations
Enrich data events with business or service context
Search and analyze data directly at its source, an S3 bucket, or Cribl Lake
Reduce the size of data
Shape data to optimize its value
Store data in S3 buckets or Cribl Lake
Replay data from low-cost storage
Collect logs and metrics from host devices
Centrally receive and route telemetry to all your tools
Redact or mask sensitive data
Optimize data for better threat detection and response
Streamline infrastructure to reduce complexity and cost
Simplify Kubernetes data collection
Optimize logs for value
Control how telemetry is stored
Easily handle new cloud telemetry
Ensure freedom in your tech stack
Accelerate the value of AIOps
Effortlessly search, collect, process, route and store telemetry from every corner of your infrastructure—in the cloud, on-premises, or both—with Cribl. Try the Cribl Suite of products today.
Learn moreGet telemetry data from anywhere to anywhere
Get started quickly without managing infrastructure
Streamline collection with a scalable, vendor-neutral agent
AI-powered tools designed to maximize productivity
Easily access and explore telemetry from anywhere, anytime
Instrument, collect, observe
Store, access, and replay telemetry
Get hands-on support from Cribl experts to quickly deploy and optimize Cribl solutions for your unique data environment.
Work with certified partners to get up and running fast. Access expert-level support and get guidance on your data strategy.
Get inspired by how our customers are innovating IT, security, and observability. They inspire us daily!
Read customer storiesFREE training and certs for data pros
Log in or sign up to start learning
Step-by-step guidance and best practices
Tutorials for Sandboxes & Cribl.Cloud
Ask questions and share user experiences
Troubleshooting tips, and Q&A archive
The latest software features and updates
Get older versions of Cribl software
For registered licensed customers
Advice throughout your Cribl journey
Connect with Cribl partners to transform your data and drive real results.
Join the Cribl Partner Program for resources to boost success.
Log in to the Cribl Partner Portal for the latest resources, tools, and updates.
Case Study
“THE PRICING IS VERY ATTRACTIVE, AND THE RETURN ON INVESTMENT WAS REALLY FAST. IT MADE A MEASURABLE DIFFERENCE WITHIN A COUPLE OF WEEKS.”
JORIS VUFFRAY,
HEAD OF NETWORK & SYSTEM MANAGEMENT
“DEPLOYING AN APPLICATION IN A TESTING ENVIRONMENT USED TO GENERATE HUNDREDS OF GBS IN 15 MINUTES. WE CAN NOW SAMPLE IT IN A COUPLE OF SECONDS TO MAKE SURE WE'RE STILL COMPLIANT WITH OUR SPLUNK LICENSE.”
JORIS VUFFRAY,
HEAD OF NETWORK & SYSTEM MANAGEMENT
Share:
An enormous amount of data is generated from all the physical and online stores selling Swisslos’ offerings. A few years ago, the team switched to Kubernetes services to help automate the deployment, load balancing and scaling of their containerized applications. It helped to automate the IT team’s workload, but soon the team at Swisslos noticed that the number of logs generated each day—primarily from web application firewalls (WAF) and other critical applications-was growing at an unsustainable rate. The team needed to come up with a strategy to keep pace with rapid data growth while staying lean as a team and keeping costs for tools relatively flat.
Swisslos decided to bring in Cribl Stream to tackle the challenges posed by the increasing volume and fidelity of logging infrastructure.
With the increase in log volume and variety also came more complicated logs and several formatted in JSON— all of which took up valuable space in Swisslos’s Splunk license. Most of the logs and the information within them weren’t useful, so reducing unnecessary data was the first thing the team focused on.
Cribl Stream enabled them to filter their data effectively and store only what was necessary, helping to optimize their log storage and usage.
“By using Cribl Stream, we were able to reduce the growth of our Kubernetes cluster by 35% — and we reduced our web application firewall and web logs by over 50%.”
Joris Vuffray
Head of Network & System Management
Joris is making use of Cribl Stream’s enrichment capabilities as well, using lookups to do things like changing product IDs to product names. They also have an easier time adding GeoIP information using Cribl Stream instead of Splunk.
With less data overloading the application and better quality data going into it, Joris has noticed a huge improvement in Splunk’s performance.
“Everything we're doing now in Cribl was done on the indexer or heavy forwarder before, so those parts of the Splunk installation have much less to do. Cribl helped us to significantly increase the performance of Splunk.”
Joris Vuffray
Head of Network & System Management
“We had Cribl Stream up and running within a few hours, and there was essentially no learning curve. In Splunk, we had to be creative and use some tricks to do everything we needed. It’s the opposite with Cribl.”
Joris Vuffray
Head of Network & System Management
“The most important benefit from Cribl is being able to see live data and the impact changes will have on the data in real time. The integrated change tracking is also pretty cool.”
Joris Vuffray
Head of Network & System Management
One of the benefits of making these kinds of changes so quickly is that system admins get time back in their day. The added flexibility is having a big impact on the organization.
“Our admins can do their work 3-5 times faster with Cribl. We can provide solutions for test or dev teams easier than before, when we had to check configurations and restart the Splunk installation every time we made big changes.”
Joris Vuffray
Head of Network & System Management
“In Splunk, we had to use loads of regexes to rewrite formats, source types, and indexes. We can do this live in Cribl and send it to Splunk very easily, already sorted and routed to the right index or source type.”
Joris Vuffray
Head of Network & System Management
“It only took a few minutes to gather the information we needed to respond to the security attack. We took care of it on the phone in one afternoon, when normally it would have taken two weeks. We just took care of it.”
Joris Vuffray
Head of Network & System Management
“When it comes to regulations, we don’t always know what will be required in the future. But with Cribl Stream in place, I don't really have to worry about it. My management can just tell me what information needs to be masked or encrypted, and it will be done in a few clicks.”
Joris Vuffray
Head of Network & System Management
“We have Cribl Edge installed on all of our test Kubernetes nodes to gather logs and metrics. So far, it’s already a lot easier than deploying the Splunk forwarder. It deploys in five minutes, and then it’s done.”
Joris Vuffray
Head of Network & System Management
Classic choice. Sadly, our website is designed for all modern supported browsers like Edge, Chrome, Firefox, and Safari
Got one of those handy?