Cribl, ITOps super hero
In this demo, we’ll explore how Cribl's Data Engine helps IT teams quickly resolve issues in their environments while optimizing their IT and Security data to get the most value from it.
Not all heroes wear capes
New to Cribl? Click the 'Tell me more' button below to explore the Cribl suite of products. Discover how you can use all or select products to create your powerful Data Engine tailored for IT and Security.
Not so new? Or just impatient? Click "Start Demo".
The lay of our data landscape
First, a quick overview of how our data flows through Cribl.
While Cribl functions as a universal receiver, enabling you to work with nearly any agent or data source, for this example, we’ll use Cribl Edge. Edge is Cribl's smart agent delivering insights into your systems, containers, and Kubernetes deployments before it’s moved. Plus it’s easy to manage and deploy through a user-friendly interface.
Add Cribl Edge to your systems
Adding Edge to a system is as easy as selecting a node type, and running the provided script on the system.
Explore data at the edge
Once the script is installed, we can explore the data generated by the system and easily route it using a simple drag-and-drop interface. In this example, we're collecting system metrics and logs from our web servers and directing them to a Cribl Stream destination.
While we can reduce, enrich, transform, and route data directly on the Edge node, forwarding it to Cribl Stream allows us to harness the additional processing power that Stream Worker Groups provide.
Stream Life
With our products the look and feel across product is homogenous, each serve a different function. This may look familiar to where we just were but we are now on the Stream worker group called Cribl Coffee.
Get data from A to B (and C, F, and even Z)
In Stream, we aggregate system logs and metrics and route them to a Prometheus destination.
Additionally, we store a full-fidelity copy of the data in Cribl Lake to ensure compliance and have it readily available for investigations if needed.
The power of pipelines
Take note of the pipeline icon; pipelines are a crucial feature of Stream. They consist of a series of functions designed to transform your data. In this particular pipeline, we’re converting log data into metrics, which significantly reduces the volume of data that needs to be ingested into our tools.
Other routes in this setup use the "Passthru" option, where data flows through unchanged an ideal approach for compliance data.
Although we’re not using them here, packs are prebuilt collections of configurations, including pipelines tailored for specific technologies. They enable you to quickly reduce and transform data without the effort of building pipelines from scratch.
Start an investigation
Now that data is flowing to our destinations, let's explore how Search can help us use it.
In this example, we have received some CPU & Network alerts.
Let’s search through our Prometheus metrics to identify any potential issues.
Search our Prometheus data
We've created a dataset in Search that uses the Prometheus API as the data source.
After searching, we notice that CPU usage on one of our servers is nearly maxed out.
Given that these instances are behind an elastic load balancer, the load should be distributed across the system. Let's investigate further.
Focus our search on network bytes
By adjusting the search to focus on network traffic, we discovered that one system is receiving the majority of web traffic, indicating a potential issue with our Elastic Load Balancer. This traffic spike to a single server confirms there's likely a problem with the load balancer configuration.
Lets take a look at the ELB config on AWS.
Accelerating time to resolution
In our load balancer settings, we find that only one server was added to the pool, which explains the imbalance we observed in the Search results.
After quickly fixing the configuration, traffic is properly distributed, and our customers are happy once again. Phew!
The Data Engine to the rescue
As we’ve seen, with Cribl’s suite of products, we swiftly routed, reduced, transformed, stored, and searched our data, gaining immediate value from it.
It’s a small example of how the Data Engine for IT and Security can help ITOps solve even the biggest data problems.
Feel free to shedule a demo or try cribl by clicking on either.
Schedule a demoTry Cribl