Learn

Lastest Learn Posts

Trimming Unnecessary Fields from Logs
The author of a log has very different motivations from the consumer of that same log. For the author, they must conceive...
Context is King: Turning Ugly Logs into Rich Structured Events
Logs themselves often do not contain the necessary information in themselves to point an investigator in the right direction. Let’s say I’m...
Using Cribl to Analyze DNS Logs in Real-Time – PART 2
In a previous post we showed how to use detect data exfiltration with Cribl in real-time. The analysis focused on checking DNS labels from DNS logs...
Encrypting sensitive information in real-time with Cribl
If your machine data does not contain sensitive information, you don’t really need to read this – you got it all figured out. Just...
One of the more surprising realizations as we’ve started Cribl and started working with customers across all kinds of industry verticals is...
Update: Part 2 is now here The recent massive data breach at Marriot’s newly minted SPG (Simply Phucked Guests) program got me thinking...