Cribl LogStream™ Use Case: Make room for interesting data

Eliminate noisy, wasted data volume and onboard higher-value data from multiple sources

The Challenge:

Most observability data is incredibly noisy – it contains null values, duplicate fields, and information with little to zero analytical value. You need to pick up the signal through all that noise and automate the extraction of high-value observability data.

The Solution:

Use Cribl LogStream’s data filtering to clean up your data, then increase the value of what you choose to keep by enriching it with context – automatically adding related data from external sources – all in real time.

Enrich your data with third party sources like GeoIP and known threats databases before it even gets into your logging system. Provide greater context to your organization, and enable a deeper, more actionable analysis of your observability and security data.

Eliminate duplicate fields, null values, and any elements that provide little analytical value. Filter and screen events for dynamic sampling, or convert log data into metrics for access to massive volume reduction.

Solution Benefits:

  • Reduce log and metrics data volume to control costs
  • Enrich data from third-party sources for improved context
  • Reduce the infrastructure required to maintain your analytics tools for faster performance

Key Features of LogStream

Convert and Distill Into Metrics

Log data is frequently messy. Time-series instrumentation measurements are often embedded into log lines, making analysis complex and resource-intensive. With LogStream, you can extract those numeric values and direct them to a purpose-designed metrics store to take advantage of the leaner storage requirements and faster search performance such systems typically offer.

Aggregate Repeated Values for Greater Flexibility

Don’t waste budget or time on duplicate information. Roll up repetitive log data into metrics to decrease processing time and storage waste by a factor of up to a thousand. LogStream lets you combine frequently-generated incoming metrics into more manageable time windows, making analysis simpler and reducing storage footprint.

TransUnion Teams Up with Cribl LogStream to Drive Greater Efficiency


Read how TransUnion scrubs out low-value fields in spammy Windows Event Logs and massively reduces the scope of high-volume logging such as DNS and Sysmon output, then adds in rich, task-critical context via lookups, enabling their analysts to review and address issues with greater speed and efficiency.

Read the Case Study