Highlights
Sonepar averted €3.8 million in additional Microsoft Sentinel storage costs by optimizing logs before ingestion
Demonstrated Cribl Stream’s value in just one month
Centralized management with Cribl Edge
Reduced infrastructure management with Cribl.Cloud
Sonepar considers Cribl an essential tool for any Microsoft Sentinel migration project
When Sonepar, the world leader in B-to-B distribution of electrical equipment, solutions, and services, decided to migrate its SIEM to Microsoft Sentinel, the team faced a significant roadblock: high storage costs and technical limitations. Their ecosystem included various technologies and log sources, which led to significant storage costs. Then they found Cribl. Cribl stood out as the easiest solution to manage, perfectly fitting Sonepar’s constraints and use cases.
Using a combination of Cribl.Cloud, Cribl Stream, and Cribl Edge, Sonepar were able to keep log storage costs down and simplify their log management processes.
Significant Log Storage Cost Savings
Without Cribl, Sonepar would have had to store all logs directly in Microsoft Sentinel Log Analytics tables. Because Sentinel log storage costs exceeded those of their previous SIEM, they would have had to shell out an additional €3.8 million per year.
“The Sonepar ecosystem has a wide number of different technologies and sources to ingest, and we needed a tool that would help sorting and processing the various data sources.”
Stéphane Pevergne
SOC Manager, Sonepar
Cribl Stream allowed Sonepar to parse, optimize, and standardize logs from across its diverse technology stack. These capabilities ensured Sonepar only sent relevant logs to Sentinel, saving them from paying millions of euros in extra storage costs.
“The biggest improvements we have seen with Cribl Stream are log optimization and standardization,”
Stéphane Pevergne
SOC Manager, Sonepar
Onboarding was simple and fast, and Sonepar were able to demonstrate the value of Cribl Stream in as little as one month.
Simplified Management and Reduced Infrastructure Maintenance
Although Sonepar were only looking to keep log storage costs down, Cribl provided another, unexpected benefit: streamlined operations.
Cribl Edge’s centralized management simplified data collection at the edge and agent configuration. Meanwhile, Cribl.Cloud-based infrastructure minimizes maintenance, saving significant time and resources compared to other solutions Sonepar explored.
“Cribl.Cloud was the best solution for our constraints and use cases and easier to manage and administrate than other solutions”
Stéphane Pevergne
SOC Manager, Sonepar
Together, these capabilities delivered a more efficient, scalable, and cost-effective solution for managing their SIEM migration. And, with the migration now complete, Sonepar considers Cribl an essential tool for any Sentinel migration project and continues to explore further capabilities with the tool.
TL;DR
Sonepar faced skyrocketing costs and complexity migrating its SIEM to Microsoft Sentinel.
By adopting Cribl.Cloud, Cribl Stream, and Cribl Edge, they optimized logs to avoid €3.8 million in extra storage costs and streamlined operations.
Onboarding was easy, and they proved Cribl’s value in one month.
Today, Cribl is central to Sonepar’s strategy – saving money, simplifying management, and enabling future growth.
Quotes
“Cribl is a good tool to optimize and manipulate data. We believe it’s essential to any Sentinel migration project.”
Stéphane Pevergne
SOC Manager, Sonepar