Chronicle was made for organizations that want to manage petabytes of data in the cloud – at unprecedented retention levels. It’s a powerful platform that runs on core Google infrastructure, meaning they don’t have to exhaust all their resources managing data systems at scale. Google Cloud Threat Intelligence for Chronicle gives these enterprises global-scale threat intelligence; BigQuery and Looker provide them with a way to visualize that security data via dashboards and more.
Those same organizations are turning to Cribl LogStream for similar reasons. They need an observability pipeline with the flexibility to get data into multiple tools from multiple sources without adding new infrastructure and agents. These companies also need a cost-effective strategy for retaining data long-term. At the same time, they need an observability solution that gives them the flexibility to make new business decisions and test out new use cases at scale, regardless of the amount of data they have.
Together, Cribl LogStream and Google Chronicle provide a way for SecOps teams to support massive amounts of data regardless of retention level. When you further combine LogStream and Chronicle with Google Cloud Threat Intelligence, Looker, and BigQuery, security teams unlock a powerful toolset to create brand new visual workflows, increase efficiency, and improve SOC outcomes.