Context is king–that’s why optimizing your data, enriching it in the stream, and having the ability to see it and tweak it before sending it into analytics tools or storage can be a game changer. When you are reviewing or correlating the data to troubleshoot, run investigations and respond, think how much time your team can save by having the right geolocation, asset, timestamp and even threat intel already associated with the log data?
We had a fun time making this work–and you can too. We’ll show how you can set up and use a Redis cache along with Cribl Stream to enhance your data before sending it to its destination. We’ll cover how we imported a 34 million row CSV file into Redis and use the Redis function to match fields to records to add a new field that is used for faster identification of data once it is in Splunk.