In today’s contemporary landscape, organizations produce more data than ever, which needs to be collected, stored, analyzed, and retained, but not necessarily in that order. Historically, most vendors’ analysis tools were also the retention point for that data. Still, while this may first appear to be the best option for performance, we have quickly seen it creates significant problems.
Are you tired of sifting through data without context? Cribl Search adds valuable depth to your data, making it much easier to understand and analyze. No more squinting at cryptic logs or puzzling over unknown IP addresses! ️ Some common examples of how Cribl Search can enrich your data are adding service names or matching to threat intelligence. Another popular data enrichment is adding geographical location to events based on IP addresses.
When exploring data, comparing individual data points with overall statistics for a large data set is often useful. For example, you might be interested in understanding when a performance metric rises above the historical average. Or possibly knowing when the variance of that metric increases past a certain threshold. Or maybe noting a change in the distinct number of IP addresses connecting to your public web portal.