Operations | Monitoring | ITSM | DevOps | Cloud

In this episode, Leon explores a bunch of BYO (bring your own) enhancements to Cribl including the ability to bring your own AI model, storage, and more.

Your SIEM only holds a slice of your telemetry. Your data lake holds the rest. We'll show you how to use that to your advantage for investigations, threat hunting, and reporting. Why your data lake beats your SIEM for investigations – Your SIEM keeps a short window of expensive, filtered data. Your data lake keeps everything. When something goes wrong, that difference matters more than you think Threat hunting without the handcuffs – Hunting across months of data in a SIEM is painful and costly. We'll show you how a well-planned lake makes broad, deep searches practical and affordable.

Investigations are time-sensitive, and analysts shouldn’t waste time recreating the same workflows or rewriting familiar queries. Whether troubleshooting infrastructure, investigating suspicious IPs, or analyzing host activity, teams often rely on duplicating old processes and copying query snippets — a slow, inconsistent approach that’s hard to scale.

Cribl's Product Manager David Cavuto walks through how quick and easy it is to get data ingested into Cribl Search's lakehouse engine.

Your SIEM and observability tools are expensive, and you're probably using them for things a data lake could handle for a fraction of the cost. Let's fix that.