Google Workspace is a robust set of productivity applications with billions of users and millions of paying organizations. These include small mom-and-pop shops and the largest enterprises. Google provides the Google Reports API, “a RESTful API you can use to access information about the Google Workspace activities of your users.” This data is critical for establishing a solid security posture.

In the US, a recurring news topic is the state of the federal budget – and if we’ll get one signed. Government budgets have hundreds of thousands of line items; each bickered over to gain or lose political capital with one group or another. However, most government budgets aren’t up for debate. Only about 30% of the US federal budget is discretionary or flexible. Nearly two-thirds, or 63%, is mandatory spending required due to prior commitments.

Data is growing, and we are being asked to search larger and larger amounts of data. This puts larger and larger demands on Search resources. Reading all the data to find matching events is muscling through the data. Wouldn’t it be more efficient to be able to do filtering before reading the data? Cribl Search does precisely that by leveraging Parquet Pushdowns.

In the ever-evolving world of data analysis, the ability to interact directly with live API endpoints is a significant advancement for practitioners. Cribl Search now offers this capability, enhancing your data analysis toolkit. This new feature allows you to gain broader visibility into the periphery of your infrastructure, enabling a more comprehensive analysis of user journeys and operational trends.

In the world of data management, Cribl offers various methods to enhance data using the Lookup Function and many C.Lookup Expressions. While Cribl’s documentation is comprehensive, practical examples are often the most effective learning tools. That’s why we’ve introduced the new Lookup Examples Pack.

Cribl Stream is a real-time security and observability data processing pipeline that can be used to collect, transform, enrich, reduce, redact, and route data from a variety of sources to a variety of destinations. One of the popular destinations for Cribl users is Elastic SIEM. This blog post will walk you through the steps on how to set up Cribl Stream to normalize and forward data to use with Elastic Security for SIEM.

In this blog series, we’ll explore how Cribl Stream can leverage your existing cross-domain solution (CDS) to easily collect and send your log and metric data between disparate security domains or across air-gapped networks. The goal is to retain as much fidelity of the data as possible, deduplicating processes and simplifying management efforts.

Transunion is an American consumer credit reporting agency that operates in over 30 countries. They use Cribl Stream to aggregate and route regional data into a centralized hub, presenting it in a single dashboard that admins can use to interpret the overall health of their system. Watch the full video on YouTube or below to see Transunion’s Steve Koelpin and Don Reilly walk through this use case.

Recently, we launched a new Sandbox focused on handling syslog at scale with Cribl. The marketing messaging behind the Sandbox has been done a couple times already; therefore I wanted to let y’all see what we as Cribl Technical Marketing Engineers(TMEs) actually do in our daily lives. I’ll try to keep it engaging, with tales of danger and subterfuge, but I can only take so much artistic license. What’s in a Sandbox and how the Sandbox platform functions (i.e.

Cribl’s internal metrics are very handy for seeing what Cribl is doing. And while there are many data points related to input vs output volumes, sometimes you need more control over what you’re tracking. This pack allows you to route arbitrarily defined traffic through a stats tracker to capture changes in event count and volume. Perhaps you are onboarding a new host, or trialing a new Pipeline.