The latest in Cribl Packs
Join us to chat about the latest Cribl Packs release, how AI comes into play, and a demo to see it all in action.
Operations | Monitoring | ITSM | DevOps | Cloud
The Place Where Modern Operations & Technology Come Together
The latest News and Information on Log Management, Log Analytics and related technologies.
How AI Agents automate incident response #ai #cybersecurity #telemetry
Clint Sharp demonstrates how Cribl Search leverages AI to streamline incident investigation. Starting from a Slack channel, the AI builds an interactive notebook, analyzes order processing logs, and identifies suspicious traffic spikes. It connects high CPU usage to a recent Jenkins deployment, hypothesizing a supply chain attack, and ultimately recommends a rollback. This isn't a far off concept. It is the future of operations arriving right now.
Why AI agents need a common data model #ai #telemetry
Clint Sharp explains why a common model like OCSF is critical for the future of AI. Agents need standardized data to analyze information effectively on your behalf. He contrasts the traditional manual workflow of checking Slack, tickets, and wikis while asking colleagues with a future where AI fuses this human context with machine data. Instead of just search results, AI agents will hand you examined hypotheses so you know exactly where to take your investigation.
Elastic and Microsoft partnership achievements in 2025
Highlights of another successful year of customer-centric collaboration Once again, our partnership delivered an impressive year of innovation with Microsoft Azure, Azure AI Foundry, and Azure OpenAI. This blog highlights our continued collaboration with Microsoft to better serve customers throughout 2025 and our key moments at Microsoft Ignite.
Google SecOps Forwarder Deprecation: Migrate to Bindplane and OpenTelemetry
Google Cloud Security Operations is deprecating the legacy SecOps Forwarder, and OpenTelemetry with Bindplane is the official telemetry ingestion method. In this workshop, you’ll learn how to migrate from the SecOps Forwarder to Bindplane and OpenTelemetry Collectors, the officially supported ingestion model for Google SecOps going forward. We walk through the why, the what, and the how — with practical guidance you can apply immediately.
Agentic AI demands a new data architecture #ai #telemetry
Clint Sharp explains why traditional schema-on-read systems cannot handle the query loads of the future. Agentic telemetry requires a 360-degree view, but structuring data only when you read it is too slow for AI-driven workloads. The solution is using LLMs to drive the cost of building parsers to near zero. Tools like Copilot Editor allow teams to map data to OCSF instantly, effectively building factories of parsers to handle the scale of agentic AI.
Bindplane Community Call in December 2025
Join us live on Wednesday, December 10th at 11am EDT for the December Community Call. We’ll cover: Hands-on demos of the new Bindplane features you’ve been asking for Recaps of KubeCon+CloudNativeCon NA in Atlanta New Bindplane feature guides and blog posts As always, we’ll wrap with an interactive Q&A, so bring your questions!
How AI-Native Security Data Pipelines Protect Privacy and Reduce Risk
Modern organizations generate more data than ever before. Logs, metrics, traces, and events stream from every application and every physical and virtual layer of infrastructure. Hidden inside this telemetry are pieces of sensitive information that security teams do not expect to see. Social Security numbers, account identifiers, medical details, personal contact information, and other forms of PII can appear in unexpected fields and formats. Static tools cannot keep pace with this volume or variability.
Writing High Performance Queries in Sumo Logic - Customer Brown Bag - December 11th, 2025
Join us as Diego teaches how to build, optimize, and refine high-performing queries, including using key operators and the new Query Agent for natural-language searches.
Docker Logs Command Reference: tail, follow, since Options
Managing Docker container logs is essential for debugging and monitoring application performance. Tailoring Docker logs allows for real-time insights, quick issue resolution, and optimized performance. This guide focuses on efficient methods for tailing Docker logs, with clear examples and command options to streamline log management.