What's New at Cribl 4.18: On release days, we wear teal.
In this episode, Leon explores a bunch of BYO (bring your own) enhancements to Cribl including the ability to bring your own AI model, storage, and more.
Operations | Monitoring | ITSM | DevOps | Cloud
The Place Where Modern Operations & Technology Come Together
The latest News and Information on Log Management, Log Analytics and related technologies.
How to Overcome Government Payment Fraud with Speed and Scale
Government payment fraud is a fast-growing risk for public sector organisations in Australia and globally. From welfare and healthcare payments to business grants and disaster relief, increasingly sophisticated organised criminal networks and other actors exploit complex, high-volume government programs to unlawfully access public funds. The impact is significant—billions lost, program integrity undermined, and essential resources diverted.
Inside the Anthropic + Claude Code Hype at AWS Summit London: Live Laugh Logs ep. 2
Are companies blowing through their entire 2026 AI budget in a matter of months? Welcome to Episode 2 of Live Laugh Logs, the podcast from Annie, Lewis, and Andre from the Coralogix Developer Relations team, where we get together and recap everything going on in our worlds!
What is Log Management? The IT Team's Guide to Taming Log Data
Understand what log management is and why it’s essential for troubleshooting, security, and observability across modern IT environments. Log management helps organizations collect, centralize, parse, and analyze logs from servers, applications, cloud platforms, containers, and network devices in one searchable platform. Learn how centralized log monitoring reduces mean time to resolution (MTTR), eliminates siloed troubleshooting, and helps IT teams detect anomalies faster using AI-powered analytics.
Certificate Audit logs are live
Certificate automation does a lot of work on your behalf. Agents running on your servers, talking to certificate authorities, deploying certs to your infrastructure. At some point someone (your CISO, your auditor, or your own brain at 3am) is going to ask: what exactly happened, and when? Today we’re shipping audit logs. Every action taken in CertKit is now recorded: logins, invitations, certificates added, issued, renewed, revoked, and deployed. Agent registrations, approvals, and config changes.
Unlock telemetry value with a well-planned data lake
Your SIEM only holds a slice of your telemetry. Your data lake holds the rest. We'll show you how to use that to your advantage for investigations, threat hunting, and reporting. Why your data lake beats your SIEM for investigations – Your SIEM keeps a short window of expensive, filtered data. Your data lake keeps everything. When something goes wrong, that difference matters more than you think Threat hunting without the handcuffs – Hunting across months of data in a SIEM is painful and costly. We'll show you how a well-planned lake makes broad, deep searches practical and affordable.
The $600 billion wake-up call: New Splunk research reveals downtime is a systemic business crisis
600 billion annual impact: Aggregate downtime costs for the Global 2000 have soared 50% in two years. $15,000 per minute: The average cost of downtime for organisations, highlighting the immediate financial impact of service disruptions. 3.4% stock price drop: The average decline in shareholder value following a single downtime incident.
Multiple API Keys Are Here - More Keys, Better Control, Stronger Security
Today we're rolling out a major upgrade to API Keys in Bindplane. You can now create up to 25 API keys per project, give each one a description, set an expiration date, and delete keys you no longer need. Under the hood, every key is now hashed with Argon2, the modern standard for credential storage. If you've been working around the old single-key limit by sharing one key across CI jobs, scripts, and teammates, this release is for you.
Why SRE agents need orchestration, not just more tools
Single agents are a useful starting point for SRE workflows. They are not where the architecture should end. The first version is simple enough: connect an LLM to a few tools, give it a system prompt, and point it at your infrastructure. It can summarize an alert, pull logs, answer questions, and draft a useful next step. Then the workflow gets real. You add GitHub for runbooks, Kubernetes for cluster state, PagerDuty for incident context, Prometheus for metrics, and Mezmo for telemetry.
Cribl Notebook templates in Cribl Search
Investigations are time-sensitive, and analysts shouldn’t waste time recreating the same workflows or rewriting familiar queries. Whether troubleshooting infrastructure, investigating suspicious IPs, or analyzing host activity, teams often rely on duplicating old processes and copying query snippets — a slow, inconsistent approach that’s hard to scale.