On October 1, 2022, the UK Telecommunications Security Act (TSA) went into effect, imposing new security requirements for public telecom companies. The purpose of the act is noble, as it wants to ensure the reliability and resilience of the UK telecommunications network that underpins virtually every aspect of the economy and modern society.

Cribl Search helps find and access data regardless of the format it’s in or where it lives. Search provides a federated solution that reaches into existing object stores and explores data without moving it or having to index it first. This same interface can also connect to APIs, databases, or existing tooling, and can even join results from all these disparate datasets and display them in comprehensive dashboards.

In today’s data-driven landscape, every organization knows the immense value their data holds, but with the explosion of data from diverse sources, traditional data storage and management solutions are proving inadequate. Organizations are urgently seeking new ways to handle their data effectively.

At Cribl, we’ve always prided ourselves on solving complex data challenges for our customers, but doing so with a bold spirit and a can-do attitude. Our journey with Ian the Goat as our mascot has been nothing short of incredible. Ian represented our agile and adaptable approach to solving complex data challenges. However, as we pivot towards tackling even bigger data puzzles for our customers, we believe it’s time for our mascot to reflect this evolution.

When you’re using Cribl Stream and Cribl Edge to send data to hundreds of Splunk indexers using Load Balancing-enabed Destinations, it is sometimes necessary to analyze memory usage. In this blog post, we delve into buffer management, memory usage calculations, and mitigation strategies to help you optimize your configuration and avoid memory issues.

My introduction to the world of data science was writing anomaly detection for a SIEM that catered to banks and credit unions. Some of these places were running on 50-year-old IBM core banking servers — meaning that someone trying to turn off a light in a server room could take down an entire bank with a literal flip of the wrong switch. While some companies take their time updating infrastructure, others still embody the move-fast-and-break-things philosophy of the early dot-com era giants.

It’s been nearly ten years since “The Ultimate CPU Alert – Reloaded” and its Linux version were shared with the SolarWinds community. At that time, managing CPU data from 11,000 nodes, with updates every five minutes to a central MSSQL database, was a significant challenge. The goal was to develop alerting logic to identify when a server was experiencing high CPU usage accurately.

The strategic implementation of a security log retention policy is critical for safeguarding digital assets and key company data. This practice is foundational for detecting and analyzing security threats in real-time and conducting thorough post-event investigations. Integrating the nuances of log analytics system costs, which escalate with data volume due to the infrastructure needed for storage and processing, highlights a critical aspect of security log retention.

IT and security teams have several products they use and in turn, have many admins. Some have wide privileges, while others have focused responsibilities for the various tools and touch points in an IT and security data path. Not all admins are members of all tools. But they are all typically part of a larger group bound by an email alias (aka a distribution list).