Although we’ve encouraged employees to take plenty of time off this summer to relax, recharge, and enjoy time with family, Cribl certainly hasn’t been on a summer holiday as a company. After the big announcement in late May with Cribl Search and our Series D funding round, we moved right into the announcement of Cribl Stream 3.5, Cribl Edge 3.5, massive upgrades to Cribl.Cloud, and the launch of our Cribl Certified Observability Program.
CrowdStrike is a class-leading endpoint monitoring solution. It collects a wealth of activity data from each managed endpoint that can be fairly voluminous. This includes network connectivity, DNS request, process activity, health checks, and the list goes on. In fact, there are over 400 event types reported by CrowdStrike! These events are a gold mine for threat hunters and blue teams looking for unusual or malicious activity. It can be extremely costly to place all this data in a SIEM.
We announced Cribl Search in May, and customer reaction has been incredibly positive. We’ve heard for some time that organizations have data everywhere. They have data in their observability lakes, analytics tools, object stores, and at the edge. The big challenge facing enterprises is that existing search models require you to take all of this data that you don’t know is valuable or not, move it into one place, and then make decisions about whether this is valuable?
One of the things about Silicon Valley culture is the obsession around the technology that gets created and the idea of the engineer as the hero of the story. You see the same kind of thing with other professions — like with finance executives in New York, celebrities in Hollywood, or firefighters and police officers in different areas across the US.
Cribl Stream has supported external Lightweight Directory Access Protocol (LDAP) authentication since version 2.0 was released in late 2019. LDAP directories offer many features, and it’s up to clients to implement them for compatibility. Here is a non-exhaustive list of LDAP features that Cribl Stream does not support: This blog post explores how Cribl Stream implements LDAP for user authentication and assumes you have a working knowledge of the topic.
A few weeks ago, I did a live Cribl Edge demo for the Cribl Community, and I wanted to explain more about the importance of Cribl Edge for IT admins. Managing traditional log shipping agents is very time-consuming and brittle. Just the act of a once-a-year upgrade can require the help of a kind god! Admins need help to make this vital workflow easier and faster so they can focus time on delivering value to the business.
Building Packs is good. Sharing Packs is better! The Cribl Pack Dispensary is the go-to place to find, install and share Cribl Packs. What are Packs? A Cribl Pack is a collection of pre-built routes, pipelines, data samples, and knowledge objects. Packs enable sharing of best-practice configurations that route, shape, reduce and enrich the log source, Palo Alto Networks logs for example. And it’s the quickest, easiest way to get started with Stream and Edge supports Packs too.
Cribl Edge is the easiest and most manageable agent for exploring, processing, and collecting Observability data at the edge for Linux servers. Today, we’re excited to announce that it’s not just Linux admins whose lives have been made easier with Edge. With the Cribl Software Suite 3.5.0, Cribl Edge now supports Windows Server 2016, 2019, and 2022, bringing that same intuitive experience for deploying, setting up, and collecting observability events to your Windows infrastructure.
