I use Cribl to ingest logs from different platforms. These logs could come from sources like Mimecast, Windows, or CrowdStrike logs. It acts as a pipeline to send data to our destinations and also helps in reducing the amount of logs sent by applying different functions on them.
Security Engineer at a tech services company with 51-200 employees
Offers efficient log management but has room for better documentation
Pros and Cons
- "The capability to reduce logs in a user-friendly manner is a standout feature. Cribl allows us to view logs live as they are being processed, giving us quick feedback on the changes made."
- "There is room for improvement in the documentation and knowledge base, particularly regarding configurations like sources where logs are being ingested"
What is our primary use case?
How has it helped my organization?
Cribl has helped to save thousands of dollars for our clients. It provides cost-effective solutions, particularly when you know how to use it effectively. It does require some learning to cover all aspects of it because it's not entirely intuitive. However, once you overcome the learning curve and get hands-on with the platform, it significantly contributes to cost savings.
What is most valuable?
The capability to reduce logs in a user-friendly manner is a standout feature. Cribl allows us to view logs live as they are being processed, giving us quick feedback on the changes made.
Additionally, the data routing feature is beneficial because it gives us the option to send logs through data routes or QuickConnect, facilitating quick configurations of different sources and managing them more effectively. These functionalities offer logical and useful capabilities such as deciding where logs should be sent and specifying which fields should be included within the logs.
What needs improvement?
There is room for improvement in the documentation and knowledge base, particularly regarding configurations like sources where logs are being ingested. It would be helpful to have specific guidance on configuring different data sources, such as AWS S3 buckets. Additionally, the ability to understand what type of output a function will produce is missing in Cribl, which could be improved by indicating the output type.
Buyer's Guide
Cribl
October 2024
Learn what your peers think about Cribl. Get advice and tips from experienced pros sharing their opinions. Updated: October 2024.
813,418 professionals have used our research since 2012.
For how long have I used the solution?
I have been using Cribl for more than one and a half years.
What do I think about the stability of the solution?
Cribl's stability has been well documented online, and we have not encountered any significant stability issues.
What do I think about the scalability of the solution?
We have tested Cribl and found it to be sufficiently scalable for our needs.
How are customer service and support?
At the time I was trying to do the course back then, I did escalate questions to tech support, but I haven't raised any recent issues.
How would you rate customer service and support?
Neutral
Which solution did I use previously and why did I switch?
I have experience with Splunk and CrowdStrike. I am quite familiar with Splunk.
What was our ROI?
Cribl is indeed a cost-effective solution, saving thousands of dollars for our clients. It provides value through cost savings and time efficiency once users know how to effectively use the platform.
What other advice do I have?
It's important to know what source you will be using to ingest data into Cribl. Understanding how to configure the data source is key before using the platform. Once you have that figured out, Cribl becomes a powerful solution that can ingest almost anything with its Edge capability. However, having a clear understanding of the pathways you can take to ingest data is crucial before diving into it.
Which deployment model are you using for this solution?
Hybrid Cloud
If public cloud, private cloud, or hybrid cloud, which cloud provider do you use?
Other
Disclosure: I am a real user, and this review is based on my own experience and opinions.
Last updated: Oct 20, 2024
Flag as inappropriateBuyer's Guide
Download our free Cribl Report and get advice and tips from experienced pros
sharing their opinions.
Updated: October 2024
Product Categories
Application Performance Monitoring (APM) and Observability Data Integration Log Management Cloud Data Integration Data Preparation ToolsPopular Comparisons
Wazuh
Splunk Enterprise Security
Datadog
Zabbix
Alteryx
Confluent
Graylog
Devo
Grafana Loki
Fortinet FortiAnalyzer
syslog-ng
Elastic Stack
Observe
Snare
OpenTelemetry
Buyer's Guide
Download our free Cribl Report and get advice and tips from experienced pros
sharing their opinions.
Quick Links
Learn More: Questions:
- When evaluating Application Performance Management, what aspect do you think is the most important to look for?
- APM tools for a Managed Service Provider - Dynatrace vs. AppDynamics vs. Aternity vs. Ruxit
- What solution would you recommend for monitoring traffic utilization of leased lines?
- How Much Should I Budget for an APM Solution?
- Which is the best AANPM product? Should we be considering anything besides for Riverbed?
- Who Uses APM?
- What is your favorite tool for Application Performance Monitoring?
- How does synthetic monitoring differ from real user monitoring?
- Differences between SiteScope and dynaTrace?
- Splunk as an Enterprise Class monitoring solution -- thoughts?