The unified management provided by Cribl Edge has dramatically reduced the time and effort needed for maintaining endpoint telemetry collection. Once the handshake occurs on the server side, any issues can be quickly identified from the GUI, and we only need to configure what information we want to fetch from the agent. For firewall logs, we define and open specific firewall ports in our configurations to either collect bidirectional or unidirectional information, depending on the server's security requirements. I have used Cribl Search primarily for our log patterns, but my involvement has largely been from an operational perspective, with limited usage of this feature. I find Cribl to be cheaper compared to other solutions and believe it will become a leading product in the industry due to its fast performance and excellent results. When considering log ingestion, it allows us to extract only the necessary parameters from a larger dataset, which contributes to reduced data handling and effective dashboard creation. Maintenance is necessary, especially for upgrades, but Cribl allows for these modifications on the fly without requiring system reboots, ensuring that production is not disrupted. I would certainly recommend this product, emphasizing its effectiveness and potential to become a leader in the field, as its marketing presence is currently less than that of competitors such as Splunk and Dynatrace. I rate this product at nine overall.
Splunk Architect at a consultancy with 11-50 employees
Real User
Top 20
Mar 19, 2026
My advice for organizations considering Cribl is that it is a nice tool, very effective with limited competition, but you should plan thoroughly regarding your use case to avoid wasting licenses. It is essential to implement something significant, considering the infrastructure as well. I rate Cribl at an eight overall.
Security Engineering Programme Manager at a government with 1,001-5,000 employees
Real User
Top 5
Feb 24, 2026
It took us only a couple of weeks to fully deploy Cribl. We got it up and running, went through batches of what we were doing, and set up the Cribl stream and the heavy forwarders, and got all that working. It wasn't too bad. We looked at some of the Cribl packs, which are the predefined configurations. It was easy to get set up. It was cloud to AWS cloud in our case. Cribl did not require any maintenance on my end. I'm not the technical person; I'm the program manager. I would rate this product an 8 out of 10.
Data Engineer - SME Splunk Cribl at Royal Schiphol Group
Real User
Top 5
Feb 23, 2026
There are no cons for Cribl that I can think of. Approximately 15 users work with Cribl in my organization because we don't allow everybody access, so it's local. Cribl does not require much maintenance; just some updates from time to time, but those are really easy. I do not use the new Search-in-place technology in Cribl Search because it's not allowed in the company that I work for. I give Cribl a nine because it is very simple to use and it covers a lot of use cases. Best part is you can talk directly to developers / technical support on slack.
It depends on whether your use case is strong enough and you think that Cribl is the only solution which can solve your problem. If so, then cost is nothing. Otherwise, it is a little expensive. First, when I feel that any of my customers should deploy Cribl for their use case, I discuss it with them. If they don't have budget or any constraints, then we look around. Otherwise, my first priority is always Cribl. Going with my first customer, I was a little hesitant to deploy Cribl. However, once I deployed it at my first customer and seen the results, I had evidence. Then my first priority became recommending Cribl. Basically, it is not my area, but if you convince the customer and the end user upon the value addition that Cribl will provide them, then cost is a secondary thing. I give this review an overall rating of nine out of ten.
Splunk Certified Core Consultant at a tech services company with 11-50 employees
Consultant
Top 10
Feb 19, 2026
I have no dislikes about Cribl, but I notice that there is only an extra product in between when using Splunk. However, if I have different destinations, Cribl acts as a super product because it enables one source to send to multiple destinations using only one copy. Their ongoing improvisation means they are consistently getting new features, and they are continuously improving. I would give Cribl a score of nine out of ten.
I have mostly positive feedback with no reason to say no because I am not paying or anything, so I am not aware of the cost. Mostly because of the positive reasons, I would say it is easy to use, it is sustainable. The support is nice, the coding is quite easy to understand, there are a lot of functionalities there. You can do a lot of things, and the data migration is very easy. For all these reasons, if you are stuck between two things and majorly what our team did was use it for migration, you can always rely on Cribl. My overall rating for this product is nine.
I have not seen a decrease in firewall logs with Cribl so far. What we do is use Event Hub. We actually redirect the entire thing to SIEM, so it will not come via Cribl. It will come via Cribl, but it will filter the required things based on our use case. We do not write all the packets because most of the packets would have been filtered in the firewall itself. Whatever packets are coming towards the firewall, if we want to collect the logs, we are directly interfacing with SIEM and we will collect it from there so that we do not want to lose what is the external activity on the internet towards our environment. Based on everything I just described, I would rate Cribl overall as 10 out of 10. I have not used other parts of the feature; for whatever log monitoring I have used for Cribl, I always try to rate the maximum. However, I have not used Cribl Lake, Cribl Search, and other things they offer, so I cannot comment on those.
Deploying Cribl is straightforward; we quickly set up our Cribl Cloud tenant and defined the architecture through resident services and core architects. We manage to create a hybrid deployment model efficiently, bringing substantial savings in licensing and infrastructure costs while enhancing our data handling capabilities. We deploy in a hybrid model, integrating worker nodes and Edge fleet in our enterprise data centers and cloud platforms near our data sources while using Cribl Cloud for management, ensuring limited access to prevent unwanted changes. In our AI journey, we are just getting started, becoming somewhat novice in this area. Cribl has enabled us to lean toward AI by integrating tools such as Copilot, which helps fast-track building pipelines and generating scripts. With Copilot, we see increased productivity, making it a key feature that enhances how we learn and utilize Cribl. Cribl Search has significantly improved the way we handle and explore data. Initially, we onboarded all networking devices to stream data into low-cost storage, using Cribl Search to query that data, which now gives our networking, security, and operations teams a single data set to query without the need to remember multiple sets. The setup is cost-effective, and the federated method of Cribl Search allows for efficient querying without performance loss, enhancing our analytics capabilities. Cribl's user interface is straightforward and user-friendly, allowing us to set up data collection sources quickly. It's self-explanatory, helping me navigate and visualize data without relying solely on commands. I appreciate how Cribl's UX caters to users, making tools accessible without needing extensive knowledge transfers. Based on our usage, I would rate Cribl a 10 overall.
Sr. Lead Security Engineer at a tech vendor with 10,001+ employees
Real User
Top 10
Oct 14, 2025
Based on my experience, the advice I would give to other companies considering Cribl is that your decision should be very specific to your use case but do not underestimate the amount of data you're dealing with. Data will continue to grow over time, and a tool like Cribl can significantly help reduce costs before the data is sent downstream. Another important consideration is whether you need to send data to multiple destinations. This was a challenge for us previously, and Cribl helped simplify that process. My advice to companies is: if you're drowning in data and cost, Cribl is essential. It gives you full control over your data and makes management much easier. As an organization, we've adopted AI heavily and integrated it into many of the tools we use today. We're actively looking to bring similar capabilities into Cribl. It's already in our pipeline, and we see strong potential in using AI to streamline how we build Packs and Pipelines. With AI integrated, we believe it could significantly reduce the time admins spend building specific pipelines for various data sources. On a scale of one to ten, I would rate Cribl a solid nine based on what we use it for today and the value it delivers.
Director, Performance Engineering at a tech services company with 10,001+ employees
Real User
Top 10
Oct 14, 2025
In terms of advice that I'd give to other companies considering Cribl, I'd say take a look at the business use case and at the data which you have that's flowing through it, and make sure you think about how to get the most on the other side of wherever that data is traveling to, specifically from using the Stream product. Make sure that you have a targeted goal in terms of data reduction, then work with your support team to make sure that you have the necessary transformations of the data in place so that you can meet those goals. That way, if you do, you can more easily justify the cost and the budget that's required in order to stand up a solution such as Cribl. On a scale of one to ten, I rate Cribl a ten due to its reliability, scalability, and comprehensive feature set that meets all our needs.
Senior Security Engineer at a university with 10,001+ employees
Real User
Top 10
Oct 14, 2025
I would advise other companies considering Cribl to just do it; it's worth it, as there's really little to no downside. It just makes your life easier. On a scale of one to ten, I would rate Cribl a nine, as it brings tremendous value. As a small security team, it really empowers us to get more useful data out of our sources, making our SOC and incident response teams more efficient and improving the overall security posture of our organization as we now have accurate, usable, easily analyzed data.
Cyber Security Engineer at a financial services firm with 10,001+ employees
Real User
Top 20
Sep 22, 2025
I have used alternatives to Cribl. I forgot the name, but it's a CrowdStrike product they just acquired that is the closest one I've used to Cribl in terms of the quality and the features. Currently, I prefer Cribl more than CrowdStrike. I still haven't played much with the other one, but I didn't find any issues with Cribl. Regarding Cribl's ability to contain data cost and complexity, if they can reduce their cost, that will make them more competitive. However, I don't know what else they can do in regards to how the application works. It's very good. For the project that I was involved in, it took me probably three weeks to set it up. We had to maintain our pipelines, not because of anything related to Cribl itself, but because the data source changed, so we had to adjust our pipelines. That was the kind of maintenance that we did. I would rate Cribl a nine out of ten.
Lead Engineer at a manufacturing company with 10,001+ employees
Real User
Top 10
Aug 8, 2025
Cribl gives us way more control and flexibility than we ever had before. We deal with massive volumes of telemetry data, and honestly, a lot of it is just noise. Cribl allow us to easily filter, transform, and route that data exactly how we want. It’s made a big difference.
Works at a manufacturing company with 10,001+ employees
Real User
Top 10
Jul 23, 2025
We are using around 25% of what Cribl offers, mainly focusing on log parsing, which is what Cribl started with. We use AWS as our main source of ingestion. There is little flexibility in pricing. It is simply the market price, and you either pay it or you do not. Cribl has significant capacity to handle high volumes of diverse data types, such as logs and metrics. Cribl can handle almost anything we throw at it, as lonthe g as budget is not an issue. There is a team in my company that uses them, but they are part of a separate company. We do not have any partnership with them yet. On a scale of 1-10, I rate Cribl an 8.
It has been able to perform to the best of its capabilities. They are able to handle everything with their non-shared architecture. On a scale of 1-10, I would rate Cribl a solid nine.
Utilize the documentation to ensure Cribl fits your use case, and join the Cribl community for any questions or recommendations. I'd rate the solution ten out of ten.
Security Engineer at a tech services company with 201-500 employees
Real User
Top 10
Sep 6, 2024
With less data coming into our system, we can now run queries faster since we're not processing as much data as before. The reduction has made our queries more efficient because we're working with more streamlined data. The quick connects are great for testing and allow you to rapidly set up a proof of concept, which is very beneficial. They can also be useful in production environments. Another significant feature is the recent Sentinel integration. The provided pack simplifies the setup process, making it much easier than the previous method, where you had to manually handle tasks like finding API keys. This integration makes the setup much more efficient. Overall, I rate the solution a seven out of ten.
I would recommend Cribl to organizations facing data challenges due to its perfect security measures and ease of use. It offers a simple, fast, and efficient solution.
Security Engineer at a tech services company with 51-200 employees
Real User
Top 20
Sep 4, 2024
It's important to know what source you will be using to ingest data into Cribl. Understanding how to configure the data source is key before using the platform. Once you have that figured out, Cribl becomes a powerful solution that can ingest almost anything with its Edge capability. However, having a clear understanding of the pathways you can take to ingest data is crucial before diving into it.
In some of the projects I've been working on, we're still testing and exploring Cribl's capabilities. We haven't established specific business goals or fixed objectives yet. Currently, we're focused on ingesting data from various sources with minimal transformation to understand how Cribl handles different types of logs and data. I encounter issues with the UI not accurately reflecting the current status. For example, the UI might show that a worker is still fetching the latest version of the code, but after refreshing the page, it usually updates to show that everything is up and running. Over time, I've learned to recognize when the UI is not displaying the correct information and use the refresh button to get the accurate status. Overall, I rate the solution a six out of ten.
Lead Engineer at a tech vendor with 1-10 employees
Real User
Top 5
Aug 23, 2024
The first thing to consider is the amount of data you're dealing with. Cribl is particularly beneficial for large-scale data environments. It allows you to process and store data efficiently, similar to how Splunk uses summary indexes. For example, when pulling raw events into Splunk, we often extract relevant logs using data models to simplify the data. Cribl enables a similar approach by letting you directly parse and filter data. If you have a raw event with hundreds of fields but only need 40% of those for day-to-day operations, Cribl lets you create multiple pipelines to extract the necessary data for your enterprise and production servers. At the same time, you can save a complete copy of the raw events in data lakes or local storage without affecting daily operations. If a security incident arises and the extracted fields don’t provide enough information, Cribl’s replay feature allows you to retrieve and analyze the raw data for a specific time range. This capability is handy when handling terabytes of data per day. When someone asks if Cribl is right for their needs, my first question is about the size of the data they're dealing with. Overall, I rate the solution a ten out of ten.
Senior Splunk Admin at a consultancy with self employed
Real User
Top 10
Jul 26, 2024
Cribl has had a positive impact on reducing the need for multiple support services. It simplifies collecting log data from various cloud vendors in a single place, which is much easier than configuring, managing, and maintaining a database for a Splunk add-on. Cribl has made it easier to handle log data. It takes about two months to get fully up to speed. Cribl provides free training and offers sandboxes for practice, allowing you to gain the necessary knowledge. Once trained, you can start working right away. Overall, I rate the solution a ten out of ten.
Cribl offers advanced data transformation and routing with features such as data reduction, plugin configurations, and log collection within a user-friendly framework supporting various deployments, significantly reducing data volumes and costs.Cribl is designed to streamline data management, offering real-time data transformation and efficient log management. It supports seamless SIEM migration, enabling organizations to optimize costs associated with platforms like Splunk through data...
The unified management provided by Cribl Edge has dramatically reduced the time and effort needed for maintaining endpoint telemetry collection. Once the handshake occurs on the server side, any issues can be quickly identified from the GUI, and we only need to configure what information we want to fetch from the agent. For firewall logs, we define and open specific firewall ports in our configurations to either collect bidirectional or unidirectional information, depending on the server's security requirements. I have used Cribl Search primarily for our log patterns, but my involvement has largely been from an operational perspective, with limited usage of this feature. I find Cribl to be cheaper compared to other solutions and believe it will become a leading product in the industry due to its fast performance and excellent results. When considering log ingestion, it allows us to extract only the necessary parameters from a larger dataset, which contributes to reduced data handling and effective dashboard creation. Maintenance is necessary, especially for upgrades, but Cribl allows for these modifications on the fly without requiring system reboots, ensuring that production is not disrupted. I would certainly recommend this product, emphasizing its effectiveness and potential to become a leader in the field, as its marketing presence is currently less than that of competitors such as Splunk and Dynatrace. I rate this product at nine overall.
My advice for organizations considering Cribl is that it is a nice tool, very effective with limited competition, but you should plan thoroughly regarding your use case to avoid wasting licenses. It is essential to implement something significant, considering the infrastructure as well. I rate Cribl at an eight overall.
It took us only a couple of weeks to fully deploy Cribl. We got it up and running, went through batches of what we were doing, and set up the Cribl stream and the heavy forwarders, and got all that working. It wasn't too bad. We looked at some of the Cribl packs, which are the predefined configurations. It was easy to get set up. It was cloud to AWS cloud in our case. Cribl did not require any maintenance on my end. I'm not the technical person; I'm the program manager. I would rate this product an 8 out of 10.
There are no cons for Cribl that I can think of. Approximately 15 users work with Cribl in my organization because we don't allow everybody access, so it's local. Cribl does not require much maintenance; just some updates from time to time, but those are really easy. I do not use the new Search-in-place technology in Cribl Search because it's not allowed in the company that I work for. I give Cribl a nine because it is very simple to use and it covers a lot of use cases. Best part is you can talk directly to developers / technical support on slack.
It depends on whether your use case is strong enough and you think that Cribl is the only solution which can solve your problem. If so, then cost is nothing. Otherwise, it is a little expensive. First, when I feel that any of my customers should deploy Cribl for their use case, I discuss it with them. If they don't have budget or any constraints, then we look around. Otherwise, my first priority is always Cribl. Going with my first customer, I was a little hesitant to deploy Cribl. However, once I deployed it at my first customer and seen the results, I had evidence. Then my first priority became recommending Cribl. Basically, it is not my area, but if you convince the customer and the end user upon the value addition that Cribl will provide them, then cost is a secondary thing. I give this review an overall rating of nine out of ten.
I have no dislikes about Cribl, but I notice that there is only an extra product in between when using Splunk. However, if I have different destinations, Cribl acts as a super product because it enables one source to send to multiple destinations using only one copy. Their ongoing improvisation means they are consistently getting new features, and they are continuously improving. I would give Cribl a score of nine out of ten.
I have mostly positive feedback with no reason to say no because I am not paying or anything, so I am not aware of the cost. Mostly because of the positive reasons, I would say it is easy to use, it is sustainable. The support is nice, the coding is quite easy to understand, there are a lot of functionalities there. You can do a lot of things, and the data migration is very easy. For all these reasons, if you are stuck between two things and majorly what our team did was use it for migration, you can always rely on Cribl. My overall rating for this product is nine.
I have not seen a decrease in firewall logs with Cribl so far. What we do is use Event Hub. We actually redirect the entire thing to SIEM, so it will not come via Cribl. It will come via Cribl, but it will filter the required things based on our use case. We do not write all the packets because most of the packets would have been filtered in the firewall itself. Whatever packets are coming towards the firewall, if we want to collect the logs, we are directly interfacing with SIEM and we will collect it from there so that we do not want to lose what is the external activity on the internet towards our environment. Based on everything I just described, I would rate Cribl overall as 10 out of 10. I have not used other parts of the feature; for whatever log monitoring I have used for Cribl, I always try to rate the maximum. However, I have not used Cribl Lake, Cribl Search, and other things they offer, so I cannot comment on those.
Cribl requires routine updates, with no other real maintenance required. This review is rated an eight out of ten.
Deploying Cribl is straightforward; we quickly set up our Cribl Cloud tenant and defined the architecture through resident services and core architects. We manage to create a hybrid deployment model efficiently, bringing substantial savings in licensing and infrastructure costs while enhancing our data handling capabilities. We deploy in a hybrid model, integrating worker nodes and Edge fleet in our enterprise data centers and cloud platforms near our data sources while using Cribl Cloud for management, ensuring limited access to prevent unwanted changes. In our AI journey, we are just getting started, becoming somewhat novice in this area. Cribl has enabled us to lean toward AI by integrating tools such as Copilot, which helps fast-track building pipelines and generating scripts. With Copilot, we see increased productivity, making it a key feature that enhances how we learn and utilize Cribl. Cribl Search has significantly improved the way we handle and explore data. Initially, we onboarded all networking devices to stream data into low-cost storage, using Cribl Search to query that data, which now gives our networking, security, and operations teams a single data set to query without the need to remember multiple sets. The setup is cost-effective, and the federated method of Cribl Search allows for efficient querying without performance loss, enhancing our analytics capabilities. Cribl's user interface is straightforward and user-friendly, allowing us to set up data collection sources quickly. It's self-explanatory, helping me navigate and visualize data without relying solely on commands. I appreciate how Cribl's UX caters to users, making tools accessible without needing extensive knowledge transfers. Based on our usage, I would rate Cribl a 10 overall.
Based on my experience, the advice I would give to other companies considering Cribl is that your decision should be very specific to your use case but do not underestimate the amount of data you're dealing with. Data will continue to grow over time, and a tool like Cribl can significantly help reduce costs before the data is sent downstream. Another important consideration is whether you need to send data to multiple destinations. This was a challenge for us previously, and Cribl helped simplify that process. My advice to companies is: if you're drowning in data and cost, Cribl is essential. It gives you full control over your data and makes management much easier. As an organization, we've adopted AI heavily and integrated it into many of the tools we use today. We're actively looking to bring similar capabilities into Cribl. It's already in our pipeline, and we see strong potential in using AI to streamline how we build Packs and Pipelines. With AI integrated, we believe it could significantly reduce the time admins spend building specific pipelines for various data sources. On a scale of one to ten, I would rate Cribl a solid nine based on what we use it for today and the value it delivers.
In terms of advice that I'd give to other companies considering Cribl, I'd say take a look at the business use case and at the data which you have that's flowing through it, and make sure you think about how to get the most on the other side of wherever that data is traveling to, specifically from using the Stream product. Make sure that you have a targeted goal in terms of data reduction, then work with your support team to make sure that you have the necessary transformations of the data in place so that you can meet those goals. That way, if you do, you can more easily justify the cost and the budget that's required in order to stand up a solution such as Cribl. On a scale of one to ten, I rate Cribl a ten due to its reliability, scalability, and comprehensive feature set that meets all our needs.
I would advise other companies considering Cribl to just do it; it's worth it, as there's really little to no downside. It just makes your life easier. On a scale of one to ten, I would rate Cribl a nine, as it brings tremendous value. As a small security team, it really empowers us to get more useful data out of our sources, making our SOC and incident response teams more efficient and improving the overall security posture of our organization as we now have accurate, usable, easily analyzed data.
I have used alternatives to Cribl. I forgot the name, but it's a CrowdStrike product they just acquired that is the closest one I've used to Cribl in terms of the quality and the features. Currently, I prefer Cribl more than CrowdStrike. I still haven't played much with the other one, but I didn't find any issues with Cribl. Regarding Cribl's ability to contain data cost and complexity, if they can reduce their cost, that will make them more competitive. However, I don't know what else they can do in regards to how the application works. It's very good. For the project that I was involved in, it took me probably three weeks to set it up. We had to maintain our pipelines, not because of anything related to Cribl itself, but because the data source changed, so we had to adjust our pipelines. That was the kind of maintenance that we did. I would rate Cribl a nine out of ten.
I would rate Cribl an eight out of ten.
Cribl gives us way more control and flexibility than we ever had before. We deal with massive volumes of telemetry data, and honestly, a lot of it is just noise. Cribl allow us to easily filter, transform, and route that data exactly how we want. It’s made a big difference.
We are using around 25% of what Cribl offers, mainly focusing on log parsing, which is what Cribl started with. We use AWS as our main source of ingestion. There is little flexibility in pricing. It is simply the market price, and you either pay it or you do not. Cribl has significant capacity to handle high volumes of diverse data types, such as logs and metrics. Cribl can handle almost anything we throw at it, as lonthe g as budget is not an issue. There is a team in my company that uses them, but they are part of a separate company. We do not have any partnership with them yet. On a scale of 1-10, I rate Cribl an 8.
It has been able to perform to the best of its capabilities. They are able to handle everything with their non-shared architecture. On a scale of 1-10, I would rate Cribl a solid nine.
Utilize the documentation to ensure Cribl fits your use case, and join the Cribl community for any questions or recommendations. I'd rate the solution ten out of ten.
With less data coming into our system, we can now run queries faster since we're not processing as much data as before. The reduction has made our queries more efficient because we're working with more streamlined data. The quick connects are great for testing and allow you to rapidly set up a proof of concept, which is very beneficial. They can also be useful in production environments. Another significant feature is the recent Sentinel integration. The provided pack simplifies the setup process, making it much easier than the previous method, where you had to manually handle tasks like finding API keys. This integration makes the setup much more efficient. Overall, I rate the solution a seven out of ten.
I would recommend Cribl to organizations facing data challenges due to its perfect security measures and ease of use. It offers a simple, fast, and efficient solution.
It's important to know what source you will be using to ingest data into Cribl. Understanding how to configure the data source is key before using the platform. Once you have that figured out, Cribl becomes a powerful solution that can ingest almost anything with its Edge capability. However, having a clear understanding of the pathways you can take to ingest data is crucial before diving into it.
In some of the projects I've been working on, we're still testing and exploring Cribl's capabilities. We haven't established specific business goals or fixed objectives yet. Currently, we're focused on ingesting data from various sources with minimal transformation to understand how Cribl handles different types of logs and data. I encounter issues with the UI not accurately reflecting the current status. For example, the UI might show that a worker is still fetching the latest version of the code, but after refreshing the page, it usually updates to show that everything is up and running. Over time, I've learned to recognize when the UI is not displaying the correct information and use the refresh button to get the accurate status. Overall, I rate the solution a six out of ten.
The first thing to consider is the amount of data you're dealing with. Cribl is particularly beneficial for large-scale data environments. It allows you to process and store data efficiently, similar to how Splunk uses summary indexes. For example, when pulling raw events into Splunk, we often extract relevant logs using data models to simplify the data. Cribl enables a similar approach by letting you directly parse and filter data. If you have a raw event with hundreds of fields but only need 40% of those for day-to-day operations, Cribl lets you create multiple pipelines to extract the necessary data for your enterprise and production servers. At the same time, you can save a complete copy of the raw events in data lakes or local storage without affecting daily operations. If a security incident arises and the extracted fields don’t provide enough information, Cribl’s replay feature allows you to retrieve and analyze the raw data for a specific time range. This capability is handy when handling terabytes of data per day. When someone asks if Cribl is right for their needs, my first question is about the size of the data they're dealing with. Overall, I rate the solution a ten out of ten.
Cribl has had a positive impact on reducing the need for multiple support services. It simplifies collecting log data from various cloud vendors in a single place, which is much easier than configuring, managing, and maintaining a database for a Splunk add-on. Cribl has made it easier to handle log data. It takes about two months to get fully up to speed. Cribl provides free training and offers sandboxes for practice, allowing you to gain the necessary knowledge. Once trained, you can start working right away. Overall, I rate the solution a ten out of ten.