Reducing the cost of log monitoring with Cribl

Vinaya Sheshadri

What Is Driving The Increasing Cost Of Log Monitoring?

For years now, I have seen customer after customer struggling to justify the ongoing cost of log monitoring. The ever-increasing cost of infrastructure due to the steady growth of data; re-justification of the license cost year on year; and the trade-offs customers make around what they log and what they ignore. Cribl and RiverSafe have been working together on projects with the goal of reducing the cost of log monitoring.

Improve Log Data Efficiency with Cribl

Cribl Logstream allows you to take any data collected from any source (some of the well know sources like – Splunk, Elastic Beats, Kinesis, Kafka, Syslog, HTTP, TCP JSON) and reliably deliver it to numerous destination (some of the well know destination like – Splunk, Kinesis, Kafka, InfluxDB, Snowflake, S3, Databricks, TCP JSON) where it will provide maximum value to your business. All this in addition to volume reduction, data sampling, data enrichment and data masking in real-time makes Cribl a really powerful tool.

Reducing the cost of log monitoring with Cribl
Reducing the cost of log monitoring with Cribl

Cribl LogStream’s main objective is to provide the right data, to the right system along with the right context, to enable effective IT and security operations in real-time. Unlike trade-offs customers make around what they log and what they ignore, Cribl allows enterprises the ability to collect 100% of data that they might find to be interesting and then determine at ingestion time what is required. From there, you can then enrich, sample, secure and route that data to the right systems whilst maximizing the value of machine data. Regardless of the destination, transforming the data first helps reduce storage costs and reduce infrastructure costs

Cribl is ideal when customers are looking to expand their use of Splunk/Exabeam/Other SIEM solutions but are constantly constrained by the growth of their data and can’t spend more on top of their existing license.  Organizations can try Cribl for free up to 1TB/day ingestion to unlimited destinations.

Improving Data Efficiency with Cribl

Cribl solves a range of different problems in enterprise log management deployments

  1. Filtering noise: Drop noisy events before they start costing you an ingest fee
  2. Data masking: Masking PII without software changes
  3. Data enrichment: Look up events against threat lists to enrich the logs
  4. Smart sampling: Keep only interesting events and sample the rest
  5. Data routing: Put full fidelity data in S3 while routing interesting data to an index
  6. Metrics: Condense logs into metrics

RiverSafe and Cribl Partner to Reduce the Cost of Log Monitoring

Together, we can help you with the deployment of Cribl and configuration as we are one of the Cribl partners in EMEA.

RiverSafe has years of experience deploying enterprise scale log monitoring solutions like Splunk and Exabeam.  We love Cribl, it helps organisations by reducing the cost of log monitoring.

Book a consultation

Arrange a cyber security or data operations consultation with the RiverSafe team today.