Cribl Brand
Try Cribl Talk to an expert
X
x
LAS VEGAS, NV // June 10, 2024
Registration

Sessions

Keynote

Wreak Order in the Midst of Chaos: Future Proofing Your IT + Security Data Strategy

AI, Data Growth, Compliance: How can you scale to advise and grow your organization
Clint Sharp, CEO and Founder, Cribl
Ledion Bitincka, Co-Founder and CTO, Cribl
Dritan Bitincka, Co-Founder and Head of C021, Cribl
Abby Strong, CMO, Cribl

Data growth, data formats, emerging tools and AI wreaking havoc in your organization? At Cribl, we’re here to help you wreak order. We’ll walk you through how building a Data Engine for IT and Security, powered by Cribl will help you clean up data disasters, conquer compliance, power your people and prepare your organization for automation and AI.

Curating high-quality data, bringing in unstructured data under management and establishing data literacy need to come first. These efforts can often be justified within innovation budgets while driving immediate impact through visibility, knowledge-sharing and better decision-making.

Breakout Sessions

How Cribl saves us 400k per year
Category: Best practices / tips and tricks
Speakers:
  • Chris Affleck, Senior Cyber Security Engineer, Epiq Global
  • Dan Wilson, Cyber Security Engineer, Epiq Global
  • Sidd Shah, Staff Solution Engineer, Cribl
Abstract:
In this session, we’re going to dig into how Epiq transitioned our security infrastructure from on-premise to cloud with the help of Cribl. We’ll talk about the challenges we faced in learning how to parse and shape Microsoft Sentinel data, and the victories we achieved by simplifying our infrastructure for cost savings and to streamline our data processes. We’ll share some valuable lessons we learned along the way helping others navigate similar digital transformations successfully.
What you’ll learn:
  • Best practices for Syslog
  • How to best leverage prebuilt packs
  • How available resources accelerate adoption
Navigating Transition: From Syslog and Logstash to Cribl
Category: Best practices / tips and tricks
Speakers:
  • Chanda Pulliam, Senior Information Security Engineer, Synopsys
Abstract:
In this session, we’ll explore the transition from traditional syslog and Logstash setups to the dynamic capabilities of Cribl. We’ll share our firsthand experiences, from scalability issues to performance challenges, how we navigated these obstacles, to effectively transition to Cribl and Elastic.

We’ll cover how we identified the size of events in Elasticsearch and the pivotal role it played in measuring total storage usage and savings post-Cribl implementation. We’ll delve into the intricacies of this methodology, showcasing how it enabled us to gain granular insights into our log data, optimize storage utilization, and realize significant cost savings.
What you’ll learn:
  • Identifying Bottlenecks: Learn about the bottlenecks encountered during the transition from syslog and Logstash to Cribl and how we addressed them
  • Measuring Storage Usage and Savings: Learn about the method we used to identify event sizes in Elasticsearch and how we estimated total storage usage and quantify the savings post-Cribl migration.
  • Real-world Implementation Insights: Learn from our mistakes–including best practices, lessons learned, and practical tips for maximizing the benefits of transitioning to Cribl.
s/Chaos/Control/g -> Modernizing the Data Pipeline with Cribl
Category: Cribl.Cloud / Cloud Migration
Speakers:
  • Jon Rust, Staff Solutions Engineer, Cribl
  • Aaron Wilson, SRE Manager, iHerb
Abstract:
In the quest to turn our outdated and disorderly SIEM into a modern, streamlined and manageable solution, we turned to Cribl. Together we develop a centrally managed environment that empowered our teams to manage multiple data sources and destinations with improved time-to-value, reducing data flow steps, and increasing sustainability. Join this session to learn how we used Cribl to modernize and streamline our SIEM operations into a single point of management solution.
Battle of the Beards: Architecture, Tuning and Tactics for Styling Your Cribl Deployment
Category: Architecting with Purpose
Speakers:
  • Duca, Director Professional Services, Cribl
  • Terry Mulligan, Discovered Intelligence
  • Scott Burger, Senior Staff Security Engineer, ServiceNow
  • Troy Wilkinson, CISO, Interpublic Group of Companies (IPG)
  • Eugene Katz, Staff Professional Services Consultant, Cribl
Abstract:
This interactive panel discussion dives deep into the practical realities of deploying Cribl.Cloud in a hybrid environment. Hear from experienced users who have successfully leveraged Cribl.Cloud’s capabilities (Including Cribl Lake and Cribl Search) alongside their on-premises infrastructure.
Delivering Observability for Highly Available Services with Cribl (aka How Cribl Makes Better Products with Cribl)
Category: O11y
Speakers:
  • Jacob Gorney, Cribl
  • Josh Biggley, Cribl
Abstract:
Learn how Cribl uses its own purpose-built data engine for IT and Security capable of discovering and collecting data from any source, processing billions of events per second, automatically routing data to optimized storage, and analyzing any data, at any time, in any location to drive the Cribl.Cloud team’s observability practice, make quick decisions, and continuously improve Cribl Stream, Edge, and Search from the inside.
Tune your Data Engine: How Packs and Forks Supercharge Value
Category: Best practices / tips and tricks
Speakers:
  • John Lim, Lead Systems Engineer, Cox Automotive
Abstract:
Grease the wheels of adoption and step on that pipelining gas pedal! Integrating Cribl Stream into your existing data engine can be a challenge for large organizations with well-established processes. Learn how Cox Automotive is methodically incorporating Stream through the extensive use of packs and data forks, and how stakeholders can realize the value of Cribl Stream with minimal impact to their day to day operations. Furthermore, learn how Cox Automotive is using data tiering and replay to ensure high availability and accelerated resolution times.
Exploring the Synergy: Correlating Traces with Logs for Enhanced Observability
Category: Best practices / tips and tricks
Speakers:
  • BhoopeshKumar Jayasekaran, AutoDesk
Abstract:
This proposal aims to investigate the correlation between traces in OpenTelemetry (Otel) and logs in Splunk, two widely used tools in the field of observability and log management. The objective of this research is to explore how the integration of trace data from Otel and log data from Splunk can provide a comprehensive understanding of application performance and behavior. By analyzing the relationship between these two data sources, we aim to identify patterns, uncover hidden dependencies, and gain insights into system bottlenecks and potential issues. Through this correlation, we hope to enhance troubleshooting capabilities, optimize system performance, and improve overall observability of distributed applications. The findings of this study will contribute to the development of effective monitoring and analysis techniques, enabling organizations to proactively address performance challenges and deliver more reliable and efficient software systems.
Reduce Risk with Cribl and Choose the right SIEM
Category: Best practices / tips and tricks
Speakers:
  • Chris Talbott, Cyber Security Manager, Amex GBT
  • Adam McLaughlin, Cyber Security Engineer, Amex GBT
Abstract:
This session explores how our team utilized Cribl Stream to navigate a complex SIEM landscape. We faced several challenges: evaluating new SIEMs, managing high-volume data in our current SIEM, and ultimately migrating to a new solution – all without disrupting ongoing security operations.

Cribl Stream played a pivotal role in achieving these goals:
  • Parallel SIEM Testing: We seamlessly tested multiple SIEMs concurrently, thanks to Cribl Stream’s flexible data pipeline. This expedited the selection process without impacting our existing SIEM.
  • Data Reduction and Increased Visibility: Cribl Stream efficiently processed and reduced log volume, freeing up valuable resources in our current SIEM. This newfound capacity allowed us to integrate additional data sources, enhancing overall security visibility.
  • Smooth SIEM Migration: Once the new SIEM was chosen, Cribl Stream facilitated a seamless migration by ensuring uninterrupted data flow during the transition.
Great Scott! Doc Brown’s Guide to Weaponizing the SOC
Category: Hands-On Lab
Speakers:
  • Andre “Dre” Tucker, Cribl
Abstract:
In an era where security incidents are as inevitable as the ticking clock, we embrace the wisdom of Henry Ford: “The only real mistake is the one from which we learn nothing.” Imagine a world where every security incident becomes a stepping stone to greater resilience. With the powerhouse trio of Cribl Search, Cribl Stream, & Cribl Lake as our “DeLorean”, we’ll harness the lessons of the past & transform them into an arsenal for the future. With this innovative approach, you’ll learn an automated way to turn your old incidents into dynamic, interactive training modules that empower your SOC to navigate incident triage with the agility Marty McFly on a hoverboard, test SIEM correlations with the precision of Doc Brown, and bring your security tooling skills from Biff to buff.
Cribl Search: From Zero to Hero in 30 Minutes (Seriously!)
Category: Hands-On Lab
Speakers:
  • Roman Trusov, Cribl
Abstract:
Ever feel like untangling log data takes forever? Us too. That’s why we built Cribl Search – a supercharged federated search engine for IT and security data.

Join this hands-on lab and see Cribl Search in action! We’ll throw a massive 1TB dataset (think common log format) at you and show you how Cribl Search cuts through the noise to get you the answers you need – fast.

In this session, you’ll:
  • Play with a real dataset: We’ll configure a giant dataset live, showing you how Cribl Search tackles data with ease.
  • Be an Incident Response Pro: We’ll simulate a real-world IT issue and show you how Cribl Search helps you solve it in record time. Learn search tricks to become a data investigation ninja!
  • See the Time-Saving Magic: We’ll reveal how Cribl Search helped us resolve an incident in just 30 minutes, with minimal resources. Imagine the possibilities for your team!

Walk away from this session with the skills to unleash the power of Cribl Search in your organization. No more data dead ends – just lightning-fast insights!
Cracking the Code (Function) [HoL]
Category: Hands-On Lab
Speakers:
  • Chris Breshears, Product Advocacy, Cribl
  • Jeff Wroblewski, Product Advocacy, Cribl
Abstract:
 As the saying goes, with great power comes great responsibility. In this lab, we will delve into the often misunderstood and sometimes misused Code function. We’ll examine when and when not to use it, and explore use cases that reveal its true potential. By the end of this lab, you’ll have another valuable tool in your superhero toolkit.
Mining the Data Swamp [HoL]
Category: Hands-On Lab
Speakers:
  • Chris Breshears, Product Advocacy, Cribl
  • Jeff Wroblewski, Product Advocacy, Cribl
Abstract:
 With the announcement of Cribl Lake, storing data for investigations and compliance has become as easy as clicking a button. But what about your existing lakes? How do you free data that is currently locked away deep in a S3 bucket? This lab will walk you through setting up AWS S3 permissions, and building Cribl Search datasets making these gems actionable.
Git Your Goat @ CriblCon
Category: Hands-On Lab
Speakers:
  • Jenna Eagle, Staff Solutions Engineer
  • Yasmin Hovakeemian, Staff Solutions Engineer
  • Jon Rust, Staff Solutions Engineer
Abstract:
Git Your Goat is a jeopardy-style capture-the-flag-esque hands-on exercise where participants use Cribl, the data engine for IT and Security—and other tools—to go from WTF to FTW! It’s designed to emulate how real observability incidents look in the wild and the type of questions YOU have to answer day-to-day.

So you're rockin' Internet Explorer!

Classic choice. Sadly, our website is designed for all modern supported browsers like Edge, Chrome, Firefox, and Safari

Got one of those handy?