The current business landscape is a perfect case in point. “In the wake of the COVID-19 pandemic, data generation has proliferated massively, owing to the implementation of cloud capabilities and other automation functionalities that facilitate remote work,” notes Clint Sharp, an industry stalwart who has spent two decades leading product management and IT operations at prominent technology and software companies. “Without the necessary tools to properly manage this data surge, businesses are ending up with a limited view of their organizational clockwork. And this is affecting their overall enterprise observability—a clear view of different business applications and performances, along with organizational security posture,” adds Sharp.
Interestingly, helping organizations gain complete visibility, security, and control over different data sources and maximize the value of their existing business tools is where Sharp’s company Cribl cements its cornerstone. “We understand that the issues around observability data demand more fit-for-purpose solutions. So, we founded Cribl with one purpose in mind: creating a solution that makes observability data viable for organizations of any size and stature,” shares Sharp, founder and CEO of Cribl. True to his words, the company is enabling organizations to take complete control of their data inflow and outflow. By leveraging the power of Cribl’s solution, LogStream (a no-code data processing tool), businesses can now retrieve, transform, analyze, and govern data from different sources with ease.
Cribl’s Journey in the Rearview Mirror
Cribl was founded in 2017 by three ex-Splunk employees whose mission was to help their customers take back control of their data streams. While Sharp spent two decades heading product management and IT operations at technology and software companies, including Splunk and Cricket Wireless, the other co-founders—Dritan and Ledion Bitincka—were also deeply entrenched in the similar data and communications domain. Dritan had nearly 20 years of experience as a customer-centric technical leader and principal architect at Splunk. His brother, Ledion, on the other hand, was the advanced development architect at Splunk, whose notable work included improving and expanding Splunk’s search-time schema.
He was also the design head and led the implementation of Hunk, Splunk Analytics for Hadoop, and Smartstore—an indexer capability that provides a way to use remote object stores, such as Amazon S3 or Google Cloud Services to store indexed data.
We founded Cribl with one purpose in mind: creating a solution that makes observability data viable for organizations of any size and stature
During their combined tenure at Splunk, the Bitincka brothers and Sharp realized the lack of a centralized data visibility platform that can give an easy and quick overview of every log (information on any specific event within their system architecture) and metric data (measurement of system health). “While at Splunk, we heard our customers telling us they wanted to work with log and metric data in motion and to get the right data to the right place in the right format,” recalls Sharp. To this end, Cribl’s leadership team drew from their collective experience in building and launching the products for some of the most innovative companies in the technology sector to launch a category-defining solution that could access both log and metric data and bring unprecedented visibility and control into the organizational data pool.
Unlocking the Benefits of Observability Data
Sharp notes that we live in a world that is increasingly driven by the cloud and a host of heterogeneous technology stacks. Many businesses are currently using multiple cloud services and implementing different cloud-based microservices. This is only adding to the existing data labyrinths generated by various enterprise systems. So, how does Cribl’s LogStream address the complexity of managing different data sources while also facilitating complete observability?
LogStream connects seamlessly with all leading cloud platforms like AWS, Azure, and Google Cloud, to name a few, and effectively tracks the data flowing in and out of these sources and storages to clients’ organizational pipeline in a system-agnostic manner. Before this data is forwarded to its next destination, LogStream enables its users to separate the noise (unwanted data) and only keep the information they need in their desired format. The clients can also prioritize the value of data and leverage the enriched datasets for various analytical functions while storing the rest in low-cost storage spaces for later use.
But that’s not all; by adding contextual information from third-party sources, LogStream also ensures the most optimal observability data—thereby guaranteeing that Cribl’s clients are always aware of their organizational data flow. “Simply put, LogStream sits transparently between different producers and data destinations, enabling users to fork the data and send the full fidelity information to the second destination of their choice to create an observability lake or a security lake,” says Sharp.
Because of these capabilities, LogStream has now become a favorite among AWS users specifically. They are using LogStream to connect all of their cloud data from different AWS services like Kinesis, CloudTrail, and CloudWatch. “As such, LogStream makes it easy for AWS users to be selective about the data they want to bring into data investigation tools like AWS Detective or others,” adds Sharp. To better highlight Cribl’s value proposition in this regard, Sharp shares a case study wherein FINRA (The Financial Industry Regulatory Authority)—a long-time AWS user—partnered with Cribl to use LogStream and enhance their observability capabilities. Right off the bat, they were able to get the right data flowing to correct destinations, in the right formats, and within just hours of implementation. They were also able to enhance the virtual private cloud (VPC) data by adding dynamic, contextual lookups for IP addresses and data ownership. This mitigated the need to manually update Elastic Network Interface (ENI) mappings whenever something changed in FINRA’s operational environment. Instead, the metadata was automatically added even before the data was delivered for analysis. And Cribl helped the client achieve all these without increasing the cost or complexity of their data environment.
"LogStream makes it easy for AWS users to be selective about the data they want to bring into data investigation tools like AWS Detective or others"
Forging the Path Forward
This is but one of the instances; with many similar success stories under its hood, Cribl is now looking forward to empowering more and more organizations in the coming months and carving a new category in the observability ecosystem - observability infrastructure. For this, Cribl is defining a new reference architecture for observability and security detection as well. “While doing so, we will also be creating an observability data lake to help our clients better manage their operations and security postures,” states Sharp. “With this, we will have a robust observability architecture that can collect and process every data in the stream and then route it to the right destination, and back it all up with an observability lake that will allow businesses to store potentially infinite amounts of data for security operations.” Through all these efforts—as Sharp notes—Cribl will continue being a customer-first company and pull every resource to emerge as a major player in the observability space. “Essentially, we will continue what our name suggests (cribble)—straining the metaphorical nuggets of gold (business-critical data) from a pile of sand (sea of information). We are here to change the script of how different disjointed systems previously worked, and we will continue pushing that horizon in all our endeavors,” concludes Sharp.