-
Version 4.8.2 Maintenance Release
Some hi-lights: Search/Edge v9 protocol support for the NetFlow Source. New NetFlow Destination can transparently forward unmodified NetFlow v5 and v9 records to a downstream NetFlow collector. New dedicated Destination for CrowdStrike Falcon Next-Gen SIEM. Search Notifications sent to Amazon SNS can now include up to 100…
-
Where is the equivalent setting to Splunk's Source type > Select Source Type > Structured > _json
Hi, I'm trying to setup a Splunk HEC within Cribl Stream, and I'm encountering the error "malformed HEC event." I've encountered that error when setting up HECs in Splunk, and to correct the problem I have to go to Source type > Select Source Type > Structured > _json when editing the HEC's settings. I've been looking and…
-
Migrate from Cribl Stream to Worker Node and put Leader in the Cloud
I'm new to Cribl, so at this point we have single-instance Cribl Stream installed on premise. We just got a new SE, and he stated I need to move the Leader Node to the cloud as it's easier for him to troubleshoot. I have a cloud account created. I presume this is the distributed deployment, but the menus described in the…
-
Can i read azure event hub tags in cribl during the preprocess pipeline
-
Is there a way to Get Cribl Cloud leader's Internal/metrics logs to our Splunk
We are having Hybrid Cribl Cloud Setup where leader resides in Cloud. Is there a way to Get Cribl Cloud leader's Internal/metrics logs to our Splunk
-
How performant is Cribl Search when reading frozen Splunk buckets from S3?
I see it's possible for Cribl Search to read frozen Splunk buckets from S3 per this article below. Has anyone used it for reading Splunk frozen buckets, how fast are searches on multi-GB frozen buckets? Thanks
-
victoriametrics destination
Hi I am new to cribl and i am trying to collect data from kafka, aggregate it and send it to victoriametrics for that I have configured Prometheus destination http://xx.xx.xx.xx:8480/insert/0/prometheus/api/v1/import/prometheus when I run test all is ok but I don't see data in victoriametrics any idea why ?
-
How I can Parse Array of array in cribl stream. Each array element contains multiple strings.
-
Regex in Filter Expresion
Hi, Excuse me for my "not knowing", maybe a easy answer for all of you. I am in the process of migrating our Heavy Forwaders to Cribl . One off the inputs is for Cisco IOS devices. The props.conf has a Regex in it to change the sourcetype with help of a transforms. The props uses a regex to select the events. Where and how…
-
Setup issues
The question is focusing more towards your smaller companies, what are the usual problems your smaller customers present for first time setups?
-
Why am I getting this error, I have this issue with most of function in pipelines.