-
Cannot POST /api/v1/search/jobs
In both the API Reference (with authenticated session) and via Python, I started running into an issue with submitting queries to the POST /search/jobs API to submit a remote query to Cribl Search. Despite the fact that it's a POST endpoint, and I'm using the headers generated by the API Reference, I receive the following…
-
Search Queries
How to search ipv4 range through Cribl search. What would be the syntax I want to know whether we can search fields from raw logs or only parsed fields can be searched?
-
New Cribl Search Sandbox
We've unleashed the Cribl Search sandbox in Cribl.Cloud. Get ready to dive into a world of Search wizardry where you'll master the magic of search syntax, data aggregation, data summarization, and even conjure up some dashboards from your saved searches. The best part? The sandbox is completed within your Cribl.Cloud…
-
Using JSON Paths
I'm attempting to extract values from a JSON string field. However, it seems, that none of the below methods are working for referencing or obtaining the value using a JSON path or dot notation type of approach. I've even tried the "extract_json" function, but to no avail. KQL in Azure has the bag_unpack function, but I…
-
Release of Cribl v4.4
Get ready to feast your eyes on our latest release! v4.4 brings several new capabilities and usability improvements to your Cribl deployment. Here are some of the features I am excited for. Make sure to check out the release notes for all the new features and corrections. Stream: New Azure Data Explorer (ADX) native…
-
Use of Project with nested fields
I have a field that is nested. I can search with the full name without an issue but when I try to use it with project, I do not get any values back. I have tried to wrap the field with single and double quotes. That results in the value for the field to be the name of the field. The goal is to get a list of all the…
-
Cribl v.4.3.1 has been released!
Happy Release Day to everyone! We have launched Cribl v.4.3.1. While a lot was done to improve and fix a few things with this release being a maintenance release, we also have a lot great new features. Grab the latest download from https://cribl.io/download/! Stream The Azure Blob Storage Collector and Google Cloud Storage…
-
Is it possible to disable certificate validation when connecting a Splunk Search Collector?
Hello, we are triying to setup a Splunk Search collector, against an on-prem splunk with a self signed certificate. Is it possible to disable certificate validation?
-
For CloudTrail, how would I format a query to look for the follow pattern?
Hello. I have a basic CloudTrail bucket and would like to have the account number part of the bucket path be able to be specified in a Cribl Search. How would I format a search query that looks for “account” 12345 if the path is as follows. …/AWSLogs/${account}/CloudTrail/…
-
Official Release of Cribl v4.3.0
It is release day and we are up to release 4.3.0. We have updates to Stream, Edge, and Search - this time with double the Pumpkin Spice! Below are a few of the new features I found interesting. Download Cribl v4.3.0 Stream Cribl.Cloud Organizations can now be created in the AWS Europe (Frankfurt) Region. Cribl admins can…
