-
Can ' t set up AWS S3 destination in Cribl using Hybrid Workers
Hi , I ' m looking to add AWS S3 as a destination in Cribl while using a set of Hybrid Workers. I have followed the below instructions but yet failing to successfully test the connection . https://cribl.io/blog/securely-connecting-aws-s3-destination-to-cribl-cloud-and-hybrid-workers/ The logs are showing the following…
-
How to Protect Syslog data !!!!
Hi I'm in the process of setting up Cribl to send data from a syslog source ( AWS hosted Cisco FTDs) to Amazon S3 . Although the firewall rules are locked down to source and destination , I'm concerned about transmitting unprotected data over the Internet . Can you please advise on the best way to protect the traffic ?…
-
Search Configuration help - CloudTrail S3 bucket path and search
I'd like to search a CloudTrail S3 bucket. What I want to search is "in all accounts" and only in "US-EAST-2" region for event name:"Assume Role". I'm not sure if I configured the Dataset correctly and/or how to do the search. Regarding the Dataset bucket path. This is the S3 folder layout:…
-
AWS SQS input not receiving/sending all region messages to Splunk
I recently set up our SQS amazon queue in cribl. Events are forwarding to splunk, however when compared to the pre existing aws logs in Splunk from the Heavyforwarder TA, I noticed we are only pulling in events from only one region via cribl oppose to the 20 actually sending events and being received through the Splunk TA.…
-
Cribl on AWS Marketplace *Update*
Here at Cribl we are committed to making our customers' lives easier. One of the requests we had was how we can quickly ship new versions of our products into the Amazon Marketplace for customers who cannot use our SaaS offering Cribl.Cloud. Today we are announcing the availability of Cribl Amazon Machine Images or AMI’s…
-
Cribl on AWS Fargate
How do i calculate the amount of workers i need if i am using AWS Fargate arm processors? I am looking at 7tb/day input and output to 2 destination which is a total of 21tb/day throughput. Thanks
-
How do I extract AWS EC2 metadata from an Edge File Collector's metadata fields?
I am running Edge Nodes on our EC2 instances. When reviewing internal fields from our File Collector sources, I noticed that there is alot of really useful data that our SREs use to investigate which regions & servers are experiencing issues during incidents. These include: - AMI image - Region - Availability Zone -…
-
Does anyone know if the MinIO destination in Cribl Stream supports virtual hosting style addressing?
Does anyone know if the MinIO destination in Cribl Stream supports virtual hosting style addressing? In my experience it only seems to support path-style addressing which was deprecated by AWS in 2020.
-
I have several questions regarding Stream deployed in AWS...
How would maintenance impact data processing, etc. (i.e. for scale-up procedure)? AMIs must be upgraded every X months; how does that impact the application (Stream)? Have you seen any auto-scaling ? How does scaling down impact the application? Will data be lost or will it complete its processing before shutting down?…
-
Is there any info on Search costs when searching AWS S3 buckets?
Is there any info on Search costs when searching AWS S3 buckets? Specifically on how data transfer works. For example, does Search hit S3 from US East and is $.01 per GB against my AWS account? Is Search caching at all? Original post was from
