We hear it often—data volumes are growing at a 28% compound annual growth rate (CAGR) year over year, and organizations struggle to manage it all. With no additional money in their budgets, they can’t afford to store more and more data in their SIEM, which in most cases means being uncompliant or, worse, not having older data readily available in the case of a recently discovered breach. I’ve repeatedly heard that the data they have archived is practically inaccessible.

Remember the Tabs vs. Spaces arguments? It seems that observability has grown up enough that we are arguing over which signals are the “best” signals for observability. Often referred to as the Pillars of Observability, Metrics, Logs, and Traces (sometimes adding Events for MELT) each provide a unique perspective on a system. What happens when we change our perspective from finding the “best” telemetry format to finding the telemetry that aligns with the problems we need to solve?

In an increasingly digital world, organizations face complex challenges in managing their security data that’s growing at a relentless pace. With the rapid growth of cyber assets and the ever-present threat of sophisticated attacks, legacy security tools often struggle to keep up.

This is one of a series of blog posts that explain how the Cribl SRE team builds, optimizes, and operates a robust Observability suite using Cribl’s products. If you haven’t, we encourage you to read the previous blog about how the Cribl SRE team uses our own products to achieve scalable observability. We installed Cribl Edge on the machines we manage for our users and use it to gather metrics.

As more and more applications are delivered daily, it’s becoming increasingly difficult for teams to onboard and manage them manually. To keep up with this demand, many teams are embracing automation in application delivery and management, with Kubernetes being a popular tool of choice. While Kubernetes’ scalability helps manage application infrastructure sprawl, there is still a need to collect data from the applications directly and from Kubernetes to monitor the growing beast itself!

Last time we spoke, I told you about our (then) brand-spankin’-new OTel over HTTP implementation, in both our OpenTelemetry Source and Destination. That was a little over a year ago, also known as a lifetime in tech! I wanted to take another opportunity to speak to you and introduce some of our new OpenTelemetry features, and share how you can put them into practice!

Data is wealth. Extracting insights from data is valuable for any organization—data aids in making informed decisions, optimizing operations and costs, and understanding how customers behave. However, reaping the benefits of data requires an investment in the right tools, resources, and people — something smaller organizations may not have the means to do.

Despite new technologies and telemetry formats, like Model-driven Telemetry/Streaming Telemetry and OpenTelemetry, SNMP traps continue to be a significant source of events for monitoring teams. If you’ve been in IT operations, you’ve likely had a request to parse SNMP traps into a human-readable format so that they can be analyzed, probably deduplicated, and passed to a ticketing system for triage and remediation. The challenge? SNMP traps can be excessively chatty.

I’m so excited to share that Cribl has closed a $319M Series E round! The oversubscribed round was led by GV (Google Ventures), joined by new investor CapitalG along with participation from existing investors GIC, IVP, and CRV. This round values Cribl at $3.5 billion, up 40% from our Series D round in 2022, and includes both primary and secondary.

As a solutions engineer, I always handle the complex challenge of collecting IT and security data. The variety of modern ephemeral systems increases the complexity of collection requirements. Cloud, PCF, and Kubernetes emit metrics, logs, and traces through methodologies like Cloud Foundry’s Nozzle, Prometheus scrapers, and OpenTelemetry collectors. I often find all of these deployed in parallel in a single enterprise environment to meet the evolving needs of IT Ops or SecOps.