This is one of a series of blogs in which we introduce AppScope 1.0 with stories that demonstrate how AppScope changes the game for SREs and developers, as well as Infosec, DevSecOps, and ITOps practitioners. In the coming weeks, Part 2 of this post will tackle another Infosec use case. If you’re in Infosec, at some point you’ve doubtless had to vet an application before it’s allowed to run in an enterprise environment.

SREs and Devs are used to solving problems even when an awkward or inefficient way is the only way. In AppScope 1.0, SREs and Devs have a new alternative to standard methods, that the AppScope team thinks will make that problem-solving a lot more fun. We in the AppScope team constantly hear firsthand about life in the SRE trenches. For this blog, we “interview” a fictional SRE/Dev whose thoughts and comments are a mash-up of things we’ve heard from real people we know.

Talk to anyone in the tech space and you’ll likely hear horror stories of how home lab setups can grow out of control or about long lists of VMs used to test various software systems. As a Criblanian, I’m no exception – I have at least a half dozen instances of Cribl LogStream deployed everywhere from my local machine, on docker containers, or on a few EC2 instances in AWS.

Imagine a workflow where you change and test all of your configurations in the “development” environment, committing those changes along the way, and then when you’re happy with the changes, you bundle them together in a single “pull request”, and the changes, after being reviewed by your peer(s), get pushed into production.

Since joining Cribl in July, I’ve had frequent conversations with Federal teams about observability data they collect from networks and systems, and how they use and retain this data in their SIEM tool(s). Cribl LogStream’s ability to route, shape, reduce, enrich, and replay data can play an invaluable role for Federal Agencies. Over several blogs, we will walk through the power that we bring to these requirements.

Feature Highlights is a new addition to our ongoing series of webinars. As the name suggests, it’ll focus on specific product features with anonymized customer use cases taking center stage. In other words, how Cribl customers actually use the features to get the job done, sometimes in unintended ways. QuickConnect was the first act with a session “Streamline Connections w/ LogStream QuickConnect”.

In LogStream 3.0, we introduced a framework that provides a way for LogStream customers to build, reuse, and share configuration modules – including pipelines, lookups, data samples, and knowledge objects – called Packs. While each Pack has its own “context” containing custom pipelines, routes, lookups, variables, etc., it still retains access to built-in LogStream configuration that is shipped with the product.

Since we introduced AppScope in 2021, we’ve been relentlessly working towards the production-ready milestone. Last week we released AppScope 1.0. It’s been a long haul getting to this point. Not really sure if it took this long because we solved difficult problems, or if we’re just that slow. Someone told me that what we are doing would go a lot faster if we use a modern high-level language. Maybe … Can you imagine doing this in TypeScript? Yeah, me either.

We were able to leverage the Node.js VM module to execute arbitrary JavaScript code with its own set of globals, separate from the running process’ globals.

In Cribl LogStream 3.0, we introduced Packs! Packs are self-contained bundles of configurations that allow users to solve full use cases with minimal setup/configuration on their part.