Operations | Monitoring | ITSM | DevOps | Cloud

When your logs don’t follow a standard format, it can be difficult to extract valuable information, like key-value pairs and nested JSON objects. Grok parsing lets you define flexible patterns that match unstructured log data so you can extract specific fields to query, filter, and visualize. In this video, you’ll learn how to: By refining your Grok parsers, you can make your logs more useful for analytics, dashboards, or alerts, and get even more value from your logs.

In this episode of Pastries and SREs, we dig into how vendor lock-in and sky-high observability costs are forcing teams to choose between coverage and budget, AND why you shouldn’t have to settle. With donuts in hand, we explore how to take back control of your observability strategy by making it cost-effective, comprehensive, and flexible.

Syslog: it's everywhere, it’s ancient, and let’s be honest — it rarely shows up the way the RFC says it should. Before you cut over to Cribl Stream, it pays to understand exactly what you're dealing with and why it matters. In this talk, we’ll demystify the syslog format (yes, the actual RFC 3164 and 5424 stuff), look at what happens when data goes rogue, and explore how Cribl can help bring order to the chaos.

Security teams are dealing with massive data growth, siloed tools, and constant alert fatigue. All of this makes it harder to detect and respond to threats. AI has become a key part of the solution, but its effectiveness depends on having access to complete, high-quality data. In this session, Palo Alto Networks and Deloitte will explore how AI and automation are redefining the modern Security Operations Center (SOC). Learn how leading organizations are leveraging intelligent workflows, automated threat detection, and machine learning to accelerate response times, reduce analyst fatigue, and strengthen overall security posture.

Security teams today are overwhelmed with data—but starved for context. In this session, we’ll show how you can turn raw security telemetry into actionable intelligence before it hits your SIEM by enriching it with Threat Intelligence (TI) directly in Cribl Stream.

In this session, we will discuss how the University of Pittsburgh was able to modernize their data processing strategy, migrate to a new SIEM solution, and avoid ballooning SIEM costs all within 68 days from the first install of a Cribl product. We will showcase how we were able to use Cribl's software to easily handle the following scenarios: 100% agent replacement and consolidation using Cribl Stream Workers and Edge.

We’re entering a new era where agents will boost productivity and reshape how we handle and analyze telemetry data. This is the before and after moment.