Take control and shape your data

Cribl Stream is a vendor-agnostic observability pipeline that gives you the flexibility to collect, reduce, enrich, normalize, and route data from any source to any destination. Cribl Stream leverages enriched security data from the CrowdStrike Falcon® Data Replicator (FDR) to give your team visibility, flexibility and control over data volumes. A Stream pipeline helps optimize your FDR data with powerful filtering and can reserialize events by removing fields through configuration. Additionally, Stream gives the flexibility to configure timestamp extractions for each category of FDR events, simplifying processing as well as making data much easier to use.

• Collect from any data source

  Use Stream as a universal receiver to get multiple data formats into your analytics tools.

• Reduce log volumes

  Optimize FDR data, reducing infrastructure budget and improving performance of analytical tools

• Shape all the data you need

  Enrich or mask FDR data in-flight to improve visibility and minimize overhead in real-time

• Route data to the best tool for the job

  Translate and format data into any tooling schema you need without having to deploy new agents or forwarders.