Why do we archive?

Your Cribl Stream journey begins today! It is a great idea to copy all data flowing through Stream into a long-term object store as a first step.

Why is this a great idea, you ask? Well Cribl, the Data Engine for IT and Security, empowers organizations to transform their data strategy, enabling customers to collect, process, route, and analyze all IT and security data.

Picture if you will – in the future a data breach occurs and Security Operations (SecOps) needs to examine the old data to find out when and where the breach occurred.

Or perhaps vendor 1 offers the best Security Information and Event Management (SIEM) tool today , but vendor 2 will do better tomorrow . How do you get all your old data into the new solution? Wouldn’t it be great if you had a complete copy of all the raw data that ever flowed through your environment?

In this course, we will learn how to configure a Route to copy all raw data flowing through your environment to Cribl Lake. By doing so, long-term storage will be more cost-effective. Also, we can reuse the data in new ways in the future if the need arises (hint: it will).