What Can Cribl Do for Me?

OK, marketing fluff talk aside, it can be tough to manage your syslog at scale. In this sandbox, we will explore a general use case in which IT administrators try to collect syslog using the following architecture:

This layout works, but at what cost? Having to deploy this multiple times is gonna be tedious at best. Troubleshooting/managing configuration changes? Like trying to figure out why your log shipper cannot read Syslog-NG files, and find out you forgot to add perm(0644) to your config)? Hope you don’t like weekends. With Cribl Stream (and Cribl Edge), you can reduce management overhead and increase flexibility.

First, we'll inspect the current deployment to illustrate how it's all working. After that, we’ll go through configuring and deploying Cribl Stream to replace Syslog-NG.

As the kids say: It's gonna be lit, fam.