Log sources send events to Cribl logging middleware
Cribl Stream cleanses logs by removing unnecessary fields
Events intelligently route to SIEM or Data Lake
Result: Cost savings, optimization and SIEM noise reduction using SRA’s solution for log cleansing and routing
With SRA Security Data Pipeline, ~300GB of inbound logs can be reduced down to ~100GB without fidelity loss (size reduction rate depends on log source).
- Leading SIEM: $88k/year (90 day storage)
- Azure Data Explorer $11k/year (365 day storage)
Services & Timing
Planning & Design Workshop
SRA will review your architecture, identify log sources, and develop a strategic roadmap for deploying Cribl and socializing pipeline modernization.
Timing: 3 weeks
Implementation Support & Validation
SRA will deploy and configure Cribl Stream and Azure Data Explorer, establish documentation to govern and maintain new pipeline, and validate detection capabilities with Purple Team testing.
Timing: 12 weeks
Let us know if you would like us to provide Security Data Pipeline Modernization services for you by completing the contact form.