Microsoft Sentinel is a modern cloud-native SIEM, enriched by AI and threat intelligence empowering security teams with an easy and powerful security operations solution. Microsoft Sentinel offers a comprehensive toolset to collect, correlate, and analyze large volumes of security data across multicloud, multiplatform environments to detect and mitigate cyberthreats at scale.
Microsoft Sentinel has over 350 partner integrations and we are excited to highlight a recent integration with Cribl Stream. Together, Microsoft and Cribl are working to drive accelerated SIEM migrations for customers looking to modernize their security operations (SecOps) with Microsoft Sentinel.
“By combining Cribl’s leading data management technology with Microsoft Sentinel’s next generation SecOps SIEM solution, we are collectively helping customers transform and secure their businesses,” said Vlad Melnik, vice president of business development, alliances at Cribl. “We are excited to deepen our collaboration with Microsoft and unlock more value for our joint customers.”
Cribl Stream
Cribl Stream is a robust, vendor-agnostic streams processing engine focused on centralized
parsing and processing of data (e.g. security, IT, observability, and telemetry data). Customers can take any source and use Cribl Stream to route, reduce, reformat, enrich, or otherwise structure data in flight then send it to any destination – including Microsoft Sentinel.
Cribl Stream Integration with Microsoft Sentinel
The Cribl Stream integration with Microsoft Sentinel helps customers accelerate SIEM augmentations and migrations with Cribl’s ability to easily route data to various Microsoft Sentinel log tiers. In addition to benefitting customers that are migrating to Sentinel, Cribl offers customers additional capabilities including simple deployment, data optimization, and normalization.
Microsoft Sentinel supports both custom data and a variety of standardized formats, all of which Cribl Stream can directly target. Cribl has created several Cribl Packs for Microsoft Sentinel, which are self-contained bundles of configurations that enable joint customers to solve full use cases with minimal setup/configuration. Additionally, customers can edit these configurations or build their own custom transformations.
Accelerating SIEM Migrations to Microsoft Sentinel using Cribl Stream
Migrating or standing up a SIEM solution can be a complex, time-consuming, and resource-intensive process. In addition, the recently announced SIEM Migration experience in Microsoft Sentinel for bringing Splunk detections to Microsoft Sentinel analytics rules, customers can utilize the Cribl Stream integration to easily and quick bring data in the appropriate schema into Sentinel for security analysis.
Learn More
To learn more about this integration, please see Cribl’s recent blog post and technical documentation here.
For the latest information on Microsoft Sentinel see:
