Repositories list

• cribl-palo-alto-networks

  Public
  Process, reduce, and transform Palo Alto Networks Firewall logs.

  datanetworklogs+ 6pipelinesstream-processingobservabilitylogstreampalo-alto-networkspalo-alto

  Python

  •

  Apache License 2.0

  •7•13•3•0•Updated Sep 24, 2024Sep 24, 2024

• cribl-ocsf-parquet-schemas

  Public
  Cribl Parquet Schemas for Open Cybersecurity Schema Framework

  1•2•0•0•Updated Aug 7, 2024Aug 7, 2024

• cribl-cisco-asa-cleanup

  Public
  Drop, Extract, Suppress based on certain ASA codes in lookup tables

  Apache License 2.0

  •2•0•1•0•Updated Jun 10, 2024Jun 10, 2024

• cribl-splunk-forwarder-windows-xml-events-to-json

  Public
  Apache License 2.0

  •1•1•2•0•Updated Mar 27, 2024Mar 27, 2024

• cribl-splunk-uf-internal-redux

  Public
  Use this Pack to reduce your Splunk Forwarder log volume.

  splunklogsstream-processing+ 3observabilitysplunk-universal-forwardersplunk-universal-forwarders

  Apache License 2.0

  •1•4•0•0•Updated Feb 27, 2024Feb 27, 2024

• cribl-knowledge-pack

  Public
  Examples of best-in-class use cases curated from community members and Cribl Solutions Engineers.

  eventslogsstream-processing+ 3observabilitydata-pipelinecribl

  Apache License 2.0

  •2•7•0•0•Updated Jul 13, 2023Jul 13, 2023

• cribl-splunk-forwarder-windows-classic-events-to-json

  Public
  Apache License 2.0

  •0•0•1•0•Updated May 10, 2023May 10, 2023

• cribl_crowdstrike

  Public
  1•1•0•0•Updated Apr 13, 2023Apr 13, 2023

• cribl-azure-sentinel-security

  Public
  1•1•0•0•Updated Mar 21, 2023Mar 21, 2023

• cribl-windows-events

  Public
  This pack is targeted for collections of Window events in the Classic or newer XML format. For events in the Classic format, sometimes the Message field contains XML.

  microsoftwindowsxml+ 6xml-parsingstream-processingxml-parserobservabilitywindowseventswindows-events

  Apache License 2.0

  •3•14•1•0•Updated Jan 30, 2023Jan 30, 2023

• cribl-ubiquiti-syslog

  Public
  Cribl Pack for Ubiquiti Syslog

  Apache License 2.0

  •0•1•0•0•Updated Dec 15, 2022Dec 15, 2022

• cribl-syslog-input

  Public
  This Pack enables a variety of functions when LogStream is used to receive data from Syslog senders.

  eventslogssyslog+ 3stream-processingobservabilitydata-pipeline

  Apache License 2.0

  •1•8•0•0•Updated Nov 8, 2022Nov 8, 2022

• cribl-imperva

  Public
  1•0•0•0•Updated May 18, 2022May 18, 2022

• cribl-common-event-format

  Public
  Pre-Processor for Common Event Format (CEF) and Log Event Extended Format (LEEF) syslog messages

  jsonsyslogcef+ 2common-event-formatleef

  1•1•0•0•Updated Feb 4, 2022Feb 4, 2022

• cribl-linux-events

  Public
  The linux pack is designed to support the processing of linux OS data.

  Apache License 2.0

  •1•1•0•0•Updated Jan 26, 2022Jan 26, 2022

• cribl-apple-health

  Public
  Collect, Transform, and Route Apple Health data.

  applejson-datahealth+ 7stream-processinghealthcareapple-watchhealthkitobservabilityhealthcare-applicationunroll

  Apache License 2.0

  •0•1•0•0•Updated Jan 26, 2022Jan 26, 2022

• cribl-aws-cloudtrail-logs

  Public
  Collect AWS CloudTrail logs using Cribl LogStream. Use this pack to optimize your CloudTrail events and send relevant events into your logging or SIEM solution.

  awsamazoncloudtrail

  Apache License 2.0

  •1•1•1•0•Updated Jan 10, 2022Jan 10, 2022

• cribl-clamav

  Public
  Use this pack to reformat and enhance your ClamAV logs.

  Apache License 2.0

  •0•0•0•0•Updated Dec 2, 2021Dec 2, 2021

• cribl-vpc-flow-for-security-teams

  Public
  The Cribl Pack for VPC Flows Logs for Security Teams

  Apache License 2.0

  •2•5•0•0•Updated Nov 19, 2021Nov 19, 2021

• cribl-middleware-mq

  Public
  Pack for parsing and reformatting MQ system logs: RabbitMQ, ActiveMQ and WebsphereMQ

  eventsrabbitmqlogs+ 7stream-processingmessage-queueactivemqwebsphereobservabilitydata-pipelinemiddelware

  Apache License 2.0

  •0•0•1•0•Updated Aug 16, 2021Aug 16, 2021

• cribl-latency-bandwidth-monitor

  Public
  Monitor internet latency and bandwidth with mtr, speedtest, LogStream and Grafana Cloud

  Shell

  •0•0•0•0•Updated Jul 12, 2021Jul 12, 2021

• cribl-carbon-black

  Public
  This pack is targeted for collections of Carbon Black events

  vmwarelogsstream-processing+ 3observabilitycarbonblackcarbon-black-cloud

  Apache License 2.0

  •1•1•0•0•Updated Jul 10, 2021Jul 10, 2021

• cribl-cisco-esa-mailtext

  Public
  The purpose of this pack is to provide extensive regex extraction for Cisco ESA mailtext logs. By definition ESA mailtext logs tend to be very verbose with small event sizes.

  eventsciscologs+ 4stream-processingesaobservabilitymailtext

  Apache License 2.0

  •0•1•0•0•Updated Jul 10, 2021Jul 10, 2021

• cribl-microservices-logs-preprocessing

  Public
  This pack contains a set of pre-processing pipelines for sources dedicated to microservices logs. This includes popular engines including Docker, Kubernetes, and Pivotal Cloud Foundry (PCF).

  dockerkubernetesevents+ 7datamicroserviceslogsstream-processingobservabilitydocker-logspivotal-cloud-foundry

  Apache License 2.0

  •0•0•0•0•Updated Jul 10, 2021Jul 10, 2021

• cribl-fortinet-fortigate-firewall

  Public
  This pack is targeted for collections of Fortinet Fortigate firewall events

  firewallstream-processingobservability+ 3fortigatefortinetfortigate-firewall

  Apache License 2.0

  •1•2•1•0•Updated Jul 10, 2021Jul 10, 2021

• cribl-webhook-pagerduty

  Public
  This pack demonstrates use of the WebHook destination by using the PagerDuty service. You can use this function to alert your team of potential issues.

  webhookstream-processingpagerduty+ 1notificaiton

  Apache License 2.0

  •0•2•0•0•Updated Jul 10, 2021Jul 10, 2021