Product Updates

Stream - Real-time analytics for AI conversations. Tracks costs across 16+ models, grades response quality (A-D), detects sentiment and intent, and provides optimization recommendations - all in-stream. View Pack

This one is all about control, precision, and making things just work better.Platform• IP Allowlist for API Credentials: Lock API keys to trusted networks.• Terraform Config Exporter: Turn live configs into Terraform. No more rebuilding by hand. Capture it once, reuse it everywhere.Stream• Cribl Guard Detection Improvements: Better signal, less noise. More accurate sensitive data detection without the alert fatigue.Search• Field Transformation on Ingest (Lakehouse Engine): Shape your data on the way in so you’re not wrangling it later.• Clear Datasets: Reset datasets without deleting them. Cleaner workflows, faster iteration.• New 2XS and 3XS Tiers: Smaller entry points for federated and lakehouse engines. Test, validate, and scale without overcommitting.These are just the highlights. Check out the full release notes for Stream, Edge, Search, and Lake.Cribl.Cloud customers are already upgraded—just click Deploy.On-prem customers can download the update now.

Stream - Process output of scripted collector for Qualys detection events View Pack

Stream - Pack to ingest events via the CyberArk API View Pack

Stream - Pack to collect Salesforce Event Log File data from Salesforce API View Pack

Stream - Collector Pack to collect and process Workday Activity data View Pack

Stream - Collector pack to process data from 1Password REST API. View Pack

Stream, Edge - This pack provides examples for how events need to be modified before sending to XSIAM. View Pack

Stream - Parse, normalize, and route Aviatrix Cloud Network syslog data for any SIEM destination. Supports 9 log types: L4 Microsegmentation, L7/TLS Inspection, Suricata IDS, FQDN Firewall, Controller API Audit, VPN Session, Gateway Network Stats, Gateway System Stats, and Tunnel Status. View Pack

Stream, Edge - Process, reduce, and transform Palo Alto Networks Firewall logs. View Pack

Edge - This Cribl Edge Pack collects Claude Code telemetry from two sources — session log files (.jsonl transcripts) via a file monitor and operational metrics/logs via OpenTelemetry (OTLP/gRPC) — and forwards them to a Cribl Stream worker group for indexing, analysis, and search. View Pack

Stream - Pack to collect and process Microsoft Entra ID activity data View Pack

Stream - Source Pack to process data from Amazon SageMaker. View Pack

Stream - Collector Pack for processing Abnormal.ai data View Pack

Stream - Collector Pack to process data from the Island Browser API View Pack

Stream - Collector Pack to process data from the Wiz API View Pack

Stream - Collector pack to process data from the Crowdstrike Alerts, Devices, and Vulnerabilities REST endpoints. View Pack

Stream - Collector pack to process data from Duo. View Pack

Stream - Collector pack to process data from the Akamai SIEM Integration REST endpoint. View Pack

Stream - Collector Pack to process Netskope Alerts and Events View Pack

Stream - Collector pack to process data from OpenAI API View Pack

Stream - Collect and process data from SentinelOne REST endpoints. View Pack

Stream - Source Pack to process data from Amazon Bedrock. View Pack

Stream - Source Pack to collect and process Microsoft Foundry AI-related data from an Azure Event Hub View Pack

Stream - Collector pack to process data from the Microsoft Graph REST endpoint. View Pack