Case Study: Fortune 1000 IT Services Organization cuts VSOC traffic 99.99% with Cribl

Cribl Search Delivers Decision-Ready Data for Fortune 1000 IT Services Organization

The Fortune 1000 IT Services Organization supports government agencies with technology services across ten countries and nearly 40,000 employees. To manage growing data volumes, meet evolving federal log-management compliance requirements, and reduce the cost of sending full logs to downstream tools and an outsourced VSOC, the company turned to Cribl Stream and later Cribl Search.

Cribl Stream was used to filter, route, and transform data before it reached SIEM and security operations systems, while Cribl Search enabled the team to query data stored in S3 without re-ingesting it into Splunk. With Cribl, the organization achieved a 99.99% reduction in traffic sent to its VSOC, avoided downtime during a cloud-storage cutover, improved troubleshooting access, and lowered SIEM and storage costs by building a more flexible multi-tier data architecture.