Case Study: Leading Leisure Travel Company cuts security costs 72% with Cribl Stream

The Passport to an Optimized Security Stack at Leading Leisure Travel Company Cribl Stream

Leading Leisure Travel Company, a global leisure travel business formed through the merger of several brands, needed to rethink its security data strategy as it expanded. After implementing CrowdStrike Falcon Data Replicator (FDR), the company quickly ran into unexpectedly high log volumes that exceeded its Splunk SIEM licensing and infrastructure capacity, forcing the security team to prioritize which data to onboard.

Cribl helped the team optimize CrowdStrike FDR data with Cribl Stream, starting with the free Cribl Pack for CrowdStrike to reduce log volume while preserving the context needed for detection and investigations. With Cribl, the company achieved an immediate 50% reduction and ultimately a 72% overall reduction in logs, opened 50% additional headroom in Splunk, and routed high-fidelity alerting data to Splunk while sending raw and long-term retention data to CrowdStrike LogScale.