BigPanda-Cribl Integration: Stronger actionable insights within your observability data


Overwhelming volumes and varieties of observability data most businesses encounter on a daily basis is impossible for IT operations teams to manually sift through successfully. This can be a troubling reality when frequent high-value business data is required to consistently maintain the uptime and integrity of your services and applications. During a webinar on Transforming your IT operations hosted by BigPanda, Jason Walker, Chief Technology Officer at BigPanda, sat down with Nick Heudecker, Senior Director of Market Strategy and Competitive Intelligence at Cribl.

They discussed the challenges of making upstream observability data actionable and how organizations can transform their early detection mechanisms and IT operations by integrating with both BigPanda and Cribl. Read on to discover how doing this enables your ITOps downstream environment to thrive with improved service maps, enhanced data enrichment, stronger correlation, and more.

Gain better observability data for lower cost

“IT operations teams, SREs, and DevOps are all working to keep services up and have an average of 21 observability systems running simultaneously with 1100 applications built on legacy stacks, modern stacks, and more. That is a massive amount of raw material, and the fact is, there are some ‘diamonds’ of quality information in there, but you have to mine for them,” explains Walker.

“Traditional approaches to managing this volume of data, such as using multiple agents and tools, often lead to high costs, complexity, and inefficiency.” Cribl and BigPanda, leaders in the observability and AIOps space, respectively, offer a solution to this problem.

Cribl’s flagship product, Cribl Stream, uses its observability pipeline to enable organizations to ingest more descriptive observability data that delivers a new stream of actionable events that would have been too costly to otherwise produce. Cribl transforms data in real-time and on an event-by-event basis by collecting, processing, and routing only priority observability data from multiple destinations into BigPanda, which is used to enrich and correlate complex data into actionable incidents. This capability is particularly valuable for security teams who need to share and consolidate protected data across numerous tools.

By empowering users to make data routing decisions and breaking the silos between agents and platforms, Cribl helps you access more observability data, reduce noise in data processing and avoid observability tool costs from extra CPU search cycles or unnecessary data storage fees.

Gain actionable insights from your entire IT stack

When you convert high volumes of complex, unactionable heterogeneous observability data (such as logs, traces, alerts, events, changes, topology, and relationship telemetry) into a secure and normalized single stream of topology metadata from on-prem and cloud IT environments, you can unlock insights from the vast amount of previously untapped valuable data.

“These newly available insights enable you to make a strategic decision to select and send, for example, 20% of a specific portion of your high-value data off to your platform of choice and leave the rest to object storage to investigate later. These options are empowering to users,” says Heudecker. “The identification and consolidation of high-value data enables you to feed BigPanda the right data at the right time from all these new sources, which is a huge win.”

Maintain security compliance

While more data awareness can initially cause a security concern, from a compliance standpoint, Heudecker confirmed that Cribl makes it easy to mask Personally Identifiable Information (PII) data at rest for compliant access to sensitive alert data, supporting the increasing number of regulations like GDPR and CCPA and ensuring organizations are not including sensitive information in their data streams, making it easier for multinational companies to meet regulatory requirements.

With additional compliant access to observability data, customers can broaden the scope of their infrastructure awareness within BigPanda, providing an even more comprehensive view of their IT landscape and enabling full range to enrich correlated alerts and incidents in real-time, which makes it easier and faster to respond to alerts before they escalate or become incidents.

Reduce observability data noise to identify actionable alerts

The integration of Cribl and BigPanda eliminates duplicate fields, null values, and low-value elements, improving system performance and reducing storage costs. Set parsing rules for incoming alert payloads and use AI tag normalization to pre-process the content to match incoming data requirements before it reaches BigPanda, which improves system performance and reduces storage costs.
This transforms complex data into a unified stream of normalized topology metadata for both on-premises and cloud environments. The enriched data enhances the real-time correlation of alerts and incidents, enabling more precise incident detection and awareness by IT operations teams.

“The holy grail of AIOps is getting predictive and detecting potential issues before it ever impacts any of your services or applications,” says Walker. “By joining Cribl and BigPanda, you can unlock more valuable upstream observability data to facilitate early detection mechanisms and allow your downstream environment to have an even more impactful service map, better enriched data, and better correlation for rapid and automated incident triage and resolution.”

Strengthen actionable insights with a higher-quality observability data pipeline

By leveraging Cribl’s capabilities to manage data efficiently and effectively, organizations can improve their observability data while ensuring security compliance along the way. This high-quality data input into BigPanda enhances the transformation of IT data into actionable intelligence and automation for more efficient incident triage, supporting overall system and application uptime. Combine both platforms to provide a holistic solution that empowers IT operations teams to overcome data challenges, achieve operational excellence and reduce costs.

