A slew of innovations in data management tooling, data infrastructure and artificial intelligence dotted the landscape at AWS re:Invent 2024. Siemens Digital Industries Software, in particular, has tapped Cribl Inc.’s data reduction and operational visibility expertise to adapt to the expanding demands of its data management and security operations.

“It’s about the data reduction that we now have visibility into our environment like we never had before,” said Scott Schwartz (pictured, left), senior cloud infrastructure engineer at Siemens. “We didn’t have the licensing capacity for our Splunk environment to ingest all the different logs that we were interested in, but Security Lake allowed us to start collecting those. Cribl allowed us to reduce a lot of the data, eliminate fields that weren’t important to us and do some summarization on it. As a result, we were able to do a 90-95% reduction of the data.”

Schwartz and Pedro Borges (right), senior security engineer at Siemens, spoke with theCUBE Research’s John Furrier for theCUBE’s “Cloud AWS re:Invent Coverage,” during an exclusive broadcast on theCUBE, SiliconANGLE Media’s livestreaming studio. They discussed data management and security as rapidly evolving fields where blending innovation with strategy and teamwork remains crucial. 

Cribl’s role in data reduction and expanded visibility

By leveraging Cribl Stream, Siemens achieved up to a 95% reduction in data volume, allowing for more efficient use of tools such as Splunk. This process cut costs and improved the quality and accessibility of critical data, according to Borges.

“They used to be able to [only] write to Security Lake, now they can actually read from it, which is the part that we’re mostly using,” he said. “Cribl just gives us that flexibility of making the data look the way we want to as far as the format that we are expecting our analysts are used to, so it’s more usable to them.”

Cribl has also enabled Siemens to customize data formats, making them more usable for analysts and improving the efficiency of their security information and event management workflows. Enhanced dashboards and reduced reliance on multiple tools have streamlined operations, ensuring analysts can focus on critical insights without distractions, according to Borges.

“With Cribl, our analysts have easy access to all this data,” he said. “Now we can populate all these great dashboards that Splunk provides and run detections like a normal day-to-day. They don’t have to pivot to another tool.”

Here’s the complete video interview, part of SiliconANGLE’s and theCUBE’s “Cloud AWS re:Invent Coverage”:

Photo: SiliconANGLE