Talking flexibility in SIEM (& O11y) - Elastic & Cribl

Name: Talking flexibility in SIEM (& O11y) - Elastic & Cribl
Start: 2024-09-18T17:30:00-07:00
End: 2024-09-18T19:30:00-07:00
Location: 3709 157th Ave NE

Hosted by Elastic Meetup T.

Elastic Seattle User Group

Details

Join us on Wednesday, September 18th, for a Seattle Elastic User Group meetup with Cribl. Jim Totman (Principal Solutions Architect at Elastic) and Michael Donnelly (Director, Solutions Engineering at Cribl) will present, followed by networking, pizza, and refreshments.

Date and time:
Wednesday, September 18th, from 5:30 - 7:30 pm PDT

Location:
Redmond Microsoft Reactor - 3709 157th Ave NE, Redmond, WA 98052
We'll be in the Alder room

Parking:
Parking is free at Microsoft Building 20, the Reactor space, (with overflow parking at Building 25).

Arrival Instructions:
Attendees will sign in at the front desk with their first and last names. A Reactor team member will be at the desk to assist with any questions.

Meetup Host:

Justin Casilla - Sr. Developer Advocate at Elastic

Agenda:

5:30 pm: Doors open; say hi, grab a seat, and eat some food.
6:00 pm: Talking flexibility in SIEM (& O11y) - Elastic & Cribl with Jim Totman (Principal Solutions Architect at Elastic) and Michael Donnelly (Director, Solutions Engineering at Cribl)
7:00-7:30 pm: Networking & refreshments
7:30 pm: Event ends

Talk Abstracts:
Talking flexibility in SIEM (& O11y) - Jim Totman (Principal Solutions Architect at Elastic) and Michael Donnelly (Director, Solutions Engineering at Cribl)

In this talk, we'll dive into how Elastic Security and Cribl work together to modernize security operations. We will explore how Elastic's AI-powered detection and remediation enhance SIEM and endpoint security, while Cribl optimizes, enriches, and routes data to multiple destinations. Learn how this partnership enables seamless data migration, pipeline management, and cost savings, making your security infrastructure more flexible and efficient.

We'll conclude with an insightful demo where we will showcase how Cribl routes real-time data streams (Windows events in XML, PAN TRAFFIC, etc.) to a destination ("Old SIEM"). We then configure parsing to Elastic Common Schema (ECS) and connect Cribl to an Elastic destination.

Finally, we'll pivot over to Elasic, where we will verify data ingestion and highlight its AI-driven auto-detection of unmapped fields, ensuring smooth, accurate analysis

Events in Redmond, WA

Artificial Intelligence

Computer Security

Big Data

Elasticsearch

Elastic Stack

Elastic Seattle User Group

Talking flexibility in SIEM (& O11y) - Elastic & Cribl

Elastic Seattle User Group

Details

Sponsors

Members are also interested in