This document is designed for customers that want to use Cribl as the central ingestion and distribution platform for CrowdStrike Event Stream API data. This guide demonstrates how to combine the collection capabilities of CrowdStrike’s SIEM connector with the processing and routing capabilities of Cribl Edge. The SIEM connector will output a JSON structured file locally for Cribl Edge to monitor, collect, process and route to the required destinations.
Discover More at our
Resource Center
Tech Hub
For technical information on installation, policy configuration and more, please visit the CrowdStrike Tech Hub.
Visit Tech Hub