Cribl Edge and CrowdStrike SIEM Connector Configuration Guide v1.4

This document is designed for customers that want to use Cribl as the central ingestion and distribution platform for CrowdStrike Event Stream API data. This guide demonstrates how to combine the collection capabilities of CrowdStrike’s SIEM connector with the processing and routing capabilities of Cribl Edge. The SIEM connector will output a JSON structured file locally for Cribl Edge to monitor, collect, process and route to the required destinations.

Tech Hub

  • OS icon
  • deployment icon
  • installation icon

For technical information on installation, policy configuration and more, please visit the CrowdStrike Tech Hub.

Visit Tech Hub