Skip to main content

LEARN, CONNECT, BUILD

Microsoft Reactor

Join Microsoft Reactor and engage with developers, entrepreneurs, and startups live

Ready to get started with AI and the latest technologies? Microsoft Reactor provides events, training, and community resources to help developers, entrepreneurs and startups build on AI technology and more. Join us!

LEARN, CONNECT, BUILD

Microsoft Reactor

Join Microsoft Reactor and engage with developers, entrepreneurs, and startups live

Ready to get started with AI and the latest technologies? Microsoft Reactor provides events, training, and community resources to help developers, entrepreneurs and startups build on AI technology and more. Join us!

Go back

Talking flexibility in SIEM (& O11y) - Elastic & Cribl

19 September, 2024 | 12:30 AM - 2:30 AM (UTC) Coordinated Universal Time

Location: Redmond

Address: Redmond Reactor 3709 157th Ave NE, Redmond, WA 98052

  • Format:
  • alt##In personIn person (Redmond)

Topic: Modern Data and Analytics

Language: English

Meetup Host:

  • Justin Casilla - Sr. Developer Advocate at Elastic

Agenda:

  • 5:30 pm: Doors open; say hi, grab a seat, and eat some food.
  • 6:00 pm: Talking flexibility in SIEM (& O11y) - Elastic & Cribl with Jim Totman (Principal Solutions Architect at Elastic) and Michael Donnelly (Director, Solutions Engineering at Cribl)
  • 7:00-7:30 pm: Networking & refreshments
  • 7:30 pm: Event ends

Talk Abstracts:
Talking flexibility in SIEM (& O11y) - Jim Totman (Principal Solutions Architect at Elastic) and Michael Donnelly (Director, Solutions Engineering at Cribl)

In this talk, we'll dive into how Elastic Security and Cribl work together to modernize security operations. We will explore how Elastic's AI-powered detection and remediation enhance SIEM and endpoint security, while Cribl optimizes, enriches, and routes data to multiple destinations. Learn how this partnership enables seamless data migration, pipeline management, and cost savings, making your security infrastructure more flexible and efficient.

We'll conclude with an insightful demo where we will showcase how Cribl routes real-time data streams (Windows events in XML, PAN TRAFFIC, etc.) to a destination ("Old SIEM"). We then configure parsing to Elastic Common Schema (ECS) and connect Cribl to an Elastic destination.

Finally, we'll pivot over to Elasitc, where we will verify data ingestion and highlight its AI-driven auto-detection of unmapped fields, ensuring smooth, accurate analysis

Already registered and need to cancel? Cancel registration

Registration

Sign in with your Microsoft Account

Sign in

Or enter your email address to register

*

By registering for this event you agree to abide by the Microsoft Reactor Code of Conduct.

For questions please contact us at reactor@microsoft.com