LEARN, CONNECT, BUILD
Microsoft Reactor
Join Microsoft Reactor and engage with developers, entrepreneurs, and startups live
Ready to get started with AI and the latest technologies? Microsoft Reactor provides events, training, and community resources to help developers, entrepreneurs and startups build on AI technology and more. Join us!
LEARN, CONNECT, BUILD
Microsoft Reactor
Join Microsoft Reactor and engage with developers, entrepreneurs, and startups live
Ready to get started with AI and the latest technologies? Microsoft Reactor provides events, training, and community resources to help developers, entrepreneurs and startups build on AI technology and more. Join us!
Talking flexibility in SIEM (& O11y) - Elastic & Cribl
19 September, 2024 | 12:30 AM - 2:30 AM (UTC) Coordinated Universal Time
Location: Redmond
Address: Redmond Reactor 3709 157th Ave NE, Redmond, WA 98052
Topic: Modern Data and Analytics
Language: English
Meetup Host:
- Justin Casilla - Sr. Developer Advocate at Elastic
Agenda:
- 5:30 pm: Doors open; say hi, grab a seat, and eat some food.
- 6:00 pm: Talking flexibility in SIEM (& O11y) - Elastic & Cribl with Jim Totman (Principal Solutions Architect at Elastic) and Michael Donnelly (Director, Solutions Engineering at Cribl)
- 7:00-7:30 pm: Networking & refreshments
- 7:30 pm: Event ends
Talk Abstracts:
Talking flexibility in SIEM (& O11y) - Jim Totman (Principal Solutions Architect at Elastic) and Michael Donnelly (Director, Solutions Engineering at Cribl)
In this talk, we'll dive into how Elastic Security and Cribl work together to modernize security operations. We will explore how Elastic's AI-powered detection and remediation enhance SIEM and endpoint security, while Cribl optimizes, enriches, and routes data to multiple destinations. Learn how this partnership enables seamless data migration, pipeline management, and cost savings, making your security infrastructure more flexible and efficient.
We'll conclude with an insightful demo where we will showcase how Cribl routes real-time data streams (Windows events in XML, PAN TRAFFIC, etc.) to a destination ("Old SIEM"). We then configure parsing to Elastic Common Schema (ECS) and connect Cribl to an Elastic destination.
Finally, we'll pivot over to Elasitc, where we will verify data ingestion and highlight its AI-driven auto-detection of unmapped fields, ensuring smooth, accurate analysis
Already registered and need to cancel? Cancel registration