About
Get a high-level overview of Cribl Search
Concepts
Learn fundamental Cribl Search concepts
Quick Start
Create a Cribl.Cloud Organization and run your first search
UI Tour
Find your way around the Cribl Search UI
Get Data In
Ingest data into Cribl Search lakehouse engines
Connect to External Data
Run federated searches against external systems
Get Data In
Ingest data directly into Cribl Search for schema-aware searches
Lakehouse Engines
Set up lakehouse engines to store and accelerate ingested data
Search Datasets
Organize ingested data and set retention
Datatyping in Lakehouse Engines
Parse incoming events into fields
Dataset Rules
Route parsed events into Search Datasets
Sources
Connect Sources that feed your lakehouse engines
Build a Search
Learn query syntax, operators, time ranges, and more
Run Investigations (Preview)
Investigate incidents with AI guidance
Notebooks
Combine queries, results, and notes in a single workspace
Visualize
Visualize search results with Charts and Dashboards
Schedule a Search
Run a search at a scheduled frequency
Inspect Datasets
Browse and explore your Search Datasets
Language Reference Index
Kusto operators, functions, statements, commands, and virtual tables
API Reference
REST API endpoints for Cribl Search
Operators
All Kusto operators supported by Cribl Search
Functions
All Kusto functions supported by Cribl Search
Packs
Import, export, and share pre-built Cribl Search resources
Knowledge Libraries
Lookups, Parsers, regexes, Grok patterns, Macros
All the docs to goat you started with Cribl Search
- Get Cribl Cloud, to start searching immediately.
- Download all docs as a PDF - 4.17.1.
- Download a quick-reference Cribl Search Tip Sheet.
- Questions not answered here? We’d love to help you. Meet us in #Cribl Community Slack - sign up here.