Add a Prometheus Remote Write Source for Cribl Search
Collect metrics sent using the Prometheus Remote Write API so you can search them fast with Cribl Search.
What’s a Prometheus Remote Write Source in Cribl Search?
A Cribl Search data source that receives metrics from Prometheus and other remote-write clients over HTTP or HTTPS using the Prometheus Remote Write API and stores them in a lakehouse engine for fast access.
Looking for the Prometheus Remote Write Source in Cribl Stream? See Prometheus Remote Write Source in Cribl Stream.
What You Need First
To set up this Source, you need:
- Cribl.Cloud Enterprise. For details, see Pricing.
- A lakehouse engine. Get one at lakehouse engines.
- Search Admin Permission, or higher. Learn who can do what at Cribl Search Permissions.
You don’t need Cribl Stream, Edge, or Lake.
Add a Prometheus Remote Write Source for Cribl Search
On the Cribl.Cloud top bar, select Products > Search > Data > Add Source > Prometheus Remote Write.
1. Describe Your Source
Under General, give your Source an ID and Description, so you and other Search Admins know what the Source is for and if it’s safe to modify.
The ID must be unique across your Workspace and can contain letters, numbers, underscores, and hyphens. Cribl Search
prefixes it with in_ on save (for example, prometheus_rw becomes in_prometheus_rw).
2. Note the Source Endpoint
Under General, note down the Address and Port. You’ll need them to configure Prometheus to send data here.
Keep the default port unless it conflicts with another service.
3. Set the Remote Write API Endpoint
Under General, set Remote Write API endpoint to the absolute path on which to listen for Prometheus requests.
The default is /write, which expands to: http://<your-upstream-URL>:<your-port>/write.
4. Set Up Encryption
TLS encryption protects your data in transit between your upstream Prometheus client and the Cribl Search Source.
Under Encrypt, select Enabled, and set the Minimum TLS version you want to accept.
| TLS version | When to use |
|---|---|
| 1.3 | Recommended. Provides the best security. |
| 1.2 | Use only when connecting to older systems that don’t support TLS 1.3. |
| Older than 1.2 | Avoid if possible. These versions are no longer considered secure. |
5. Set Up Authentication
Authentication ensures only authorized senders can push data to your Source.
Under Authentication, select the Authentication type you want to use.
- None: No authentication. Use only for testing or trusted internal networks.
- Basic: Authenticate with a username and password.
- Basic (credentials secret): Authenticate with a stored credentials secret.
- Auth token: Authenticate with bearer tokens.
- Auth token (text secret): Authenticate with a stored text secret.
Prometheus Remote Write Authentication
When setting up a Prometheus Remote Write Source for Cribl Search, you can choose one of the authentication methods: Basic, Basic (credentials secret), Auth tokens, or Auth token (text secret).
Basic
Authenticate with a username and password that you set for Cribl Search. Your upstream OTEL sender must provide these credentials when sending data to your Source endpoint.
When setting up authentication for your OpenTelemetry Source:
- Under Authentication, select Basic.
- Create a new Username and Password for this Source.
- Configure your Prometheus client to provide the username and password when sending data to your Source endpoint.
Basic (Credentials Secret)
Authenticate using a stored credentials secret instead of entering a username and password directly. This keeps credentials out of your Source configuration and makes them easier to rotate.
When setting up authentication for your OpenTelemetry Source:
- Under Authentication, select Basic (credentials secret).
- In Credentials secret, select a stored credentials secret, or choose Create to add a new one (see Create and Manage Secrets).
- Configure your Prometheus client to provide the credentials when sending data to your Source endpoint.
Auth Tokens
An authentication token is a secret shared between Cribl Search and your upstream OTEL senders. Using tokens ensures only authorized senders can push data to your Source.
When setting up authentication for your OpenTelemetry Source:
- Under Authentication, select Auth tokens.
- Select Add Token, and configure:
- Token secret (text secret): Select a stored text secret that holds the token, or choose Create to add a new one (see Create and Manage Secrets).
- Enable token: Turn on to require this token for incoming requests to your Source. Disable only when testing without authentication.
Auth Token (Text Secret)
Authenticate with a stored text secret instead of entering a token directly.
When setting up authentication for your OpenTelemetry Source:
- Under Authentication, select Auth token (text secret).
- In Auth token (text secret), select a stored text secret, or choose Create to add a new one (see Create and Manage Secrets).
- Configure your Prometheus client to provide the text secret when sending data to your Source endpoint.
Next Steps
Confirm with Save. Now, you’re ready to:
- Set Datatype rules for parsing your data. See Shape Your Data.
- Set Dataset rules for organizing your data. See Organize Your Data.
- Configure your Prometheus client to send data to the Source endpoint.