Add Cribl Search Sources
Set up your Source with step-by-step instructions.
Cribl HTTP
Collect events sent from other Cribl components, from Cribl on-prem or Cribl.Cloud tenants.
Elasticsearch API
Collect data sent using the Elasticsearch bulk API, including from Beats and the Elastic Agent.
OpenTelemetry
Collect metrics, traces, and logs from any OTEL-compliant agent.
Splunk TCP
Collect data sent by Splunk Forwarders, including the Splunk Universal Forwarder.
Splunk HEC
Collect data sent using the HTTP/HTTPS protocols, including from the Splunk Universal Forwarder.
Syslog
Collect data from Syslog agents in the Syslog format via TCP or UDP.
Windows Event Forwarder
Collect data from Windows Event Forwarder (WEF) servers over TCP.
Prometheus Remote Write
Collect metrics sent using the Prometheus Remote Write API protocol.
Datadog Agent
Collect metrics, traces, and logs sent by the Datadog Agent using the Datadog API protocol.
Raw HTTP
Collect raw HTTP requests without any parsing or formatting, useful for custom protocols or debugging.
TCP JSON
Collect JSON-formatted events sent over TCP connections, with automatic JSON parsing.
TCP (Raw)
Collect data sent over TCP connections in any format.
Wiz Webhook
Collect security events and alerts sent by Wiz via webhook notifications.