- Own and manage its data directly rather than leaving it siloed in vendor systems.
- Start large-scale extract, transform, and load (ETL) operations, allowing engineers to run analytics and AI-based use cases like retrieval-augmented generation (RAG).
- Reduce costs associated with rigid SIEM licensing and storage tiers.
- Improve compliance with new PCI DSS v4.0 requirements for automated log review in its payment card processing system.
- Boost operational efficiency so engineers could spend less time managing tools and more time brainstorming new ideas.
The challenge of unlocking from vendors
To execute its data-ownership vision, Avnet partnered with Cribl, a platform designed to pull in data from many sources, filter it in real time, and then send it wherever it’s needed, without being tied to a single vendor’s ecosystem.
The move to Cribl, while beneficial for Avnet, required a rethinking of how security data should flow across an enterprise.
“Cribl pushed us to reconsider how we managed data security,” Chan explains. “The biggest shift was separating our data from the tools that generate it. Previously, everything lived inside individual platforms or our SIEM, making it siloed, inflexible, and expensive.”
Cribl ultimately helped Avnet’s security team move to a centralized architecture that captures, routes, and stores data more cost-effectively. The security team now owns its data outright, with the freedom to analyze it on its own terms rather than through vendor dashboards.
