

ITRS Geneos and Cribl compete in the enterprise IT monitoring and data management category. Cribl appears to have the advantage for organizations migrating from expensive solutions due to its cost-effectiveness and log management capabilities.
Features: ITRS Geneos offers a highly customizable monitoring solution with real-time data capabilities and on-premises deployment, critical for meeting bank regulations and managing data security needs. It supports complex monitoring scripts and dashboard alerts. Cribl provides flexibility in log management, reducing costs while routing and transforming data in real-time, functioning seamlessly with various diverse data types and systems.
Room for Improvement: ITRS Geneos lacks strong cloud-based solutions, limiting its flexibility for cloud transitions and would benefit from a modernized interface and enhanced predictive features. Cribl can improve on handling large-scale data ingestion and enhance its internal logging and certification processes, while expanding integration support for diverse data sources could simplify user operations.
Ease of Deployment and Customer Service: ITRS Geneos is ideal for industries needing strict data control with its focus on on-premises deployment, yet falls short in hybrid or cloud-native adaptability. Its customer support varies with user feedback. Cribl offers flexible deployments across hybrid and cloud settings, with consistently praised customer support and adaptability for multi-cloud environments.
Pricing and ROI: ITRS Geneos, though effective in regulated markets, is expensive, especially for smaller businesses or non-bank sectors, but provides value when standardizing across departments. Cribl is more affordable, notably reducing data ingestion costs against competitors like Splunk, presenting an attractive ROI due to its effective performance scalability.
What we've seen is really an overall reduction of just shy of 40% in our ingest into our SIM platform versus prior to having Cribl.
The second thing is that data aggregation, sampling, and reduction that we're able to do of the data, lowering our overall data volume, both traversing the network as well as what's being stored inside of our final solutions.
In terms of reduction, we were able to save almost ~40% of our total cost.
With respect to post-mortems during incidents, it really helps during root cause analysis.
They had extensive expertise with the product and were able to facilitate everything we needed.
Usually, within an hour, we get a response, and we are able to work with them back and forth until we resolve the issues.
Sometimes by hearing the problem itself, they will know what the solution is, and they will let us know how to resolve it, and we do it immediately.
I would rate 9 out of 10 with respect to ITRS Geneos's support, support metrics, and their support delivery.
The infrastructure behind Cribl Search is also scalable as it uses a CPU and just spawns horizontally more instances as it demands and requires.
Compared to other SIEM tools I use, any slight change on the operating system end impacts a lot on our SIEM tools and other things, but Cribl performs well in that regard.
Cribl performs effectively across both market segments.
Migrating from those SC4S servers to Cribl worker nodes has truly been a game-changer.
Regarding scalability, we started with zero servers and have around 285 servers now.
Cribl is designed to deal with certain kinds of loads and is not designed to handle any scenario in the market.
The product is really capable of handling large volume data.
A more stringent role-based access control feature would enhance security and allow granular control over what users can see and access.
When passing query logs or DNS logs, if certain malicious query patterns need to be identified or if fast-flux attacks are happening, Cribl can report that and those would definitely be a plus for them.
I would advise others looking to implement Cribl that if they are evolving Cribl Search, it would be very interesting to see more capability, more flexibility, and more ways to share the data similar to Splunk.
Modern cloud platforms and data cloud platforms require more attention from the product.
Over time, the licensing cost has increased.
It was cheaper than the Splunk license.
Splunk is more expensive, and Cribl appears to be more affordable.
The data reduction and preprocessing capabilities make Cribl really unique.
Cribl has a feature called JSON Unroll or Unroll function that allows you to differentiate the events; each event will come ingested as a single log instead of piling it up with multiple events.
The Cribl UI is very simple and easy to use, particularly when working with data from various sources; it makes it very easy to create pipelines, add complex logic to those pipelines, and then gives you a preview of what your data looks like before applying that pipeline and what you get after.
The advantages and strong points of ITRS Geneos for me personally are seamless integration with existing systems as well as upcoming modern systems.
| Product | Mindshare (%) |
|---|---|
| Cribl | 1.2% |
| ITRS Geneos | 0.9% |
| Other | 97.9% |


| Company Size | Count |
|---|---|
| Small Business | 46 |
| Midsize Enterprise | 8 |
| Large Enterprise | 34 |
| Company Size | Count |
|---|---|
| Small Business | 6 |
| Midsize Enterprise | 12 |
| Large Enterprise | 40 |
Cribl offers advanced data transformation and routing with features such as data reduction, plugin configurations, and log collection within a user-friendly framework supporting various deployments, significantly reducing data volumes and costs.
Cribl is designed to streamline data management, offering real-time data transformation and efficient log management. It supports seamless SIEM migration, enabling organizations to optimize costs associated with platforms like Splunk through data trimming. The capability to handle multiple data destinations and compression eases log control. With flexibility across on-prem, cloud, or hybrid environments, Cribl provides an adaptable interface that facilitates quick data model replication. While it significantly reduces data volumes, enhancing overall efficiency, there are areas for improvement, including compatibility with legacy systems and integration with enterprise products. Organizations can enhance their operational capabilities through certification opportunities and explore added functionalities tailored towards specific industry needs.
What are Cribl's most important features?Cribl sees extensive use in industries prioritizing efficient data management and cost optimization. Organizations leverage its capabilities to connect between different data sources, including cloud environments, improving both data handling and storage efficiency. Its customization options appeal to firms needing specific industry compliance and operational enhancements.
ITRS Geneos offers a customizable platform for real-time monitoring with minimal system impact, facilitating insights across multiple platforms. Known for its scalability, it efficiently integrates with other tools, supporting industries with its proactive monitoring capabilities.
ITRS Geneos allows users to effectively manage financial services infrastructure by monitoring trading systems, treasury management, and FX operations. It provides real-time dashboards to track server uptime, application performance, and health metrics. Users benefit from its enterprise-wide data aggregation, alerting features, and script adaptability while needing improvement in cloud monitoring and AI-based predictive functionalities. The tool's setup requires some expertise, suggesting a need for more intuitive solutions.
What are the most important features of ITRS Geneos?ITRS Geneos is prominently utilized in financial sectors. Banks and financial institutions leverage its capabilities to monitor infrastructure and application performance, optimizing trading systems and FX operations. It builds comprehensive dashboards, offering valuable insights into server health, application logs, and network performance, contributing significantly to operational efficiency.
We monitor all Application Performance Monitoring (APM) and Observability reviews to prevent fraudulent reviews and keep review quality high. We do not post reviews by company employees or direct competitors. We validate each review for authenticity via cross-reference with LinkedIn, and personal follow-up with the reviewer when necessary.