00:23:41 Christopher Caldwell: https://github.com/criblpacks/cribl-palo-alto-networks 00:28:29 Christopher Caldwell: This is what my entitlements for free/1tb show: License limits: {"remote_git":0,"remote_auth":0,"rbac":0,"worker_groups":1,"worker_procs":10,"distributed_upgrade":0,"kms":0,"notifications":0} 00:37:33 Nick Lewis - Internet2: Presentation from UCLA Health: https://www2.internet2.edu/l/66332/2021-07-30/dxzd7y/66332/1627668530LGUmtkGr/doc_I2_UCLA_AWS_Webinar.pdf 00:37:43 Nick Lewis - Internet2: I’ll find the recording for the notes. 00:42:05 Christopher Caldwell: Also a Cribl slack: cribl-community.slack.com 00:45:22 Darren Fallis - NC State: https://docs.splunk.com/Documentation/Community/1.0/community/Chat 00:45:48 Christopher Caldwell: phantom too: phantom-community.slack.com 00:47:30 Christopher Caldwell: https://sandbox.cribl.io/course/metrics 00:48:25 Jade Fitzgerald - Brandeis University: That's accurate, non-index time fields can't use tstats 00:48:45 Edward Wade (UCSD): unless you're targeting accelerated data models 00:57:58 Darren Fallis - NC State: @Edward this? https://splunkbase.splunk.com/app/2991/ 01:00:40 Christopher Caldwell: This article touches on metrics, but it also makes mention of data replay to an ephemeral log system. Might be a use-case for Elastic container. https://cribl.io/blog/extract-metrics-from-logs/