Julian Guica (@datable)

You can watch the full video here:
youtu.be/HxCVEowQZLE

10.06.2025 15:23 👍 0 🔁 0 💬 0 📌 0

What is OCSF?

10.06.2025 15:23 👍 0 🔁 0 💬 1 📌 0

What is OCSF? YouTube video by Julian Giuca

There's a lot of grumbling about OCSF.

Here's why it's worthwhile:

www.youtube.com/watch?v=HxCV...

04.06.2025 21:57 👍 0 🔁 0 💬 0 📌 0

What if your SIEM only saw the logs that mattered?

youtube.com/shorts/EeOwf...

29.05.2025 19:21 👍 0 🔁 0 💬 0 📌 0

26.05.2025 19:17 👍 0 🔁 0 💬 0 📌 0

See absolutely everything YouTube video by Julian Giuca

You can see your entire data ecosystem like this:

youtube.com/shorts/ELa0W...

19.05.2025 19:45 👍 0 🔁 0 💬 0 📌 0

The old way...

16.05.2025 17:28 👍 0 🔁 0 💬 0 📌 0

You've got data being ingested... YouTube video by Julian Giuca

Take 60 seconds and watch this:
youtube.com/shorts/93spR...

14.05.2025 18:21 👍 0 🔁 0 💬 0 📌 0

Too many security teams blame the rule.

They tweak logic, write exceptions, tune thresholds, and still drown in false positives.

But the problem isn’t the rule. It’s the data feeding it.

Bad data in=bad alerts out.

Filter, shape, and enrich telemetry BEFORE it hits your SIEM.

👉 www.datable.io 👈

03.04.2025 17:47 👍 0 🔁 0 💬 0 📌 0

Detection engineers may have the hardest job in tech.

Their role is absolutely critical, they're ignored until something is wrong (rarely praised), and they're consistently pulled away from their core competency to solve other problems.

Am I wrong?

25.03.2025 21:34 👍 0 🔁 0 💬 0 📌 0

My 2 cents.

Do you agree?

24.03.2025 22:01 👍 0 🔁 0 💬 0 📌 0

The plan was simple:

Build Cribl for Datadog.

Big Problem. Clear Pain. Let's go.

—But no one adopted it.

Now I'm looking to SecOps folks for their opinion.

www.linkedin.com/pulse/one-ca...

21.03.2025 18:02 👍 0 🔁 0 💬 0 📌 0

Working on a post for Hacker News (the y combinator board).

Wish me luck.

19.03.2025 16:43 👍 1 🔁 0 💬 0 📌 0

Noisy, redundant security data?

Shape it, enrich it, and route it exactly where it’s needed IN THE PIPELINE—before it drains your SIEM.

Try Datable and make your logs work smarter, not pricier.

11.03.2025 20:47 👍 1 🔁 0 💬 0 📌 0

Should CISOs report to the CEO?

Usually it's CISO>CIO/CTO>CEO.

But I'm seeing CISOs role bloom into a copilot role more often. (At least in SF.)

07.03.2025 20:45 👍 0 🔁 0 💬 0 📌 0

This Tech Company Sent The Largest Bill In History YouTube video by Julian Giuca

Video worth watching in 2025:

youtu.be/gaWArqb13B0

05.03.2025 22:50 👍 0 🔁 0 💬 0 📌 0

Writing a whole article on this tonight.

Shape data in the pipeline, before it gets astronomically slow and expensive to query.

27.02.2025 21:20 👍 1 🔁 0 💬 0 📌 0

Why Data Monitoring Got So Expensive (And How to Fix It) YouTube video by Julian Giuca

How did data monitoring get so expensive?

Why are observability bills through the roof?

Watch here:
youtu.be/C1ubXpNo7AU

19.02.2025 18:18 👍 0 🔁 0 💬 0 📌 0

Secret sauce in this guide:

✅ Hidden Observability Costs
✅ Vendor Negotiation
✅ Data Optimization Strategies

Download it here: datable.io

13.02.2025 22:09 👍 0 🔁 0 💬 0 📌 0

SREs need secure pipelines. Pipelines others can't touch.

But PMs and BI teams need access to the right data, too.

With Datable, everyone gets a pipeline they control—secure, flexible, and theirs alone.

12.02.2025 21:55 👍 1 🔁 0 💬 0 📌 0

Smart Observability Explained YouTube video by Julian Giuca

REMINDER:

I have a full video explaining how to reduce #observability costs.

Free gold for any engineer who wants to have a massive impact on their company's bottom line.

www.youtube.com/watch?v=ZyN-...

11.02.2025 23:53 👍 0 🔁 0 💬 0 📌 0

Here's how it works:

05.02.2025 23:15 👍 0 🔁 0 💬 0 📌 0

This also makes it really easy for us to send the data to third party vendors. If we need to send something out in the Splunk or New Relic format, it’s not a problem.

We take it from that OTel format, transform it into their API, and send it on its way.

03.02.2025 17:39 👍 0 🔁 0 💬 0 📌 0

By normalizing, you ensure consistency. No more dealing with "user_ID" in one place and "userID" in another.

Since data comes from various sources, Datable supports a wide range of formats and protocols: Syslog, Json, Fluent, and open source protocols like the New Relic and Datadog wire protocols.

03.02.2025 17:39 👍 0 🔁 0 💬 1 📌 0

We treat everything as an event at my company.

Log data, trace data, metrics—everything.

And we normalize those events into the OpenTelemetry standard, creating a single, unified playing field for all of our data.

Here's why:

03.02.2025 17:39 👍 0 🔁 0 💬 1 📌 0

And who can blame them? The risk involved.

Developers, business teams—they get completely shut out.

It's a horrible feedback loop where the people who need the data most, can't touch it.

31.01.2025 20:07 👍 0 🔁 0 💬 0 📌 0

"Hey, I'm taking Apache data and converting it to structured JSON."

Great. No problem.

But the second you introduce multiple inputs, different teams, complex transformations—the whole system falls apart. One mod can break everything.

So what do SREs do?

They lock down the configuration.

31.01.2025 20:07 👍 0 🔁 0 💬 1 📌 0

OTel isn’t enough anymore. (THREAD)

Nobody tells you what happens when you use these tools in the real world.

Files get EXTREMELY difficult to manage.

They're great at collecting and sending data, but the more responsibility you put into them, the more complex and slower they become...

31.01.2025 20:07 👍 0 🔁 0 💬 1 📌 0

We normalize events into the OTel standard to create a unified playing field for all our data, regardless of origin.

Datable supports: Syslog, Json, Fluent—AND open source vendor protocols, like NR & DD.

By normalizing all our data, we ensure consistency even as data comes from various sources.

30.01.2025 21:19 👍 1 🔁 0 💬 0 📌 0

Logs, traces, spans = Events YouTube video by Julian Giuca

Had a video to share today but it's 62 seconds long and there's a hard 60-second limit here.

To see it on YouTube, go here:
youtube.com/shorts/Mz0S2...

29.01.2025 22:14 👍 0 🔁 0 💬 0 📌 0

Julian Guica

Latest posts by Julian Guica @datable