What’s Different in Cribl.Cloud Government
This page summarizes how Cribl.Cloud Government differs from commercial Cribl.Cloud: capabilities that are unavailable or constrained, behavior that affects how you deploy and operate the platform, and requirements driven by FedRAMP authorization. For onboarding steps, see Onboarding: Quick Start for Federal Users.
Different or Unavailable Capabilities
| Topic | Cribl.Cloud Government | Cribl.Cloud Commercial |
|---|---|---|
| Product footprint | Cribl Stream, Search, Edge, Lake, Lakehouses, Insights, and Cribl Guard; no Cribl AI product (see AI in Cribl.Cloud Government) | Full suite including Cribl AI |
| Worker Groups | Cribl-managed Worker Groups on AWS only | Cribl-managed Worker Groups on AWS and Azure |
| Cribl Stream Sources | Explicit activation required | Enabled by default |
| External API integrations | Limited | Full |
| AI-assisted Search | Not available | Available |
| Federated Search v2 (federated engine) | Not available; uses the original federated architecture | Available in version 4.17.0 and newer |
| Email notifications | Agency-controlled SMTP | Commercial email delivery service |
| Deployment and data residency | FedRAMP-approved AWS US East/West; workloads stay within those regions | Global regional deployment options |
Authentication and Access Behavior
| Topic | Cribl.Cloud Government | Cribl.Cloud Commercial |
|---|---|---|
| Authentication | Two-factor authentication (2FA) is required for every login. SSO works the same general way as in commercial when you configure it. | 2FA and SSO are available; policies vary by organization. |
| Identity integration | Dedicated Cribl.Cloud Government endpoints and workflows; SAML 2.0 and JIT provisioning as described in Authentication: Identity, 2FA, and Access. | Standard commercial identity options. |
Some SSO diagnostics show less detail than in commercial (for example, Test Connection messaging). See SSO (Single Sign-On): Setup and Requirements.
Security, Compliance, and FedRAMP-Driven Constraints
| Topic | Cribl.Cloud Government | Cribl.Cloud Commercial |
|---|---|---|
| Compliance baseline | FedRAMP Moderate authorized boundary | Standard commercial security posture |
| Cryptography | FIPS 140-3 enforced | FIPS 140-3 not enforced platform-wide |
| Personnel | Production access and Federal customer support limited to U.S. persons (NIST definition) | No U.S.-persons-only requirement |
| Technical support | U.S.-based engineers; 9:00 a.m. PT�9:00 p.m. ET business hours | Standard commercial support windows |
| Data sovereignty controls | Enhanced controls aligned to Federal deployment patterns | Standard commercial controls |
Splunk FIPS Considerations
When integrating Cribl.Cloud Government with Splunk, FIPS compatibility can matter for on-premises Splunk. Cribl.Cloud Government Worker Groups use FIPS 140-3; Splunk Enterprise releases before 10.0 support only FIPS 140-2.
Customers on older Splunk versions may need a hybrid Worker Group on an OS that still supports FIPS 140-2. Splunk Enterprise 10.0 and later support FIPS 140-3. This gap matters most for on-premises Splunk; cloud-to-cloud setups rarely have the same mismatch. Plan Splunk upgrades where needed.
Administrative and Procurement Differences
- Procurement: You cannot purchase Cribl.Cloud Government through AWS Marketplace. Contact your Cribl Federal account team for packaging and ordering.
- Support channels: Cribl.Cloud Government uses standard support channels, and all support processes meet FedRAMP compliance requirements.
- Status communications: The public status page covers commercial and government tenants.
AI in Cribl.Cloud Government
What Is Disabled
The following are not available in Cribl.Cloud Government:
- AI Copilot Investigator and the broader Cribl Copilot experiences that rely on Cribl-operated generative AI. Commercial may ship Search and platform updates that still omit Copilot Investigator and broader Copilot surfaces from the Federal environment. AI features are not currently supported in Cribl.Cloud Government even when they are available commercially.
- AI-assisted Search in Cribl Search.
- In Cribl Guard, AI-powered rule building (including Add Rule with Copilot) and related AI-assisted flows. UI elements that indicate AI state reflect disabled capabilities.
Core Cribl Stream, Search (non-AI), Edge, Lake, and Guard functionality otherwise follows the same general patterns as commercial, subject to the limits in the tables above and the FedRAMP-specific notes on this page.
FedRAMP authorization applies to a defined system boundary and control baseline. Generative AI features typically add new data flows, reliance on additional services, and control inheritance questions that must be explicitly assessed, documented, and authorized. Until those capabilities complete the applicable security assessment and change process for Cribl.Cloud Government, they remain out of scope for production use in the FedRAMP environment. AI capabilities that ship commercially, including BYOM and BYO AI, require separate FedRAMP authorization before they are available in Cribl.Cloud Government.
Cribl Guard in Cribl.Cloud Government
Cribl Guard is offered in Cribl.Cloud Government for eligible licenses. Enterprise licensing rules align with commercial: Guard requires an Enterprise license, and Cribl.Cloud Government does not offer the lower tiers where Guard is unsupported.
Non-AI Guard capabilities behave like commercial (detection, rules, workflows you configure manually). Differences are limited to AI-assisted experiences called out in AI in Cribl.Cloud Government: rule-building assistance and AI status indicators remain off, consistent with the FedRAMP boundary described there.