IT Pro is supported by its audience. When you purchase through links on our site, we may earn an affiliate commission. Learn more

Splunk alleges rival Cribl stole its source code for profit, files lawsuit

The data platform's complaint alleges a years-long campaign of misappropriated technical information led by a former employee

Magenta Splunk sign on a building

Data platform company Splunk has filed a lawsuit against rival Cribl, alleging that its CEO and other employees stole source code and technical secrets for its own advantage.

Splunk alleged that former employee Clint Sharp, who left the company in 2017, took code without permission that he then used when he co-founded Cribl the same year.

Additionally, it claims that since its formation Cribl has illegally sourced technical documents from outgoing Splunk employees in order to undermine the company.

“Mr Sharp founded Cribl using code he intentionally and unlawfully took from Splunk when he was a Splunk employee without a licence or permission to do so,” read the complaint.

“Since that time, Cribl and Mr Sharp have recruited numerous Splunk employees to Cribl, and have systematically encouraged employees to take Splunk’s confidential technical and business documents with them. In turn, Cribl has used the information it misappropriated to compete unfairly against Splunk.”

In a blog post, Splunk alleges that it attempted to settle the matter privately, but that this was unsuccessful. It characterises Cribl’s actions as a “coordinated campaign of misappropriation” and claims that the company used Splunk’s Technology Alliance Partner (TAP) programme to further its theft.

After launching in 2017, Cribl joined the TAP program, an agreement that allows partners to add to Splunk’s Enterprise platform, through the use and limited copying of Splunk software.

However, the TAP program agreement states that partners may only use the software to demonstrate the use of extensions with the software and to develop extensions further. Using copies of the software to determine source code would constitute a violation of the terms of agreement.

"The allegations in Splunk’s lawsuit are false, and we will defend against these baseless claims," Cribl stated in a blog post.

"We have built interoperability using our own hard work and open source implementations, such as Eventgen. While Splunk tries to stifle competition through litigation, we will keep our relentless focus on our customers to give them choice and control over their data."

Splunk has requested an injunction against Cribl, Clint Sharp and all associated Cribl entities, from further infringing Splunk copyrights. It has also requested an accounting of the profits that Cribl has made from the activity and subsequent damages. The company has requested a trial by jury.

"Proving infringement of copyright in source code, as Splunk is alleging here, tends to be difficult," said Michael Buckworth, founder at UK law firm Buckworths. "A former employee would be incredibly foolish to use a carbon copy of code he has misappropriated; rather he would likely recode the software to deliver substantially similar functionality.

"New code achieving the same outcome as existing code is unlikely to infringe copyright in existing code leaving the damaged party to look at patent infringement or breach of contractual obligations," he added.

"Splunk may believe that they can prove each allegation that they have made with the result that they could secure significant damages from Cribl, or even have it shut down.

Related Resource

The data strategy report

What CDOs need to know

Whitepaper cover with title and overhead image looking down at colleagues sat at a curvy desk, talking with papers and laptopsFree Download

"Alternatively, this may be a strategic move to dry up investment and other financial support in Cribl. There is nothing that will turn off investors more than a high-profile IP dispute! Either way both parties will now need to prove their position and live with significant costs if they fail.”

Splunk operates in more than 21 regions internationally, providing customers with a suite that provides oversight over their data and allows them to conduct big data analytics. It also aims to improve observability across multi-cloud environments. Last year it announced a new cloud security suite in addition to its other offerings.

Cribl supplies data management solutions to its customers, aiming to provide data flexibility and stack observability. Its service Cribl Stream is used by DevOps engineers and other industry professionals in order to process data in real time, supply context to data, and encrypt sensitive fields. 

IT Pro has approached Splunk for comment.

This article has been updated to include a statement from Cribl.

Featured Resources

2022 State of the multi-cloud report

What are the biggest multi-cloud motivations for decision-makers, and what are the leading challenges

Free Download

The Total Economic Impact™ of IBM robotic process automation

Cost savings and business benefits enabled by robotic process automation

Free Download

Multi-cloud data integration for data leaders

A holistic data-fabric approach to multi-cloud integration

Free Download

MLOps and trustworthy AI for data leaders

A data fabric approach to MLOps and trustworthy AI

Free Download

Most Popular

The top 12 password-cracking techniques used by hackers

The top 12 password-cracking techniques used by hackers

14 Nov 2022
How to boot Windows 11 in Safe Mode
Microsoft Windows

How to boot Windows 11 in Safe Mode

15 Nov 2022
Interpol arrests nearly 1,000 cyber criminals in months-long anti-fraud operation
cyber crime

Interpol arrests nearly 1,000 cyber criminals in months-long anti-fraud operation

25 Nov 2022