Splunk Case Studies
Splunk Case Studies
To see some examples of the types of engagements we’ve done, read the case studies. They’re categorized by the main areas we focused on, but each one involved many of the services we offer. Maybe you’ll see an issue similar to one you’re dealing with?
Performance tuning - online real estate company
Business Challenge: Splunk was performing slowly. Splunk users were frustrated because scheduled searches were not returning results.
Solution: We performed a health check and determined that a large number of (> 10,000) scheduled searches were set to run at midnight. Additionally, the architecture was not sufficient to support the data volume. We worked with the customer to reduce the number of scheduled searches as well as optimize the time each search was scheduled to run. Finally, we recommended and implemented infrastructure improvements to maximize performance.
Business Impact: Splunk ran more efficient and they were able to add use cases, allowing them to gain additional insight into their data and improve the ROI on Splunk.
Custom dashboards and performance tuning - oil company
Business Challenge: Customer required visibility into the networking and compute performance of systems used by engineers and geologists to determine where to drill for oil. Customer had spent over a year unsuccessfully attempting to solve this problem using a traditional database, analytics, and ETL tools.
Solution: We used Splunk to correlate the networking and computer performance information to identify bottlenecks, under-performing systems, and areas for improvement. We created a series of dashboards that allowed the customer to see the high level performance overview and drill down into the details of performance problems to identify the root cause.
Business Impact: Customer was able to identify and resolve performance issues, as well as determine the cause for network slowdowns (such as YouTube and Facebook bandwidth usage). By identifying and correcting problems before they impacted the geologists and engineers, the customer was able to improve productivity, reduce costs, and keep the staff in the field happy.
Staff augmentation - state health agency
Business Challenge: Customer uses Splunk to monitor a variety of systems built in-house, as well as IT security. While they are experienced running reports with Splunk, they needed assistance with the administration and management of Splunk.
Solution: We provided support as needed to help with any pressing issues, as well as one week per month of on-site administration services to perform monthly admin tasks.
Business Impact: Customer did not have to worry about the management (care and feeding) of Splunk, had a certified Splunk Architect to perform Splunk administration tasks, as well as support when important issues came up.
Software installation and configuration - hospital
Business Challenge: Customer purchased Splunk Enterprise Security. However, the customer had a difficult political environment as well as a complex IT environment that the security information and event management (SIEM) software had to be implemented in. This was a high-risk engagement.
Solution: We navigated both the political environment and technical environments and installed and configured Splunk Enterprise Security. Once it was operating correctly we trained the customer to ensure their IT environment was secure. The technical complexity arose from sources that were not the standard, out of the box sources. Instead, they required a skilled ES implementer to map the sources to the Splunk common information model (CIM).
Business Impact: Customer had a successful Splunk Enterprise Security installation, thereby improving IT security and customer confidence.
Data onboarding and custom dashboards - bank
Business Challenge: Customer wanted to leverage the data already in Splunk to calculate real estate utilization.
Solution: While the initial proof of concept created by a different company made the exercise look easy, further analysis indicated that the data was messy (missing identifiers, missing values provided by humans, and so on). We were able to clean up the messy data using various correlations and reference data. Multiple sources of data (badge reader, computer login data, network location data, and so on) were correlated to determine the utilization of office space. We provided a series of dashboards and reports to present this information in a meaningful manner to the real estate management team.
Business Impact: Customer is now able to understand real estate usage trends, thereby optimizing the real estate allocation across the company. The end result is reduced real estate costs and happier employees.
Data onboarding, custom dashboards and searches - internet of things manufacturer
Business Challenge: Customer built a complex IoT device that emits a large amount of data from a variety of sensors. Customer did not have a robust solution to analyze the data, or one that could correlate the IoT data with external sources.
Solution: Customer asked us to integrate the IoT device with Splunk, and create searches and dashboards that would exhibit the power of the IoT device when used in conjunction with Splunk. We had to modify the IoT gateway to transmit the IoT data to Splunk, as well as interpret and onboard the IoT data.
Business Impact: Customer is able to demonstrate the value of the IoT device by providing complex analysis of the IoT sensor data, as well as correlate that data with external sources.