From hours of calculations to real-time analytics
Since turning to Splunk Cloud, HKIX visualizes its network management system in a unified view. “Previously my team had to bury themselves in program scripts for hours to generate charts and graphs to complete the system status report,” Chan says. But now, pressing a single button instantaneously yields a wealth of metrics about the company’s security environment on the highly interactive, graphic-rich Splunk dashboard, which also gives the team flexibility to customize how visualizations are displayed.
While the HKIX network management environment includes logs from many different servers, end points, firewalls and Windows and Linux operating systems, the Splunk platform centrally manages all logs on a single pane of glass. This simplified method of collecting, searching and analyzing session logs allows the team to enhance the company’s security environment.
With Splunk, HKIX has significantly improved its security management, reducing mean time to identify (MTTI) and mean time to respond (MTTR) from hours to minutes. Moreover, Splunk Cloud allows users to act on data with the tap of a finger while also giving the HKIX team access to a vast repository of best practices and insightful use cases.
“We are particularly excited about the good amount of security analytics content we can easily download from the Splunk knowledge base, which broadens our horizon on information security,” Chan says. “What’s more, the SaaS model of Splunk Cloud not only brings a whole new level of data protection in the form of geographic redundancy and off-site disaster recovery, but also minimizes our effort in managing the hardware platform, which empowers us to run multiple data centers in a cost-effective way.”