Log searches in seconds, not a day

With Splunk Cloud Platform, OPEN8 can now monitor and collect log data on a single pane of glass, leading to increased efficiencies across its multicloud operations.

“Being able to analyze the company’s diverse logs on one dashboard means we can track information chronologically and easily follow user trends,” Ishibashi explains. Different teams can search the logs they need within seconds — a drastic improvement from the previous system that required a day to accomplish the same task. “Because the Splunk platform saves so much time on the initial log filtering, we have more bandwidth to analyze the data," says Ishbashi. These improvements have led to markedly better service for OPEN8’s customers.

To start, Ishibashi and his team limited use of the Splunk platform to a select set of features that helped OPEN8 collect and analyze the increased number of logs due to rapid business growth. OPEN8 has since expanded its use of the platform to manage diverse types of logs with Splunk Cloud Platform, including Video BRAIN application logs, customer-facing SaaS logs, and those related to web access, authentication, backend database and analysis. To help OPEN8 keep up with its rapidly expanding user base, Splunk Universal Forwarder collects logs from 60 virtual machines at one-minute intervals. Crucially, OPEN8 can also run its services smoothly in its multicloud environment with hybrid products like Oracle Cloud and Microsoft Azure.

Fostering a culture of information sharing and collaboration

In addition to enhancing log management for OPEN8, Splunk Cloud Platform also supports a culture of log usage and information sharing throughout the company. Because Splunk does not employ a per-user pricing model, OPEN8 can extend the platform to all engineers. “By posting URL links to the Splunk dashboard on Slack, engineers from different departments can easily access the Splunk platform themselves and search for whatever logs they want," Ishibashi says. All logs are forwarded to the Splunk platform during the aggregation process, and information is shared on a chat board to all product team members, allowing them to collaborate on issue investigation.

Even users without basic knowledge of search processing language or advanced query skills can filter logs easily by inputting keywords on the Splunk platform — just like conducting a Google search. And, users can narrow the search scope to get faster results. "This lets our staff have more opportunities to work with logs," says Ishibashi. “By allowing each engineer to operate in a data-driven way, Splunk also clears the way for our DevOps initiatives.”

From log management to observability and beyond

Moving forward, OPEN8 plans to integrate other types of logs onto the Splunk platform, including those generated from its development and quality assurance testing environments. “Centralizing all logs — which are scattered everywhere during application development — is an effective way to reduce communication loss and speed up issue investigation,” Ishibashi says.

He also plans to apply Splunk solutions across other functions. “With its ability to visualize incidents through log correlation analysis, Splunk Cloud Platform could be applied to our SIEM solution to protect us against internal breaches, external threats and other security risks. It’s a solution with so many possibilities,” says Ishibashi, who expresses particular interest in Splunk SOAR, which strengthens security management by triggering alerts and automating response and repairs.

Not far in the future, OPEN8 hopes to use Splunk Observability Cloud to analyze and correlate logs within a specific timeframe and easily track user behaviors. The company is optimistic that with Splunk, it will be able to continually improve its quality of service — leading to even better business outcomes and continued growth.