Splunk has fundamentally changed how we operate. We now have more holistic visibility in our systems with verifiable performance data and security monitoring. This level of operational certainty is essential for maintaining the reliability our business requires.
Singapore Pools Revolutionizes Operational Visibility and Security for Digital Transformation
Key Challenges
Singapore Pools’ operational framework faced critical challenges that threatened both service continuity and customer experience.rity analysts were unable to correlate logs across systems. Both needed to rapidly detect and respond to threats to keep students, faculty, patients, and IP safe.
Key Outcomes
Singapore Pools met operational and security needs with centralized log intelligence, enabled proactive service optimization with real-time correlated visibility, and stayed ahead of threats with automated security monitoring.
Creating a foundation for operational excellence
As Singapore’s only licensed gaming operator, Singapore Pools manages one of the most transaction-intensive digital platforms in the region, with a technology infrastructure supporting millions of daily interactions where system reliability and security cannot be compromised. However, it comprises hundreds of application servers distributed across three data centers, creating a complex web of systems that proved difficult to monitor effectively.
Lacking a unified view of application performance and availability, the technical teams had to manually correlate data across multiple servers to investigate system issues. Application support staff needed to file service requests with infrastructure teams to access server logs through “an endless cycle of manual retrieval and reactive troubleshooting” according to Alex Chan, Singapore Pools director of infrastructure operations, which typically consumed hours per incident. Delayed resolution also created unpleasant experiences for customers attempting to complete time-sensitive transactions.
The Security Operations Center (SOC) also faced visibility challenges with analysts threat hunting spending eight hours each day manually hunting for security vulnerabilities across disconnected log systems. Without automated correlation capabilities, the team struggled to detect sophisticated attack patterns. These technical limitations translated into tangible business risks. Minor application hiccups frequently escalated into issues before detection, sometimes resulting in failed transactions during peak usage periods. The security team’s inability to rapidly investigate potential breaches also created compliance exposure. Most critically, the lack of real-time operational intelligence meant the company could not proactively monitor application performance, resulting in slowness when reacting to application issues.
As a result, Singapore Pools’ operational framework faced critical challenges that threatened both service continuity and customer experience. To create a foundation for operational excellence, the company turned to Splunk.
Outcomes
99%
faster issue investigation
80%
improvement in efficient transaction analysis
50%
faster in daily threat hunting
Eliminating bottlenecks to transform security operations and achieve proactive monitoring
Singapore Pools established three non-negotiable requirements for Splunk, which included unified log management with role-based access controls; automated security monitoring with threat intelligence integration; and customizable dashboards for real-time performance analytics. Splunk Enterprise not only addresses these needs but also delivers unexpected capabilities through centralized log intelligence that transforms how Singapore Pools manages its digital infrastructure and fulfills both operational and security needs.
Previously, it took engineers hours to trace transaction flows across systems, but with Splunk consolidating logs from all servers into a single searchable repository with granular access controls, they now retrieve complete audit trails in under two minutes using Splunk’s intuitive query interface. Real-time correlated visibility also enables proactive service optimization rather than having the team constantly chasing problems due to fragmented visibility.
“Our infrastructure team regained hundreds of productive hours previously lost to manual log retrieval,” says Alex Chan, Director, Infrastructure Operations at Singapore Pools. “More important, we reduced mean time to resolution for customer-impacting issues by up to 99 percent.”
The custom-built Splunk dashboards give operational teams unprecedented visibility into system health metrics. Real-time visualizations help to track transaction volumes by data center, application latency trends, and user activity patterns, and this enables the teams to proactively detect anomalies before they affect service quality. Operational efficiency gains are reflected by the reduction of issue investigation time from more than four hours to two minutes, a 99 percent improvement, and an 80 percent gain of transaction analysis efficiency compared to manual reconciliation of transactions.
Enhancing security operations and customer experience
Automated security monitoring is crucial in today’s threat landscape. Splunk Enterprise Security revolutionizes threat management for Singapore Pools — by automating correlation of security events across systems and reducing false positives by 60 percent, while integration with the MITRE ATT&CK framework helps analysts contextualize potential threats.
The SOC team’s daily threat hunting time decreased from eight hours to four, saving 50% of time, which is reinvested into developing advanced detection rules. Most critically, Splunk’s audit trails provide the evidentiary foundation Singapore Pools need to demonstrate compliance with Singapore’s rigorous gaming regulations. “Splunk improves our threat hunting efficiency and gives us the immutable evidence we need,” says Eugene Teo, Senior Manager, IT Security Operations at Singapore Pools. “It’s the foundation of our security and regulatory strategy.”
Singapore Pools is now able to enhance customer experience by detecting memory leak patterns in application servers before they cause outages through proactive monitoring. System and application visibility also improves system responsiveness during high-traffic events, while the company can strengthen customer trust through the demonstration of better data protection.
The road ahead with Splunk
The Splunk implementation at Singapore Pools demonstrates how comprehensive data analysis can drive measurable improvements in system reliability and security. It is able to show that, when properly implemented, advanced monitoring solutions can help transform fragmented system visibility into actionable insights and convert reactive troubleshooting into proactive maintenance. With core monitoring and security challenges addressed, Singapore Pools is now leveraging Splunk to drive strategic initiatives — which include predictive capacity planning — by applying machine learning to historical performance data. The infrastructure team can now forecast system demands, ensuring optimal resource allocation during major sporting events and lottery draws.
The upcoming deployment of Splunk SOAR (Splunk Security Orchestration, Automation and Response) will automate response playbooks for common threat scenarios, further reducing the SOC’s workload while improving incident response consistency through automated security orchestration. Besides, as Singapore Pools expands into cloud environments, Splunk’s federated search capabilities will maintain seamless visibility across all platforms. Unified hybrid cloud visibility is a critical requirement as Singapore’s data sovereignty regulations evolve.
Splunk has laid the blueprint for digital operations excellence for Singapore Pools, continuing to demonstrate how intelligent data management can transform operational resilience in highly regulated industries. Splunk’s implementation solves immediate technical challenges and creates an entirely new operating model where data-driven decisions replace reactive firefighting. This directly supports Singapore Pools’ core mission in delivering secure, reliable services while maintaining the highest standards of regulatory compliance.
