Case Study

SPIEGEL-Verlag Saves Resources With Proactive Error Prevention

Executive Summary

SPIEGEL-Verlag is a media company situated in Hamburg, Germany. Together with SPIEGEL ONLINE, the leading news website in the German-speaking Internet, SPIEGEL reaches more than 12 million users per week: on paper, online, or on mobile devices. The systems management department had to guarantee fast and reliable troubleshooting capabilities. Since deploying Splunk Enterprise, SPIEGEL-Verlag has seen benefits including:

  • Improvement in troubleshooting
  • Error analysis now can be completed much faster
  • Improved system security
    • Dealing with rapidly growing volumes of data
    • Needed to guarantee fast and reliable troubleshooting capabilities
    • Existing process was extremely timeintensive and used up a great deal of manpower
Business Impact
    • Visibility into online infrastructure means Der SPIEGEL can respond quickly and accurately when users experience problems with downloading or registration
    • Reduced time and manpower for identifying and resolving errors, freeing up resource to be more strategic
    • Early error identification and error avoidance prevents serious issues from occurring
Data Sources
    • Cisco landscape
    • Firewall logs
    • Mail server
    • WLAN infrastructure
    • DHCP server
    • Backoffice/Web

Why Splunk

Traditionally, the department had used a classic syslog server for data analysis and system monitoring. This process was extremely time-intensive and used up a great deal of manpower.

It was thus crucial for the systems management team to find a solution that could analyze these increasing data volumes in real time, spot and troubleshoot errors, and visualize the results in dashboards. Splunk Enterprise fulfilled all the criteria that SPIEGEL-Verlag considered crucial, including simple implementation and consolidation, overall visibility across all systems, clear visualization through meaningful dashboards and comprehensive alerting functions. After SPIEGEL-Verlag made the decision to deploy Splunk software, the solution was up, running and operational within a single day. The implementation was supported by Consist Software Solutions, a consultancy IT service provider and Splunk reselling partner.

With Splunk Enterprise, data from the Cisco landscape, firewall, mail server, WLAN infrastructure and the DHCP server can now be indexed and analyzed by SPIEGEL-Verlag’s systems management department. The results flow directly into the monitoring process and are displayed in clear dashboards and reports. This is used as an information source for other departments and is already used for reporting to management.

“We see great potential in Splunk and this clearly translates into advantages for SPIEGEL-Verlag, by making our work much faster, more transparent and efficient. We are not only capable of discovering previously unknown errors in our system, but we can also fix the problems in real time, and at the same time understand how such problems can be avoided in the future. Thanks to Splunk, our performance has greatly improved.” 

Henrik Naß
System Management & Monitoring

Time savings with faster troubleshooting

The ability to search individual systems and networks for anomalies and then correlate them to identify errors was the key reason for the implementation of Splunk Enterprise at SPIEGEL-Verlag. As a result of deploying Splunk software, the systems management team was able to achieve a significant improvement in troubleshooting within a very short period of time. Compared with the previous approach, the error analysis now can be completed much faster and with greater precision, with SPIEGEL-Verlag’s mean-timeto-investigate and mean-time-to-resolve incidents a fraction of what they were previously.

Smart alerting for increased security

Through Splunk Enterprise, SPIEGEL-Verlag has set up a series of alerts to ensure that any potentially risky anomalies are identified and can be acted on immediately. One example is that log in problems can now be investigated comprehensively. Splunk software recognizes unauthorized log in attempts into the network and forwards these alerts to the IT department in real time. This both increases reaction capabilities enormously and significantly improves system security.

Proactive error prevention

When errors occur, the Splunk alert function announces them via SMS or email to the appropriate team. The data is based on real-time events and makes it possible for the team to react immediately. The department benefits from this learning and can prevent the same errors from recurring. Since Splunk Enterprise allows for the collection of both real-time and historical data, the IT department can examine past anomalies and find the root causes of problems, thus improving the security of the system.

SPIEGEL-Verlag quickly realized that the strengths of the Splunk solution could also be applied advantageously in other areas of the company. 

The publishing house offers its readers a digital version of the news magazine Der SPIEGEL as a commercial download, with the back-office taking on the management and service responsibilities for this initiative. This includes dealing with all problems users experience with downloading or registration. Thanks to Splunk Enterprise, the back-office team now has far greater visibility into these issues and error analysis is optimized. The back-office can generate, on demand, statistics about performance, possible traffic peaks and failures, and can thus offer users direct and fast support.