Our Use Case PDFs and blog images are only available in German. If you are interested in further information, we are happy to assist you personally. Please don’t hesitate to contact us directly.
Get the PDF for download here: Analysis of time-critical machine data as a Splunk Managed Service
1. The Initial Situation
In April 2019, our client, an international aviation alliance, approached us with the requirement to evaluate and visualize the logs of its various systems and applications for customer service.
This was followed by a joint inventory of the existing systems. In addition, it was defined which data should be analyzed and evaluated.
In detail, our client wanted an analysis and evaluation of all machine data from the most diverse systems that are relevant to a passenger and their well-being during a trip. This includes, for example, check-in or baggage delivery. Was the ticket used to enter a lounge or to shop in the duty-free shop? Did the passenger have special requests or were they a frequent flyer?
The following time-critical machine data should be analyzed for the airline alliance, for example:
- Baggage Tracking
- ContactMe – Status of a piece of luggage
- Delayed Baggage
- Digital Connection Info
- Flight Amenities
- Lounge Information
- Seat Assign
- Seat Map
- ValidateFQTV – Evaluation of frequent flyer status
- GoldTrack – Gold Status Information
NetDescribe’s Recommendation for Central Monitoring of all Machine Data is: Splunk Enterprise in the Cloud
Since a fast implementation – Fast Time to Value – of the project was important for the customer, the decision was made to use Splunk Enterprise in the Cloud – Splunk Cloud Platform as a Managed Service for short.
The solution correlates complex events, enables meaningful insights into machine data and simplifies analyses.
Machine Learning and AI Predictions and prevention instead of just reacting! With data evaluations at machine speed, you improve both security and your business results.
Data Streaming With the help of real-time stream processing, you can capture, process and distribute data to Splunk and other destinations in milliseconds.
Scalable Index You capture and collect your data in terabyte size from thousands of sources – and growing.
Collaboration Tools Features for mobile, TV and augmented reality ensure location-independent interaction and collaboration.
Federated Search Company-wide data analysis through searches with correlated results that capture your entire data ecosystem (including local and third-party storage).
Meaningful Dashboards With your own dashboards, which you can set up easily and intuitively, you can clearly communicate even the most complex data stories.
2. The Use Case
In 1997, five airlines from North and South America, Europe and Asia founded the first global aviation alliance. Even today, our customer is still doing pioneering work – they are committed to innovation in international travel and offer customers a seamless travel experience with the highest level of comfort.
The alliance consists of 26 member companies, each with its own distinctive culture and individual service style. Smooth connections are offered at 50 international hubs via a world-leading global network.
A management company based in Europe and Singapore coordinates the projects and activities of the alliance, such as
- the joint accommodation at airports
- the digital infrastructure
- the integration of frequent flyers
- joint business lounge projects and
- other services to improve the travel experience
The Solution from NetDescribe
Central monitoring of all machine data with the Splunk Cloud Platform. By specifically correlating the most diverse data sources, our customer was able to visualize the journey from ticket booking to baggage claim and use the knowledge gained to continuously improve the user experience. Thanks to the good cooperation between our consultants and the customer’s specialist departments, all requirements were quickly and easily translated into “Splunk language” (SPL).
3. The Implementation
NetDescribe was commissioned to implement the evaluation and visualization of the data with the Splunk Cloud Platform as part of a pilot project.
A major advantage of our long-standing partnership with Splunk was the provision of a free trial license for the project. After a problem-free installation of Splunk by the experts at NetDescribe, all relevant data could be indexed.
Managed Services – the Solution for a Shortage of Skilled Workers and a Lack of In-House Expertise
As in many companies, our customer lacked the technical resources and the necessary know-how to develop and build the project with its own specialist staff. For this reason, there was already the possibility of outsourcing to NetDescribe during the pilot project as part of operational support by our consultants.
Although the pilot project was built on hardware in the data center, we already made the decision in 2019 to rely on the Splunk Cloud. On the one hand, because our customer was open to cloud services very early on and, on the other hand, because NetDescribe was to take over the management and Splunk Cloud Services are ideally suited for outsourcing.
Digital Platform SLA (excerpt from the dashboard)*
Baggage Tracking (excerpt from the dashboard)*
Baggage Tracking (excerpt from the dashboard)*
Gold Tracking (excerpt from the dashboard) Lounge Information
*Source: Splunk
The Splunk Portfolio
Splunk platform. Splunk Enterprise collects and indexes in real time all machine data generated in physical, virtual, or cloud environments. This can include data from applications, servers, networks, sensors, or telecommunications equipment. The solution correlates complex events, enables meaningful insights into machine data and simplifies analyses.
Splunk for security. Splunk Enterprise Security improves all security processes and, as an analysis-driven SIEM (Security Information and Event Management) solution, gives you the holistic view to securely use generated machine data (e.g. information about networks, endpoints, accesses, vulnerabilities and identity data) and to reduce security breaches.
Splunk for IT and Business Services. Splunk IT Service Intelligence (ITSI), as a monitoring and analysis solution, visualizes status data and key performance indicators (KPIs) of critical IT and business services. Splunk ITSI uses machine-driven (artificial) intelligence, identifies existing and potential problems, prioritizes the rapid recovery of business-critical services, and provides analytically driven IT operations.
The Splunk Functions at a Glance
Collection and indexing of machine data Real-time event capture, universal indexing, adapter elimination, use of metric data, timestamps for events
Search and verification Real-time search, transaction search, interactive results
Correlation and analysis Machine learning-based AI, correlation of complex events, event annotations, pattern recognition
Visualization and reporting Dashboard creation, report automation
Monitoring and alerting Monitoring of events and KPIs, proactive notifications
Security and administration Encrypted access to data streams, secure user access
Get the PDF for download here: Analysis of time-critical machine data as a Splunk Managed Service
