Travel management company Redfern has deployed Splunk for proactive monitoring to comply with the government’s Information Assurance programme.
Splunk was deployed to support a government contract through which Redfern is supplying a domestic travel booking service to UK government departments including HM Revenue and Customs, the Department of Education, Defra, the Department of Health and the Home Office.
Redfern deployed Splunk to monitor the critical infrastructure that underpins the Government Travel Booking Service.
It is used to look for events in relation to unauthorised access or government data leaving the organisation.
To meet the requirements of the contract, Usman Hamid, Redfern's head of IT, said the company needed to support GPG13 (Good Practice Guide 13) with the government’s Information Assurance (IA) initiative.
He said: "Redfern did not have a central logging tool, but we knew Splunk could be used for basic monitoring."
More articles on Splunk
By implementing Splunk, Redfern was able to standardise on one set of tools, rather than implementing a specialist log monitoring tool, he said.
Hamid previously worked for shopping channel QVC, which trialled Splunk. He also saw how it was deployed at OnHotels.com, which implemented it for proactive monitoring and control. "We liked the way we could store all the data and use Splunk to present it back in a meaningful way," he said.
"Splunk’s logging, searching, reporting and alerting technology was already well proven since it is widely used throughout local government and the Cabinet Office. Kevin Tunsley of EQALIS [Splunk’s leading UK partner] gave us a full demonstration of Splunk, the GPG13 compliance app and showed us its potential for providing complete operational visibility and intelligence. We were impressed by Splunk’s simplicity and flexibility to be more than just a monitoring solution."
Hamid was also keen to use Splunk for operational management, which is how the tool is used at John Lewis. He added: "Many people look at tools like Splunk only as a means of centralising all the logs from their IT estate into one place and then just leaving it, in effect a tick-box for compliance. What I saw in Splunk was the ability to actually harvest that data into something more meaningful, to allow for better decision-making through operational intelligence.
"We could track unique [customer] journeys in real time on the website by using Splunk in operations."
Redfern used EQALIS, an Accumuli company, to implement Splunk. The software was deployed in five days.