Bachner Elektro GmbH & Co. KG

Projects:

• With SIEM to efficient IT operation

Requirements

Bachner has decided to place monitoring and reporting on a test rig and to replace the existing insular and legacy solutions with a modern, unitary umbrella platform for SIEM, IT operations and reporting. The monitoring landscape should be expanded sustainably and operational and safety-related data consolidated from a wide variety of IT systems.
 

Services & Solutions

• The customer’s assets and requirements were analysed. The project team then defined the deliverables for the new solution and developed a corresponding migration concept. The core of the solution rests with Splunk Enterprise, one of the market leaders in data platforms. The software accepts, indexes, processes and analyses relevant log files from the existing ATP platforms, firewalls, SD-WAN consoles and network management appliances. The analysis results are then prepared in graphical format and exported in individually adaptable dashboards.
• In order to utilise the incoming flood of data to best effect, the project team has also implemented the CESAR app, developed by Controlware and based on the Splunk platform. This extends Splunk Enterprise out-of-the-box by more than 20 preconfigured use cases from the AD, server, M365, firewall, proxy and mail ranges and allows the client to gain reliable and robust results from its SIEM in an impressively short time.
• After the first year in service, the data volume in the SIEM field had more than doubled and, in order to increase scalability, the Splunk Enterprise platform operated on the premises was migrated into the Splunk Cloud. This Cloud-based version of the solution offers a virtually identical functional scope, but manages entirely without local components and, moreover, the log files are stored completely in the Cloud.
   

Benefits

• The SIEM platform, based on Splunk Enterprise, allows Bachner to keep the complex IT infrastructure at six sites in Germany, as well as one in each of Austria and the USA, in view at all times and to optimise it constantly.
• By introducing the Splunk solution, the client's IT team receives a detailed overview of the IT landscape and is able to locate potential optimisations and potential weak points. New systems can be integrated in the solution simply and quickly as required, without changing the configuration.
• With the CESAR app extension, most relevant use cases can be bundled compactly and conveniently, e.g. for handling alarms, for planning backups and for monitoring the compliance and audit status.
• By considered application of use cases and careful correlation of analysis results, it is possible for Bachner to generate a potentially increasing added value without committing additional investments.
• With the platform solution, the client has acquired a very robust foundation for new innovation projects and can use IT better than ever before as a driver for its business.

Focus subjects:

• IT Management
• Business Analytics & Big Data

Solution partner:

Alle solution partners

Splunk Inc.

Splunk is a primary Big Data analysis tool without an underlying database. Splunk indexes all ASCII containing and delimited machine data. Splunk thus makes unstructured data (data that is not stored in a DB) accessible and usable for the company. Controlware has been a Premier Partner (reseller) since 2017. In addition, the MSP elite status was achieved in 2020. These partner statuses, in conjunction with our certified Splunk specialists, qualify Controlware for the best possible support of Splunk Enterprise customers and make it possible to effectively support the monitoring and evaluation of large data volumes and set the course for efficient IT operations.

to Partner website

---