bluecue – The German secret to success in the channel

With over 20 years in the industry, bluecue consulting GmbH is well experienced in advising organizations about the requirements of, and helping them to implement, digital services that are flexible and powerful. They have particular know how in information security audits to help IT departments introduce compliance processes like the ISO27001 framework or the German BSI standard. Additionally, they focus on increasing the efficiency of IT Service Management in organizations by reviewing and optimizing incident-, change- and configuration management.

Bluecue has been a Splunk Partner in Germany for over four years. We have interviewed Ralf Walkenhorst, Head of Solution Sales from bluecue to find out a bit about their secret to success…

What’s the secret of bluecue’s parternship with Splunk?

“Splunk enables us to embed and distribute our knowledge to customers at scale and with a short time to value. We have a team of experienced consultants who have been working for over a decade with different IT solutions and compliance regulations. The flexibility of the Splunk platform allows us to package up our know how into apps which can be quickly deployed by our joint customers. For example, we have implemented Splunk at the Viessmann Group, an leading manufacturer of boilers and systems for industrial energy and cooling. They deployed Splunk across locations from Canada to China– all managed from their main location in Germany. They started by validating that some of their CAD Workplaces could be centralized through Citrix – quickly this resulted in many “aha moments” and further use cases to monitor and improve their it operations.”

You have developed the application “bluecue Review for Active Directory” – can you tell us a bit more about that?

“Organizations are commonly challenged by Active Directories that have grown organically over time. As a result user rights are assigned without following any process and documentation is often lacking. Then when compliance or governance regulations are introduced it is challenging for teams to keep up with them.

With bluecue Review for Active Directory we share over fifteen years of our experience with Active Directory migrations. For example, instant visibility and documentation of changes in Active Directory is a hot topic, so with the app you can make sure you know the state of your objects in Active Directory at any time. This includes who assigned, changed or removed privileges for users or groups. We helped an 230+ Employees organization, to deliver world class IT quality standards through transparency in the area of IT compliance. They were really impressed by the fast and smooth implementation of the solution.”

Recently you added a new use case to deliver additional insights through the app – what does that cover?

“In our latest update we introduced documentation of Microsoft Group Policy (GPO) changes including what was changed in the GPO. If you do some research you learn that Active Directory just records in the Windows event log that there was a change – but not exactly what was changed through the Group Policy, for example “Password expire date was changed from 365 Days to 90 Days.”

The only way to find changed attributes and values would be to run the Get-GPOReport Powershell command before the change and again after. This will give you two reports from which you have to do a diff to find out the differences. This use case including the data collection capabilities it requires is addressed out of the box in the recent update to our app.”

You also published an app for GDPR – what is this about?

Many organizations will look to ensure they comply with the global data protection regulation (GDPR) of the European Union which is goes into effect in May 2018. To help these companies we built an initial app to guide them through the regulation and help with some reporting ideas. Machine data is relevant for various requirements in GDPR such as for scoping breaches quickly to comply with the 72h breach notification rule as well as to monitor and ensure only authorized individuals are accessing systems and applications where PI data is stored.

The app is a starting point to document what organizations should look for. Look out for more updates and out of the box functionality coming over the next few months.

Thanks a lot to bluecue for ensuring that our joint customers are successful.

Happy Splunking,

Matthias