The smart and reliable performance of the Splunk solution enables us to access real-time operational insights by extracting actionable information from raw data for detailed analyses and effective security monitoring. We are happy to have chosen Splunk and really look forward to a deeper partnership with Splunk in the future.
Lenovo China Improves Security Operations and Gains Actionable Insights With Splunk
For over 35 years, customers and partners have relied on Lenovo for reliable,
user-friendly technology and exceptional professional services. Generating an impressive RMB 342.2 billion — or US$51 billion — in 2018 alone, the global computer giant ranks number 22 on Fortune’s 2019 Global 500 list and has more than 57,000 employees that span 15 research-and-development centers and 180 markets. As the company continues to scale, Lenovo needed an effective analytics tool to manage data growth and safeguard its operations. Since deploying Splunk Enterprise, Lenovo has:
- Maximized business agility through real-time log management
- Accelerated incident response with enhanced security monitoring
- Heightened operational efficiency
Challenges
- Low availability of data due to inflexible, labor-intensive log analysis
- Ineffective data monitoring and incident response
- Lack of intersystem data correlation to support security operations
- Inefficient management and retrieval of distributed IT data
Business Impact
- Improved security operations with automatic, real-time log management
- Increased reliability with faster threat prediction and timely incident response
- Boosted efficiency with accelerated application development and better use of employees’ time
Security at scale
Gathering continuous streams of data from infrastructure logs, security software logs and application logs, Lenovo China generates two terabytes of data every day. With this ever-growing amount of distributed data, Lenovo needed a reliable solution for proactive monitoring and intelligent analytics that would allow the team to quickly identify and respond to security incidents.
Before Splunk, Lenovo’s security engineers had to retrieve and correlate information from various system logs, then integrate and present the results in a visual format. Demanding hours of the engineers’ time, this labor-intensive process made troubleshooting slow and complicated. If there was a virus infection, for example, engineers were forced to sift through numerous disparate terminal security platforms for relevant details before having to manually correlate all the data.
In search of a scalable platform for log management and security analytics, Lenovo evaluated the efficiency and cost-effectiveness of Splunk, ultimately choosing Splunk Enterprise for its stability, performance and ability to simplify system development.
