Universities Deploy Observability Tools to Monitor IT Environments

Observability tools are essential for ensuring system reliability, driving good customer experiences and reducing downtime, says IDC analyst Stephen Elliot.

The technology works by leveraging telemetry data, such as logs, events, traces and metrics, that applications and systems generate to provide real-time visibility into performance and security, says Intellyx analyst Jason Bloomberg.

“Without observability, organizations don’t know what their applications, systems or cloud services are doing or how they’re performing, so it’s a must-have technology,” Bloomberg says.

Most IT organizations use observability tools, but traditionally they have been separate tools for network, infrastructure or application performance monitoring. Now, they’re increasingly adopting unified platforms that aggregate the telemetry data and analyze it holistically, enabling teams to collaborate to prevent or resolve issues faster, Elliot says.

For higher education, system availability and reliability are critical because that impacts teaching and learning as well as an institution’s reputation, he says.

“If certain applications aren’t working, if you are not able to offer classes online, then things go haywire pretty quickly, and quality of service goes down,” Elliot says.

Splunk Enables Collaborative IT Management at NJIT

NJIT, a public research university with more than 13,000 students in Newark, N.J., began using Splunk about 10 years ago as a niche solution for system logging. Over time, as Splunk evolved and expanded its product family, the university increased its adoption.

Initially, IT staffers deployed Splunk on-premises; then, as their use of Splunk increased, they moved it to AWS, where they continued to manage the implementation themselves. Recently, when they licensed Splunk Enterprise Security to bolster cybersecurity, they moved everything to Splunk’s managed cloud, which provides the features and scalability the university needs, says Matthew Hoskins, NJIT’s director of core systems and cloud services.

Today, the university uses the Splunk Observability Cloud, which unifies telemetry data and performs real-time monitoring of infrastructure and application performance across NJIT’s hybrid environment. On the security side, Splunk Enterprise Security serves as its security information and event management tool, analyzing data to detect threats and vulnerabilities.

READ MORE: AI-driven observability is becoming a priority for organizations.

NJIT’s approach hasn’t required ripping and replacing existing monitoring tools. The university continues to use PRTG for network monitoring and the open-source Nagios for IT infrastructure monitoring, feeding data from both solutions into Splunk for centralized visibility, Hoskins says.

Each IT team — including applications management, service desk, security, telecom, educational technology and data analytics — creates custom dashboards and alerts within Splunk. “There’s no ivory tower with Splunk. We give everybody access to innovate, so each team can log in and make their own dashboards,” Hoskins says.

With its centralized interface, Splunk’s analytics tool allows NJIT to be proactive instead of reactive. For example, the IT staff can get alerts that a file system is running out of space, allowing them to fix the issue before it impacts users, he says. When problems arise that cross team boundaries, Splunk enables strong collaboration, which accelerates troubleshooting. 

“When they’re collaborating, it’s their collective intelligence working to solve problems. That’s been a game changer and accelerator for us the past couple of years,” Haggerty says.

NJIT runs a security operations center (SOC) where students use Splunk to handle Tier 1 security issues during the day on weekdays, under an external cybersecurity provider’s supervision. Students gain real-world experience, while the provider handles complex incidents and provides 24/7 coverage.

The university’s IT team has integrated Splunk Enterprise Security with ServiceNow, NJIT’s IT service management platform, to automatically create tickets when vulnerabilities are detected. That ensures issues are tracked and assigned to appropriate teams.

“Monitoring from a security perspective opens up all these new opportunities to further protect our people and data,” Haggerty says.

Western Kentucky University Adopts SolarWinds for Unified Observability

Western Kentucky University, which has more than 16,000 students, also relied on several stand-alone monitoring tools. But as its campus and IT environment grew, its monitoring needs became more complex.

“The stand-alone tools each showed part of the picture, but not the full story,” says Jeppie Sumpter, WKU’s assistant vice president of IT services. “Our challenge wasn’t a lack of monitoring. It was the need for unified, context-rich proactive insight.”

The university, in Bowling Green, Ky., has been a SolarWinds customer for more than a decade. As SolarWinds expanded its product capabilities, so did WKU’s usage. The vendor’s move into full-stack observability aligned with the university’s needs, prompting Sumpter to install SolarWinds’ Hybrid Cloud Observability solution about three years ago.

The observability tool, which integrates with SolarWinds’ server, database and network monitoring tools, provides visibility across WKU’s entire environment, Sumpter says. Its data center powers major academic and administrative systems, but the university has gradually added more cloud-based and hosted apps.

“The value is in the correlation — not just seeing that something is slow but quickly pinpointing why based on end-to-end visibility,” Sumpter says.

The benefits include faster troubleshooting, fewer blind spots as teams work from shared system health data and reduced downtime because performance changes are caught early, he says. SolarWinds’ automation rules and anomaly detection flag potential issues and alert IT staff.

“This shifts our operations from reactive to preventive,” he says.

While it’s not primarily a security tool, SolarWinds supports early detection of security-related anomalies.

“Overall, observability has improved service reliability for students, faculty and staff, and has made day-to-day operations more efficient for our team,” Sumpter says.

Observability Tools Drive Student Success at the University of Arizona

In Tucson, Ariz., the University of Arizona has used Splunk as its primary observability tool since 2018, part of a broader effort to strengthen its security posture. CISO Tim Schwab oversees a SOC that relies on Splunk for threat detection and incident response.

UP NEXT: Observability solutions can improve digital experiences.

Arizona’s implementation centralizes and analyzes data from diverse data sources, including network equipment, web server and authentication logs, cloud environments and endpoint security software. Splunk’s automated alerts allow the SOC team to focus on actionable insights from security-related events rather than being overwhelmed by data, he says.

The consolidation of telemetry data improves operational efficiency, accelerates incident response and helps with rapid recovery, Schwab says. Reducing the number of tools also simplifies IT management.

Overall, good observability is important to ensure student success, and as a research institution, safeguarding research data and intellectual property is also key, he says.

“Our more than 54,000 students expect reliable access to digital services. It’s essential for teaching and learning,” Schwab says. “Anytime you have an outage or breach, it seems like it makes the news, and people are looking at your university reputation as being impaired. Having that strong security posture builds trust among our students, faculty and partners.”