Like many organizations, the University of Illinois began its data analytics journey with IT-centered use cases. However, as the university experienced success with the technology, officials continued to press ahead with new applications.
“We brought it on primarily as a security tool and to address various operational needs,” Joe Barnes, chief privacy and security officer for the University of Illinois, said in an interview with EdTech at Splunk’s recent .conf19 conference in Las Vegas. The university began using Splunk Enterprise in 2014 and is now transitioning to Splunk Cloud.
“For the first few years, it was really, ‘Let’s use this as a log management sort of product,’” Barnes said. “It grew from there to bringing in IT operations. And within probably the first two or three years, we realized the value as a data platform, so we repositioned it to be leveraged across the university. We’re still on that journey, but we were moving in that direction before a lot of other organizations.”
Here are the steps the University of Illinois has taken on its (still in-progress) data analytics journey.
Splunk Expands Cybersecurity Capabilities of IT Staff
Before adopting Splunk, the University of Illinois relied on a security information event management tool to keep an eye on security threats. However, Barnes noted, the tool was created for a corporate environment.
“That covers about 1/20th of our environment,” he added. “We weren’t getting a lot of value out of it.”
Like many higher education institutions, the University of Illinois struggles to recruit and retain talented cybersecurity professionals, said Barnes. By simplifying and speeding up cybersecurity management tasks, Splunk helps the university to get the most out of the staff it has.
“Pre-Splunk, we would run a search and it might take three days before we returned a result,” Barnes said. “Now, we’re at 30 seconds. We started doing password compromise detections in seconds and minutes, as opposed to an hour. If you look at some of our charts, you’ll see: Here’s the trend of attacks, and then you see this huge spike. What happened on that day? Was there some sort of huge attack? No, we turned Splunk on, and we were able to figure out where the attacks were.”
Data-Driven Insights Improve Troubleshooting for IT Operations
Next, the university’s IT teams found ways to use Splunk to improve their own operations. One prominent early example was the help desk, where the bulk of requests are from users having trouble with network or application logins.
“We were able to take our logs and say, ‘It’s this device, here’s the name of it, here’s the last time you logged in,’” said Nick Vance, manager of data and technology innovation. “It took us from a problem where a person might have to spend 20 minutes on the phone to us being able to say, ‘Okay, it’s your laptop; it’s trying to get on the network, and it’s not working. You should go and shut that one off.’”
The introduction of analytics also dramatically improved troubleshooting for the university’s unified collaboration environment, Barnes said. Previous tools “lacked in the ability to bring back results in a timely manner and coordinate across maybe 60 servers,” he said. “Splunking that data allowed them to not only recreate these searches, but to spend minutes doing the search lookup instead of half an hour or an hour.”
University of Illinois Athletes Use Data to Refine Training
It might seem like a hard left turn to move from IT-centered use cases to applications on the playing field. But after seeing the way that sophisticated analytics tools improved cybersecurity and IT operations, IT leaders began searching for other areas of the university that also could benefit. That led them to the athletics department, which paired them with the women’s soccer team.
The players wear biometric sensors during practices, and they fill out regular surveys to gauge their fatigue levels. By running all that data through Splunk, the IT team was able to give coaches greater insight into the impact of certain types of practices.
Athletics officials even contacted the IT department when an athlete came down with a bad strain of the flu, asking them to use Splunk to determine which other athletes had shared a public computer with the individual.
The University of Illinois continues to seek out new ways to use Splunk to improve outcomes for students, faculty and staff. For instance, IT staffers are exploring how to use analytics to assist researchers and to improve student success outcomes.
“There are other schools out there using Splunk for security and IT and student success,” Barnes said. “But I think we’ve probably taken the largest step back and said, ‘How can we open this up?’ I think we are pushing the boundary of what Splunk does from a higher education perspective.”