Splunk - What is Operational Intelligence? Real-World Examples

Splunk - What is Operational Intelligence? Real-World Examples

Having run through the four levels of Operational Intelligence (level 1, level 2, level 3, level 4) I thought it made sense to end this blog series with some customer examples. I’ve tried to pick an example from each industry and try to cover IT Operations, Security and Customer Experience. I’ve also included a link to a case study or press release where possible.

Financial Services

UniCredit uses Splunk Enterprise for real-time insights into multiple terabytes of operational data and to monitor key business metrics. Proactive incident management has resulted in about 40% of incidents managed before becoming evident to end users, while problem solving and troubleshooting time has been reduced by 70%. UniCredit has improved the experience it offers customers by reducing services downtime. In addition, UniCredit business analysts are using Splunk software to create weekly reports for top management that provide real-time insights into key business metrics such as served clients by bank branches as well as via internet banking and mobile banking channels, and number of new opened bank accounts.

Splunk at UniCredit


Telenor, Norway’s largest telecom services provider, is using Splunk Enterprise for troubleshooting, monitoring and security investigations. The network operations team runs dashboards visualizing network health and monitors for error events and unfamiliar patterns. The security team uses Splunk software for correlation and analysis of security alarms. They can look for, and be proactively alerted on, abnormal remote access patterns and investigate attacks on Internet-exposed services. Finally, operational intelligence also underpins the Telenor Computer Emergency Response Team (CERT), which is a cross-departmental incident response team. This virtual team uses Splunk for incident investigation, pinpointing the origin of large issues and performing rapid manual analysis of failing components to limit business impact.

Splunk at Telenor


For John Lewis, uptime is mission critical because of the direct impact to sales. Downtime or latency immediately becomes high priority, as any delay in resolution can negatively impact customer experience and revenue, especially on the website. John Lewis is using Splunk Enterprise to gain improved operational intelligence and support rapid growth for its billion pound website, johnlewis.com. John Lewis can now quickly identify and resolve potentially costly issues and ensure that its website is delivering the best possible customer experience. By using Splunk software to analyse and dashboard a number of website metrics, John Lewis is also able to make key business decisions in real time during critical periods, such as the summer and Christmas clearance events.

Splunk at John Lewis


iRhythm is driving innovation in connected healthcare with its Zio Patch for cardiac monitoring. By loading audit and transaction logs from applications that interact with each device and its recorded data into Splunk Enterprise, iRhythm is able to track every stage of the service lifecycle – from device manufacturing, through shipment, registration, and post-use return to iRhythm, where the device data is extracted, analysed and reported on through its operations centre. iRhythm monitors each Zio(r) Patch’s diagnostic output with Splunk software, making sure the devices ran as expected and reporting any performance issues. In addition, loading product diagnostic information into Splunk software allows iRhythm to analyse and better understand patients’ use of the devices.

Splunk at iRhythm

Public Sector

The Health and Social Care Information Centre (HSCIC) is using Splunk Enterprise to support the Spine – a collection of national applications that connects clinicians, patients and local service providers throughout England to essential national healthcare services. This includes the Electronic Prescription and Summary Care Record services, as well as Choose and Book, which enable patients to book a hospital or clinic appointment online. Splunk Enterprise is used by the Spine team to monitor performance, investigate issues and provide reporting to ensure the services are running smoothly. More than a dozen national IT systems and services were migrated to the new Spine in the space of a weekend, following months of rigorous planning, testing and development. The team relied on Splunk software to identify issues during the switch. Real-time insights enable faster issue resolution and ultimately better care for NHS patients.

Splunk at HSCIC

Travel & Transportation

Gatwick Airport is the last customer I wanted to mention who are using Splunk for cloud based, predictive airport analytics from machine data. Gatwick have 925 flights a day at peak times and passenger experience is key. Gatwick are monitoring travel disruption, passenger flow, social media, airport gate data, boarding card scans and X-ray data to ensure the business is performing. They use Operational Intelligence to reduce queueing times, improve on-time efficiency of aircraft and deliver real-time airfield dashboards. Gatwick saw the benefit from Operational intelligence within in a couple of weeks during a proof of concept. During those couple of weeks they started to explore their data and realised what was possible. They had their first live dashboard built in a month and they are now using predictive analytics to stop minor incident becoming major problems. Gatwick now talk about historic, real-time and predictive analytics in terms of three main questions – “how did we do”, “how are we doing”, “how will we do”.

Splunk at Gatwick Airport


Amaya Gaming sends the machine data produced by all of its own applications into Splunk Enterprise. Amaya executives use real-time dashboards to monitor revenue streams and Operational Intelligence is also used across the service operations, customer support and DevOps teams at Amaya. Service operations look at machine data primarily for troubleshooting, with real-time dashboards flagging incidents as they occur and for trend analysis. If a certain alert is triggered, the team uses Splunk software to investigate the incident and determines whether it can be resolved or must be escalated. In addition, the development team has been able to gain a much better insight into how new releases are performing in the production environment, reducing the impact of any bugs and allowing a more proactive approach to how new products and services are being used. This has resulted in a much improved customer experience across Amaya’s online properties.

Splunk at Amaya Gaming

If you want to read some more customer stories then there are a lot more on our customer success stories page.

Blog Splunk



Escriba su consulta y un asesor se comunicará con usted. Todos los campos son requeridos.