Breaking down silos to enable log data collection on a central platform
Log management with archiving, analyzes and alerts as the basis for a SIEM
An IT infrastructure for 16 schools, 2 hospitals, 26 municipalities, 2 cities and an entire canton: ITSH (IT Schaffhausen) former KSD, is the IT enterprise of the canton and city of Schaffhausen. The different client profiles entail varying requirements. terreActive implemented a solution that everyone could use.
Challenge: Breaking down silos
terreActive was familiar with the situation in public administration through experience: Their IT organizations are typically set up in silos (e.g. one team for basic services, one for network, etc.). The teams often use different tools for monitoring. While every silo has a good setup, they do not have any insight into the tools of the other departments. As soon as the systems are networked, dependencies are created that cannot be monitored. KSDwas fully aware of this.
Goal: Central log management as the basis for monitoring to ensure secure operations
Hybrid solution with tacLOM and Splunk
The solution in detail
- High storage capacity - real-time logging - available during system failures
- Understanding raw data and simplifying troubleshooting
- Less maintenance work
- Outlook: Ready for the future