ACF Image Customer Stories

Global Satellite Communication Company Accelerates SIEM Migration

“If at any point we choose to go with another SIEM tool, I can essentially keep Chronosphere Telemetry Pipeline in place and point it to the new platform. I won’t have to do a bunch of re-work.”

– This leading global satellite communications company supports customers all over the world. Information security is critical to the company given the nature of its business.

Global Satellite Case Study Cover

Challenges of the old SIEM platform

Prior to adopting Chronosphere Telemetry Pipeline, the satellite communications company leveraged an on-premises Security Information and Event Management (SIEM) platform. Yet, keeping the platform running required significant effort and maintenance. Additionally, it lacked useful security context and alerting. 

As the company’s CISO explains, “The old SIEM platform was incredibly noisy and took a lot of administrative tuning to get anything useful out of it.”

Uncovering the need for a telemetry pipeline

Due to the old platform’s shortcomings, the organization began evaluating new SIEM tools. However, after beginning a proof-of-concept with a new vendor, the team discovered they needed a better way to collect, pre-process, and route log data to their SIEM tool. 

The team needed to capture data from physical infrastructure, but the cloud-based tools they evaluated did not support on-premises data collection. “We have an incredibly complicated infrastructure and we needed a solution in place to facilitate SIEM migration,” notes the CISO.

The team assessed several log shippers and pipelines. When they came across Chronosphere Telemetry Pipeline, they were drawn to its ease-of-use. “I don’t have the time, resources, or expertise to do CLI-based log collection and routing. Chronosphere Telemetry Pipeline provides a visual interface that makes log data easier to manage,” remarks the CISO.

Soon after testing Telemetry Pipeline, the company began using the product to support its SIEM migration. Within one month, the company fully implemented Telemetry Pipeline, feeding 500GB of logs each day into their SIEM platform, coming from 12 unique data sources. “We don’t really have to touch it anymore. It just works,” notes the CISO.

Key Benefits of Using Chronosphere Telemetry Pipeline 

Since implementing Chronosphere Telemetry Pipeline, the satellite communications company has seen several benefits. “Three things stand out about Chronosphere Telemetry Pipeline.” The CISO continues, “First, the potential to ingest any kind of log from any kind of system. Second, the ability to transform that log on the fly. Third, the ability to send that data anywhere.”

Onboarding new data sources within minutes

The satellite communications company collects data from many different types of infrastructure, including network devices, endpoint devices, security software, and more. Moreover, the company is often adding new infrastructure resources. As such, it’s critical for the team to be able to add new data sources with ease. “With Chronosphere Telemetry Pipeline, we can onboard new data sources within minutes,” the CISO exclaims.

Transforming logs at scale

Given all their different data sources, the team needs an easy way to manipulate data before it’s routed to their SIEM tooling. 

For example, many of the company’s network devices are configured to send logs with a particular time zone stamp. However, the rest of the logs are sent with a different time zone. Additionally, many datasets are in an unstructured format, making it difficult to analyze. 

With dozens of out-of-the-box processors, Telemetry Pipeline provides an easy way for the organization to standardize and parse logs, so all datasets are in the optimal format for analysis. 

Providing flexibility to grow and evolve as needed

After outgrowing one SIEM platform, the team wants to ensure that they can more easily migrate in the future. Telemetry Pipeline helps the company avoid vendor lock-in by providing a central way to manage log collection, pre-processing, and routing. 

“If at any point we choose to go with another SIEM tool, I can essentially keep Chronosphere Telemetry Pipeline in place and point it to the new platform,” notes the CISO. “I won’t have to do a bunch of re-work.”

Working with Chronosphere

Outside of the technological advantages of using Telemetry Pipeline, the satellite communications company has also benefited from a strong partnership. Specifically, the team has valued Chronosphere support, which has been there at every step of their migration. The Chronosphere support team quickly resolved any issues for the customer, ensuring that their migration journey was both successful and ahead of schedule.

“The support has just been phenomenal,” the CISO explains. “I’ve always said that I’m willing to pay 50% above list price on software if I also get support that actually solves my problems. With other vendors, my team has to spend several cycles explaining the problem and not getting a resolution.” He continues, “With Chronosphere, I get fast, actionable support every time we engage them – without paying that extra premium.”

Explore How Chronosphere Telemetry Pipeline Can Speed Up Your Migration

Share This: