Internet2

close
Use Internet2 SiteID

Already have an Internet2 SiteID?
Sign in here.

Internet2 SiteID

Your organization not listed? Create a local account to use Internet2 services.

Create SiteID

Blogs

13 Emerging Splunk Analytics Applications for Higher Education

Oct 16, 2014, by Andrew Keating
Tags: Internet2 NET+, Security, Splunk

The higher education community’s creativity and meaningful application of advanced technology were on full display last week at the 5th Annual Splunk User Conference in Las Vegas. Universities led five different sessions—each demonstrating diverse and distinct aspects of the Splunk Enterprise data analytics value proposition to universities today:

  • Evaluate Security Risk: Provide insights, ranking and scoring for security risks within departments/functions—providing centralized management and proactive mitigation
  • Online Course Registration: Give insight into the most popular classes, course schedules, and automated course registration scripts
  • Campus Safety: Transform campus cyber-bullying investigations—solving one recent case within an hour—as opposed to several days analyzing data manually
  • VPN Abuse: Quickly identify VPN usage from overseas locations and for durations longer than usual 
  • Identifying Direct Deposit Fraud: Discover malware targeting bank account direct deposit information 
  • Copyright Infringement: Identify users on the campus network downloading/sharing potentially copyright-infringing content
  • Locating a Student: Confirm a student’s presence—after initially being reported missing
  • View Active Wireless Connections: Build visualizations of active campus wireless connections being used to help plan for coverage in heavily trafficked areas and providing insights into patterns of student presence on areas of campus
  • Track Active Directory Changes/Access: Trigger alerts when someone is added to a group or given root access and who granted the access
  • Student Activity on Electronic Assessments: Set up alerts for various events including posting homework to multiple accounts from a single IP address—possibly indicating academic dishonesty
  • User Account Information Posted Online: Scan social media to identify students who posted their login credentials publicly
  • Financial Aid Fraud: Identify cases of suspected financial aid fraud when individuals file for financial aid, register for classes, collect a check, but never show for class
  • Stolen Assets: Set off alerts when assets marked as stolen appear online—enabling deeper investigation

Perhaps the most exciting aspect of the conversations at the Splunk Conference this year was the general consensus that we’ve only scratched the surface of how data and analytics on machine data will transform every aspect of university operations, teaching and learning, and research inquiry. Some additional possibilities we may hear about in the next year include using Splunk Enterprise to analyze:

  • Building environmental sensor data to improve comfort, safety, and productivity;
  • Learning management system logs to enhance pedagogy and student retention; 
  • Machine data in vast sensor arrays to enhance research outcomes and enable faculty and students to complete research projects more quickly following the data collection phase;
  • Mobile sensor data to improve patient care and health care research in our academic medical centers

The Internet2 community quickly moved Splunk to General Availability status in the NET+ portfolio based on these use cases and the fact that over 40 universities have already subscribed to NET+ Splunk. As the number of participating member institutions increases, subscribers may be able to capitalize on the service’s “waterfall thresholds.” These thresholds represent further discounts for the community at-large – enabling each individual university to benefit from aggregate utilization across the research and education community as a whole.

The universities attending the Splunk User Conference agreed that expanding the licensed capacity of Splunk Enterprise in higher education enables additional experimentation. To take full advantage of the collaborative nature of universities, the Internet2 community and Splunk will be working closely together over the next few months to build a repository of detailed information on these and other compelling use cases, and additional ways that the community can collaborate and share information about what they are doing on their campuses.