Let's chat
X
Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.

Splunk: Case Study

Large Electrical Utility Company based in Albuquerque NM
Transforming Utility IT Operations with Splunk Enterprise, ITSI, and ES

Get Started Today

Overview

Our client is a regulated energy holding company providing electricity to more than 800,000 homes and businesses in New Mexico and Texas through its subsidiaries, Public Service Company of New Mexico and Texas-New Mexico Power Company.

As a critical infrastructure provider, the company operates under strict compliance standards and requires highly reliable IT operations, real-time visibility, and robust security monitoring.

About Mobile Bg

1. Understand – Identifying the Business Need

The company faced increasing complexity in its IT environment due to modernization initiatives, regulatory requirements, and heightened cybersecurity threats. Key challenges included:

  • Siloed monitoring tools across infrastructure, applications, and security.
  • Limited visibility into service health impacting proactive response.
  • Inadequate event correlation and alerting, leading to alert fatigue.
  • Compliance obligations (e.g., NERC CIP) with demanding audit needs.

The organization sought an integrated observability and security platform to unify monitoring, accelerate incident detection, and improve operational resilience.

About Mobile Bg

2. Discovery – Assessing the Environment

A thorough discovery phase was conducted with cross-functional teams from infrastructure, application support, cybersecurity, and compliance. Key activities included:

  • Workshops to map critical business services and IT dependencies.
  • Infrastructure and application inventory reviews.
  • Security event and log flow assessments.
  • Review of current monitoring and alerting inefficiencies.
  • Compliance reporting and forensic investigation gaps.

This phase uncovered underutilized data sources, inconsistent log retention policies, and missed opportunities for automation.

About Mobile Bg

3. Solution – Designing the Right Stack

Based on the discovery, the following Splunk stack was architected:

  • Splunk Enterprise for centralized data ingestion, search, and analytics across IT and security.
  • Splunk IT Service Intelligence (ITSI) for service-level visibility, event correlation, and proactive incident management.
  • Splunk Enterprise Security (ES) for real-time threat detection, compliance dashboards, and accelerated investigations.

Key solution design elements included:

  • A data onboarding framework tailored to utility-specific sources.
  • Adaptive thresholding and predictive analytics for outage prevention.
  • Custom correlation searches aligned with NERC CIP standards.
  • Integration with ticketing systems (e.g., ServiceNow) for automated response.
About Mobile Bg

4. Implementation – Deploying the Platform

Implementation was executed in structured phases:

  • Phase 1: Splunk Enterprise deployment with ingestion pipelines for critical log sources, establishing data normalization and retention policies.
  • Phase 2: ITSI deployment focused on tier-1 services (e.g., billing systems, grid monitoring platforms), building KPIs and service trees.
  • Phase 3: ES implementation with threat intelligence integrations, UBA, and compliance reporting dashboards.
  • Phase 4: Custom content development and SOC analyst enablement.

Operational runbooks and dashboards were co-developed with the company’s teams to ensure long-term sustainability.

About Mobile Bg

5. Measure Impacts – Results and Value Delivered

The deployment yielded significant operational and security improvements:

  • Reduced MTTR through ITSI’s service-aware alerting and RCA views.
  • Reduction in alert fatigue by consolidating noisy events into high-value episodes.
  • Improved NERC CIP audit readiness with automated compliance dashboards and alerting.
  • Faster threat detection and response leveraging ES’s correlation searches and risk-based alerting.
  • Enhanced collaboration across IT and security with a unified observability and analytics platform.

Ongoing Splunk support ensures continued optimization, custom development, and platform health.

Conclusion

Through the strategic implementation of Splunk Enterprise, ITSI, and ES—supported by expert continuous support—the Large Electrical Utility Company based in Albuquerque NM significantly enhanced its IT visibility, operational efficiency, and cybersecurity posture. This partnership has positioned the company to meet future infrastructure demands while remaining agile, secure, and compliant in a highly regulated industry.

Work With a Team Who’s In It With You

Behind every solution is a team committed to your success. Let’s talk about what that looks like for you.

Thank you! Your submission has been received!
Oops! Something went wrong while submitting the form.
Networking
Cybersecurity
Splunk
Max Matter Systems:
Albuquerque, New Mexico
info@loialinc.com

Loial Inc., based in Albuquerque, New Mexico, specializes in cybersecurity and networking solutions, delivering expert services like web application penetration testing, cloud security reviews, and network fortification. Protect your business from cyber threats with our tailored, industry-leading strategies. Contact us today to secure your digital future.

© 2025 Loial Inc