Replacing grep at a New Generation Telco

Aigar Käis, Head of ICT Risks & Security at Telia Estonia

Telia Estonia is one of the largest telcos in the region, and the data we need to work with is a galaxy of its own. SpectX has replaced many science-fiction-level grep struggles, helping us to dig in Hadoop, investigate incidents and meet compliance obligations.

As a telco, we have a colossal amount of systems producing different log outputs. For example, among new cutting edge networks, we also need to support systems that rely on the 2G network built 20 years ago. The log output there is quite confusing, and SpectX significantly helps us to extract valuable data from these systems.

SpectX also makes it easier for us to meet the obligations stemming from GDPR and other data protection standards. For example, using the client ID to look up records across all logs or to investigate who within the organisation has looked what up. We use the SpectX API quite extensively for security use cases. SpectX also helps to ensure data privacy and implement control measures across high-security systems. We’re mapping different flows, sending the data to our custom dashboards, creating timelines, heat-maps and so on. It’s easy to look back several years if need be.

The main alternative for SpectX from our point of view is grep. We are now spending a lot less working hours on science-fiction level manual scripting. It’s now quite easy to extract information from logs and solve incidents. A finalised use case in SpectX is easy to repeat and share via the API. You could never share, let alone trace, some complex grep magic that easily.

SpectX is not only a tool for the IT-teams. I see increasing interest from the business side because SpectX makes it easy to shuffle custom logs into traditional data warehouses - the primary source for business analysts. We can now provide them with entirely new horizons based on log data. For example, we're about to look more into process mining. SpectX is an excellent first-step tool to parse and clean input data to continue with traditional solutions used in this domain. Simplifying service processes has the potential to save tens of thousands of working hours for us.

It took us 0-effort to get SpectX up and running, then a few extra steps to get it talking to Hadoop but no additional hacks or need to download custom libraries or write special Spark scripts or jobs. Using SpectX, we can quickly and robustly get the result from Hadoop and give these to an analyst who can then go into more details or configure another use case.

I would recommend SpectX to anyone to get feasible visibility into a hectic pile of logs. Life is easy when you’re dealing with Apache or other standard log formats that are easily ingested by open source tools. But if half your data is highly customised logs, e.g. json within json within json, you can keep wrestling with this forever.

About Telia Estonia
Telia Estonia is part of the international Telia Company Group - a New Generation Telco. Our approximately 20,000 talented colleagues serve millions of customers every day in one of the world’s most connected regions. With a strong connectivity base, we’re the hub in the digital ecosystem, empowering people, companies and societies to stay in touch with everything that matters 24/7/365 - on their terms. Headquartered in Stockholm, the heart of innovation and technology, we’re set to change the industry and bring the world even closer for our customers. Read more at www.teliacompany.com.

Back to case studies