TechValidate Research on Splunk

Splunk Case Study

An Educational Institution Sees Improvements After Implementing Splunk On-Call


This case study of a educational institution is based on an April 2022 survey of Splunk customers by TechValidate, a 3rd-party research service. The profiled organization asked to have their name blinded to protect their confidentiality.

“We’ve seen recent improvements to data ingest with assistance from Splunk and the reseller that improved our visibility. This includes the suggestion to use Splunk On-Call.” CISO at an Educational Institution


The educational institution surveyed started using Splunk On-Call to address challenges with:

  • Preventing / avoiding unplanned downtime
  • Improving Alert Noise
  • Routing alerts / incidents to the appropriate personnel in a timely manner
  • Automating scheduling, escalations and notifications

Use Case

A Splunk reseller recommended the security team at the educational institution implement Splunk On-Call, alongside Splunk Cloud. Splunk On-Call has been up for nearly 6 months and the team is already seeing improvements.

The institution’s security team is using Splunk On-Call specifically for rapid incident response and to simplify on-call scheduling.


The key value drivers and benefits they are measuring with Splunk On-Call include:

  • Mean Time to Acknowledge (MTTA)
  • IT Costs Improvement / Savings

When asked how valuable the following Splunk On-Call features been to the organization, the CISO responded that each of these were very valuable:

  • Scheduling
  • Alert Routing and Annotations
  • Integrations
  • Noise Suppression
  • Stakeholder Updates
  • Incident Dashboard
  • Alert Rules Engine
  • Escalation Policies
  • Reports

Following are the percent ranges for each measured value category that Splunk On-Call provides for their organization currently:

  • Alert Noise Reduction Improvement: 21-39%
  • Mean Time to Acknowledge (MTTA) Improvement: 60-79%
  • Mean Time to Repair (MTTR) Improvement: 21-39%
  • Root Cause Analysis (RCA) Improvement: 21-39%
  • Recurring Incidents Improvement: 21-39%
  • IT Cost Reduction Improvement: 21-39%

About This Data

This data was sourced directly from verified users of Splunk by TechValidate.

TechValidate verifies the identity and organizational affiliation of all participants that contribute to published research data. When research participants so desire, we also guarantee their anonymity so that they may share information honestly and freely.

More Research on Splunk