Success Stories - Splunk Custom App Rebuild

Customer Success Story: Splunk Rebuild for a Built for Purpose Application

The Customer

Our customer is a large New Zealand Government agency who processes large volumes of payments daily. GKC built a Payment Fraud Platform Splunk Solution for our client in 2016 and we have since supported it successfully.

Our client approached us in October 2021 as they needed to move off an on-prem Integrated Data Platform (IDP) to a Coud Data Platform (CDP). This was a fairly significant undertaking and redesign of the current Splunk platform, and the platform required some significant design improvements, so it was agreed that it would be more future-proofed if GKC completely rebuilt the Built for Purpose App. This work was dependant on a third party building the servers, so although we were engaged in October 2021, we didn’t begin the rebuild until January 2022, completing the work in May 2022.

The Challenge

Our customer receives/makes a large volume of financial data on a daily basis and were having difficulty identifying all erroneous or potentially fraudulent transactions. GKC built a built for purpose app in 2016 that scanned alerts and managed each rule-based threat automatically.

GKC was approached for this specific project when our client decided to move their finance system off an IDP, to a CDP to align with their Cloud First Strategy and help future-proof the built for purpose app.

GKC looked at two options, one was a migration, and the other was a rebuild. It was decided to proceed with the rebuild as there were several underlying design constraints and the design had not been reviewed for several years due to budget constraints.

The Solution

GKC’s consultants held several workshops with the client and walked them through each step in the rebuild process. The final design was presented and agreed to in one of these workshops.

The solution is built on top of Splunk and leverages views (initially from IDP, now) from CDP as its primary data source. A number of files (payment schedules sent to the bank, staff leavers report, Payment Card transaction lists, etc) round out the dataset used by built for purpose app. One file is manually converted by GKC and loaded into the app, and the rest are transferred by secure file transfer. The data feeds that the app relied on were migrated from IDP to CDP and the build catered for this new data feed.

GKC delivered the agreed rebuild design to the client.

The Outcome

Splunk was already being used and the customer was happy with the application. GKC provided a design that was fit for purpose and continued to provide support and managed services. Our rebuild design supported the client’s integration to Cloud First Strategy, which was essential.

The newly built design solution also provided ease of use and compatibility with the latest version of Splunk.