Case Study: Bell Canada achieves scalable security event logging and threat detection with Elastic

Security Events Logging at Bell Canada

Bell Canada, one of Canada’s largest telecommunications companies, needed a way to handle diverse and rapidly growing security logs across its nationwide SOC. Its existing ArcSight SIEM struggled with log normalization, scale, and false positives, and the team turned to Elastic to augment its security architecture with tools like the Elastic Stack for higher-volume log ingestion and analysis.

Elastic helped Bell Canada implement Beats, Logstash, Elasticsearch, and Kibana to ship, normalize, store, and visualize logs at scale, with hot-warm architecture and strong security controls. The result was faster, horizontally scalable log processing, better data retention and retrieval, easier RBAC and encryption management, and improved detection quality with fewer false positives, helping analysts focus on real threats.

Bell Canada

Sylvain Proulx

Senior Security Manager