Case Study: Telenor achieves faster incident investigation and improved security with Splunk Enterprise

Telenor Gains Greater Insight for Incident Investigation, Troubleshooting and Improved Security

Telenor Norway, the country’s largest telecom provider, needed better operational visibility across thousands of servers, routers and distributed datacenters to streamline incident investigation, improve inter-departmental collaboration, and address security and privacy risks posed by manual log review. With millions of customers and daily volumes of log data, existing processes couldn’t scale and critical issues were slipping through unnoticed.

By deploying Splunk Enterprise, Telenor created centralized, role-based dashboards, scheduled searches and proactive alerts that power its network operations and cross-department CERT teams. The platform enabled rapid troubleshooting, real-time detection of abnormal access (for example, identifying and shutting down WebMail accounts used to send fraudulent SMS), stronger security posture, and higher service availability—often resolving issues before customers were affected.

Telenor