Kutztown University of Pennsylvania is a public university in rural Eastern Pennsylvania 50 miles outside of Philadelphia with approximately 7,000 undergraduates and 1,000 postgraduate students. Their centralized IT Department of about 35 employees is responsible for the upkeep of the university’s networks and systems of enterprise desktop computers.
Like many universities across the country, increased competition and lower state funding has created personnel and resource challenges. Rick Miller, Director of Systems Administration at Kutztown explains the challenge:
We have to be very cautious and think forward about any purchases that we make. We don't go into purchases of a large magnitude without a lot of forethought about how we are going to fund these in the future.
Several years ago, they started monitoring and retaining log data as required by state auditors. They purchased a Security Information and Event Management (SIEM) tool and configured it to be compliant. Although the system was operational, they found that the hours it would require to keep it updated or make any changes was too prohibitive. As a department with limited resources, they didn’t have the time needed from engineers to keep the SIEM working efficiently, and they were seeing diminishing returns.
Our previous system required so much effort and handholding and management that it ended up not being very beneficial for us. We found it to be cumbersome enough that we just didn't have sufficient time to do it effectively.
When their SIEM came up for renewal, the administrators at Kutztown realized it was time to start looking for a new system because they were not getting enough value out of it. They were interested in expanding the use cases for the data they were collecting, but they would need someone who could spend a day each week working on it — because of their stretched-thin budgets, they had no time to spend configuring it or use it to its full potential. To have log management that worked for them, they needed a system that would collect all logs, comply with state recommendations for data retention, provide some security benefit, not break the bank, and most importantly, not create a workload on its own.
The team at Kutztown conducted an exhaustive search, evaluating more than 17 choices for log management including closed and open source tools, sometimes examining multiple options from individual vendors. While these tools would function fine in their pre-defined use cases, they did not provide the flexibility that Humio did to address novel use cases including security and operational purposes.
“The difference between our old SIEM and Humio is that all we ever sent before was the Windows logs. So now, we’re getting the Windows logs, Linux logs, DHCP logs, student information logs, and so forth. So we’re getting all that extra data getting sent into Humio that we never could before. With Humio, through a simple web interface, I can query months of data, not just a couple of hours.“
The IT department at Kutztown found Humio was the flexible, powerful tool they needed to meet their use cases and also stay under budget for the foreseeable future. Under their previous solution, adding logs was a process that would require hours of dedicated effort. With Humio they were able to add new sources of log data with ease and get a much more detailed view of their system.
“I’ve already solved problems with the data coming out of Humio, so we’ve already seen some benefit. And I’ve seen a reduction in the amount of maintenance that is needed to deal with Humio — it’s effectively zero, unless you want to generate some new data source, and that’s pretty easy and straightforward to do.”
Humio addressed Kutztown’s biggest problem directly — it removed the dedicated hours of configuration that comes with some SIEM and open-source log management software. With minimal effort, Humio was answering security questions about where attacks were coming from and detecting sources of activity that were weighing down the system.
Humio enabled the IT department at Kutztown to increase observability without having to dedicate staff to it. The previous solution monitored a lot of data but a lot of what it reported wasn’t useful in the end. Humio’s easy-to-use queries enable the IT staff to customize Humio to fit their needs with a fraction of the work. Configuration used to take numerous hours a week using the old solution. With Humio it takes less than an hour. And though time is the most precious resource for Kutztown workers, they find themselves spending more than just the required configuration time on it because it’s such a useful tool.
Before adopting Humio, they were getting reports from users of data integrity errors in a critical business system. It was very difficult to detect using their old solution, even though they knew they were happening.
With Humio, we’re able to start looking for these, and as soon as they happen, our development team is able to look at it and figure out why it is happening. Now we can head off problems before they become too big. To get that set up, it was probably an hour of my time. With our previous system, that would have taken me days.
Humio changed the way Kutztown interacts with their logs. Log management has gone from an underused, inaccessible, background part of their data to being a front-and-center primary source of information. Financially, Humio expanded the functionality of their log management without adding cost and reducing hours of labor from the equation.
Learn more about Humio in higher education
To further understand how Humio’s modern log management can reduce workloads in higher education and save money, request a free live demo.
Hear more stories of higher education users of Humio at our Higher Education Roundtable.
Explore use cases for Humio in higher education by reading Top 6 Log Management Use Case for Higher Education.
Hear more from Humio users in our Humio in Higher Education blog post.
Find more resources for higher education in Humio Industries.