Not only did Falcon LogScale win the proof of concept (POC), it stood in stark contrast to SpareBank 1’s previous log management platform. Falcon LogScale offered a 10x compression rate - 5x higher than the previous solution - and a more affordable licensing structure, resulting in big savings. “Switching to Falcon LogScale saves us $2-3 million every three years in infrastructure costs and $1-2 million a year in licensing costs,” said Stian Bratlie, systems engineer at SpareBank 1. They made the right move: SpareBank 1 swapped their legacy log management platform for a modern alternative, getting higher performance at a much lower cost. Suddenly, the bank could log everything, providing countless benefits to the business.

Many security systems such as firewalls and packet inspection tools generate metadata for logs produced elsewhere. Before implementing Falcon LogScale, SpareBank 1 didn’t ingest all this data. Now, SpareBank 1 can capture, correlate and search all relevant security data, providing a wealth of context for threat hunts and investigations. “The main value we get from Falcon LogScale is we can log anything we want,” said Bratlie. “We now ingest a crazy amount of logs without any performance bottlenecks.” Another notable feature of Falcon LogScale, according to Bratlie, is its fast and flexible search engine. As he explained it, you don’t always know what data you’ll need during an investigation, and the ability of Falcon LogScale to search enormous volumes of data with sub-second latency can make a big impact. For example, SpareBank 1’s anti-fraud team uses Falcon LogScale to quickly search logs for fraudulent activity, helping the team act faster. Likewise, developers can search across vast amounts of application data to pinpoint the root cause of an outage or see how many people us a specific feature. Developers used to query their data warehouse for this information; now they get if from Falcon LogScale in as little as 10 minutes. “Falcon LogScale allows us to see what’s happening in our systems faster than before,” said Bratlie. “At any given point, we have around 2,500 searches happening, the most complete in seconds.” SpareBanke 1’s user support team also relies on Falcon LogScale to help customers navigate technical issues. By having an easy way to search web logs, the team can see exactly what the user was doing and use this information to quickly resolve customer issues.

All told, over 1,000 SpareBank 1 employees use Falcon LogScale, demonstrating how modern log management can deliver tremendous value across an organization. “Due to how much we save on hardware and license fees, Falcon LogScale has allowed us to future-proof our business,” concluded Bratlie. “We now ingest 10x the logs and still stay on budget. We’re very happy with it.”